Data Security News
The Hacker News
- Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administratorby [email protected] (The Hacker News)
The U.K. National Crime Agency (NCA) has unmasked the administrator and developer of the LockBit ransomware operation, revealing it to be a […]
- APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Databy [email protected] (The Hacker News)
The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target networks and cloud […]
- China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusionby [email protected] (The Hacker News)
The MITRE Corporation has offered more details into the recently disclosed cyber attack, stating that the first evidence of the intrusion now dates […]
- New Case Study: The Malicious Commentby [email protected] (The Hacker News)
How safe is your comments section? Discover how a seemingly innocent 'thank you' comment on a product page concealed a malicious vulnerability, […]
- Google Simplifies 2-Factor Authentication Setup (It's More Important Than Ever)by [email protected] (The Hacker News)
Google on Monday announced that it's simplifying the process of enabling two-factor authentication (2FA) for users with personal and Workspace […]
- Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Launderingby [email protected] (The Hacker News)
A Russian operator of a now-dismantled BTC-e cryptocurrency exchange has pleaded guilty to money laundering charges from 2011 to 2017. Alexander […]
- Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Executionby [email protected] (The Hacker News)
More than 50% of the 90,310 hosts have been found exposing a Tinyproxy service on the internet that's vulnerable to a critical unpatched security […]
- China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devicesby [email protected] (The Hacker News)
The recently uncovered cyber espionage campaign targeting perimeter network devices from several vendors, including Cisco, may have been the work of […]
Graham Cluley Blog
- Smashing Security podcast #370: The closed loop conundrum, default passwords, and Baby Reindeerby Graham Cluley
The UK Government takes aim at IoT devices shipping with weak or default passwords, an identity thief spends two years in jail after being mistaken […]
- “Junk gun” ransomware: the cheap new threat to small businessesby Graham Cluley
A wave of cheap, crude, amateurish ransomware has been spotted on the dark web - and although it may not make as many headlines as LockBit, Rhysida, […]
- Hacker posts fake news story about Ukrainians trying to kill Slovak Presidentby Graham Cluley
Czech news agency ČTK announced on Tuesday that a hacker had managed to break into its systems and published fake news reports of a plot to murder […]
- Smashing Security podcast #369: Keeping the lights on after a ransomware attackby Graham Cluley
Leicester City Council suffers a crippling ransomware attack, and a massive data breach, but is it out of the dark yet? And as election fever hits […]
- City street lights “misbehave” after ransomware attackby Graham Cluley
The UK's Leicester City Council was thrown into chaos last month when a crippling cyber attack forced it to shut down its IT systems and phone lines. […]
- Change Healthcare data for sale on dark web as fallout from ransomware attack spirals out of controlby Graham Cluley
February's crippling ransomware attack against Change Healthcare, which saw prescription orders delayed across the United States, continues to have […]
- 3.5 million Omni Hotel guest details held to ransom by Daixin Teamby Graham Cluley
The international hotel chain Omni Hotels & Resorts has confirmed that a cyber attack last month saw it shut down its systems, with hackers […]
- Police smash LabHost international fraud network, 37 arrestedby Graham Cluley
Police have successfully infiltrated and disrupted the fraud platform "LabHost", used by more than 2,000 criminals to defraud victims worldwide. […]
Infosecurity Magazine
- #RSAC: Decoding US Government Plans to Shift the Software Security Burden
US government officials discussed plans on how to incentivize security by design principles in the software manufacturing process during RSA
- RSAC: Log4J Still Among Top Exploited Vulnerabilities, Cato Finds
A new report by Cato Networks found that exploiting old vulnerabilities in unpatched systems is one of threat actors’ favorite initial access […]
- Ransomware Strikes Wichita, Services Disrupted
Online payment systems, such as those for water bills and court citations, are still offline
- LockBit Leader aka LockBitSupp Identity Revealed
Russian national Dmitry Yuryevich Khoroshev is behind the LockBitSupp persona, law enforcement revealed
- RSAC: Three Battle-Tested Tips for Surviving a Cyber-Attack
CISOs share their experience of managing real-life cyber incidents provide their recommendations to survive cyber-attacks
- Report Shows AI Fraud, Deepfakes Are Top Challenges For Banks
Mitek surveyed 1500 financial services risk and innovation professionals in UK, US and Spain
- BTC-e $9bn Crypto-Money Launderer Pleads Guilty
Russian national Alexander Vinnik has pleaded guilty to his role in a multibillion-dollar money laundering conspiracy
- China Suspected After Major MoD Payroll Breach
Reports claim state-backed hackers accessed sensitive personal and financial information on UK military personnel
Dark Reading News
- Does CISA's KEV Catalog Speed Up Remediation?by Becky Bracken, Senior Editor, Dark Reading
Vulnerabilities added to the CISA known exploited vulnerability (KEV) list do indeed get patched faster, but not fast enough.
- What's the Future Path for CISOs?by Jeffrey Schwartz, Contributing Writer
A panel of former CISOs will lead the closing session of this week's RSA Conference to discuss challenges and opportunities.
- City of Wichita Public Services Disrupted After Ransomware Attackby Elizabeth Montalbano, Contributing Writer
The city was forced to shut down its IT networks and continues to investigate a major cyber incident that happened over the weekend.
- Feds: Reducing AI Risks Requires Visibility & Better Planningby Robert Lemos, Contributing Writer
While attackers have targeted AI systems, failures in AI design and implementation are far more likely to cause headaches, so companies need to […]
- Spies Among Us: Insider Threats in Open Source Environmentsby Chris Lindsey
Does the open source ecosystem needs stricter security around contributors?
- Blinken: Digital Solidarity Is 'North Star' for US Policyby Karen Spiegelman, Features Editor
The four goals of the US International Cyberspace and Digital Policy Strategy are to advance economic prosperity; enhance security and combat […]
- Citrix Addresses High-Severity Flaw in NetScaler ADC and Gatewayby Jai Vijayan, Contributing Writer
The flaw was nearly identical to last year's CitrixBleed flaw, though not as severe.
- Supply Chain Breaches Up 68% Year Over Year, According to DBIRby Nate Nelson, Contributing Writer
As Verizon Business redefines "supply chain breach," it could either help organizations address third-party risk holistically or just conflate and […]