Data Security News
The Hacker News
- New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectorsby [email protected] (The Hacker News)
Cybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming […]
- Top 10 Best Practices for Effective Data Protectionby [email protected] (The Hacker News)
Data is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data privacy […]
- Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacksby [email protected] (The Hacker News)
Researchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive […]
- Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacksby [email protected] (The Hacker News)
Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access […]
- [Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applicationsby [email protected] (The Hacker News)
Modern apps move fast—faster than most security teams can keep up. As businesses rush to build in the cloud, security often lags behind. Teams scan […]
- Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuitby [email protected] (The Hacker News)
Austrian privacy non-profit noyb (none of your business) has sent Meta's Irish headquarters a cease-and-desist letter, threatening the company with a […]
- Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Failsby [email protected] (The Hacker News)
Cryptocurrency exchange Coinbase has disclosed that unknown cyber actors broke into its systems and stole account data for a small subset of its […]
- Pen Testing for Compliance Only? It's Time to Change Your Approachby [email protected] (The Hacker News)
Imagine this: Your organization completed its annual penetration test in January, earning high marks for security compliance. In February, your […]
Graham Cluley Blog
- Smashing Security podcast #417: Hello, Pervert! – Sextortion scams and Discord disastersby Graham Cluley
Don't get duped, doxxed, or drained! In this episode of "Smashing Security" we dive into the creepy world of sextortion scams, and investigate how […]
- The AI Fix #50: AI brings dead man back for killer’s trial, and the judge loves itby Graham Cluley
In episode 50 of The AI Fix, AI brings a slain man back from the dead so he can appear at his killer's trial, Mark gets a mysterious phone call, […]
- Two years’ jail for down-on-his-luck man who sold ransomware onlineby Graham Cluley
A man has been jailed in Ireland for two years after pleading guilty to offences related to his illegal online business that sold ransomware and […]
- LockBit ransomware gang breached, secrets exposedby Graham Cluley
Oh dear, what a shame, never mind. Read more in my article on the Tripwire State of Security blog.
- Hackers hit deportation airline GlobalX, leak flight manifests, and leave an unsubtle message for “Donnie” Trumpby Graham Cluley
GlobalX Airlines, a charter airline being used by the US government for deportation flights, has been attacked by hacktivists who have made off with […]
- Smashing Security podcast #416: High street hacks, and Disney’s Wingdings woeby Graham Cluley
Brits face empty shelves and suspended meal deals as cybercriminals hit major high street retailers, and a terminated Disney employee gets revenge […]
- NCSC warns of IT helpdesk impersonation trick being used by ransomware gangs after UK retailers attackedby Graham Cluley
The UK's National Cyber Security Centre (NCSC) has warned the IT helpdesks of retailers to be on their guard against bogus support calls they might […]
- TeleMessage, the Signal clone used by US government officials, suffers hackby Graham Cluley
TeleMessage, an encrypted messaging app based upon Signal, has been temporarily suspended out of "an abundance of caution" after a hacker reportedly […]
Infosecurity Magazine
- US Officials Impersonated Via SMS and Voice Deepfakes
The FBI has warned about an ongoing smishing and vishing scheme using AI deepfakes to impersonate US officials
- UK Cyber Vacancies Growing 12% Per Year
An analysis by Robert Walters found there are around 17,000 cybersecurity vacancies in the UK currently, with organizations struggling to fill open […]
- Russian Espionage Operation Targets Organizations Linked to Ukraine War
In Operation RoundPress, the compromise vector is a spearphishing email leveraging an XSS vulnerability to inject malicious JavaScript code into the […]
- Healthcare Cyber-Attacks Intensify, Sector Now Prime Target
New data from Darktrace showed that cyber-attacks targeting healthcare organizations increased in intensity in 2024
- Coinbase Offers $20m Bounty to Take Down Cybercrime Ring Behind Hack
Coinbase is offering a $20m reward to help catch the threat actor behind a cyber-attack that could cost it between $180-$400m
- PowerShell-Based Loader Deploys Remcos RAT in New Fileless Attack
A stealthy fileless PowerShell attack using Remcos RAT bypassed antivirus by operating in memory
- SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers
The critical vulnerability is being exploited by BianLian, RansomwEXX and a Chinese nation-state actor known as Chaya_004
- Dior Confirms Data Breach Affecting Customer Information
Dior confirmed a data breach compromising customer personal information, discovered on May 7
Dark Reading News
- Coinbase Extorted, Offers $20M for Info on Its Hackersby Nate Nelson, Contributing Writer
Coinbase is going Liam Neeson on its attackers, potentially setting a new precedent for incident response in the wake of crypto- and […]
- Australian Human Rights Commission Leaks Docs in Data Breachby Kristina Beek, Associate Editor, Dark Reading
An internal error led to public disclosure of reams of sensitive data that could be co-opted for follow-on cyberattacks.
- Dynamic DNS Emerges as Go-to Cyberattack Facilitatorby Rob Wright
Scattered Spider and other phishers and hacking groups are using rentable subdomains from dynamic DNS providers to obfuscate their activity and […]
- Attacker Specialization Puts Threat Modeling on Defensiveby Robert Lemos, Contributing Writer
Specialization among threat groups poses challenges for defenders, who now must distinguish between different actors responsible for different facets […]
- How to Develop and Communicate Metrics for CSIRPsby Craig Porter
A well-documented cybersecurity incident response program (CSIRP) provides the transparency needed for informed decision-making, protecting the […]
- Turkish APT Exploits Chat App Zero-Day to Spy on Iraqi Kurdsby Nate Nelson, Contributing Writer
Even after their zero-day turned into an n-day, attackers known as Marbled Dust or Sea Turtle continued to spy on military targets that had failed to […]
- Big Steelmaker Halts Operations After Cyber Incidentby Kristina Beek, Associate Editor, Dark Reading
Nucor made it clear its investigation is still in the early stages and didn't specify the nature or scope of the breach, nor who the threat actor […]
- Valarian Unveils Data Management Platform Designed for Government Useby Arielle Waldman
The startup, which previously launched the Acra platform, aims to address data management issues by isolating and compartmentalizing access to reduce […]
