Friday Squid Blogging: Squid Inks Philippines Fisherman
Good video. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. [...]
Securing Amazon Bedrock API keys: Best practices for implementation and management
Recently, AWS released Amazon Bedrock API keys to make calls to the Amazon Bedrock API. In this post, we provide practical security guidance on effectively implementing, monitoring, and managing this new option for accessing Amazon Bedrock to help you build a comprehensive strategy for securing these keys. We also …
New from Mandiant Academy: Protect your perimeter with practical network training
For too long, network data analysis has felt less like a science and more like deciphering cryptic clues. To help close that gap, we’re introducing a new Mandiant Academy course from Google Cloud, designed to replace frustration with clarity and confidence. Protecting the Perimeter: Practical Network Enrichment focuses …
Have I Been Pwned logs 17.6M victims in Prosper breach
P2P lending platform says it could not verify the claims at present Data breach tracker HaveIBeenPwned claims the victim count of peer-to-peer lender Prosper's September cyberattack stands at 17.6 million.... [...]
Labor unions sue Trump administration over social media surveillance
Sharing views POTUS doesn't like? Say goodbye to that visa, First Amendment be damned Updated Lawyers at the Electronic Frontier Foundation (EFF) are helping three US labor unions sue the Trump administration over a social media surveillance program that threatens to punish those who publicly express views that are …
Carmakers fear chip crunch as Dutch sanctions hit Nexperia
Beijing blocks exports after Netherlands imposes special measures on Chinese-owned chipmaker Major car, van, truck and bus manufacturers are warning that the Dutch government placing semiconductor biz Nexperia under special administrative measures could result in a shortage of automotive chips.... [...]
Email Bombs Exploit Lax Authentication in Zendesk
Cybercriminals are abusing a widespread lack of authentication in the customer service platform Zendesk to flood targeted email inboxes with menacing messages that come from hundreds of Zendesk corporate customers simultaneously. Zendesk is an automated help desk service designed to make it simple for people to contact companies for …
A Surprising Amount of Satellite Traffic Is Unencrypted
Here’s the summary : We pointed a commercial-off-the-shelf satellite dish at the sky and carried out the most comprehensive public study to date of geostationary satellite communication. A shockingly large amount of sensitive traffic is being broadcast unencrypted, including critical infrastructure, internal corporate and government communications, private citizens’ voice …
Nation-state hackers deliver malware from “bulletproof” blockchains
Hacking groups—at least one of which works on behalf of the North Korean government—have found a new and inexpensive way to distribute malware from “bulletproof” hosts: stashing them on public cryptocurrency blockchains. In a Thursday post, members of the Google Threat Intelligence Group said the technique provides …
Vulnerability scores, huh, what are they good for? Almost nothing
CVE and CVSS systems suffer from misaligned incentives and inconsistency Aram Hovespyan, co-founder and CEO of security biz Codific, says that the rating systems for identifying security vulnerabilities and assessing threat risk need to be overhauled.... [...]
Auction giant Sotheby’s says data breach exposed customer information
Major international auction house Sotheby's is notifying customers of a data breach incident on its systems where threat actors stole sensitive information, including financial details. [...]
Have I Been Pwned: Prosper data breach impacts 17.6 million accounts
Hackers stole the personal information of over 17.6 million people after breaching the systems of financial services company Prosper. [...]
Hackers exploit Cisco SNMP flaw to deploy rootkit on switches
Threat actors exploited a recently patched remote code execution vulnerability (CVE-2025-20352) in older, unprotected Cisco networking devices to deploy a Linux rootkit and gain persistent access. [...]
Microsoft disrupts ransomware attacks targeting Teams users
Microsoft has disrupted a wave of Rhysida ransomware attacks in early October by revoking over 200 certificates used to sign malicious Teams installers. [...]
Chinese cyberspies snoop on Russian IT biz in rare east-on-east attack
Who needs enemies when you have friends like Xi? China's cyberspies quietly broke into a Russian IT service provider in what researchers say is a rare example of Beijing turning its digital gaze on Moscow.... [...]
Gladinet fixes actively exploited zero-day in file-sharing software
Gladinet has released security updates for its CentreStack business solution to address a local file inclusion vulnerability (CVE-2025-11371) that threat actors have leveraged as a zero-day since late September. [...]
CISA: Maximum-severity Adobe flaw now exploited in attacks
CISA has warned that attackers are actively exploiting a maximum-severity vulnerability in Adobe Experience Manager to execute code on unpatched systems. [...]
Locked out of your Gmail account? Google says phone a friend
Recovery feature lets trusted contacts help you get back in when other methods fail The latest security feature for Gmail enables users to recover their accounts with a little help from their friends.... [...]
Unified Exposure Management Platforms: The Future of Preemptive Cyber Defense
Traditional MDR focuses on reacting to attacks already in motion — but modern threats demand prevention. Picus Security explains how Unified Exposure Management Platforms continuously identifies, validates, and fixes exploitable risks before adversaries strike. [...]
North Korean hackers use EtherHiding to hide malware on the blockchain
North Korean hackers were observed employing the 'EtherHiding' tactic to deliver malware, steal cryptocurrency, and perform espionage with stealth and resilience. [...]
Microsoft kills 9.9-rated ASP.NET Core bug – 'our highest ever' score
Flaw in Kestrel web server allowed request smuggling, impact depends on hosting setup and application code Microsoft has patched an ASP.NET Core vulnerability with a CVSS score of 9.9, which security program manager Barry Dorrans said was "our highest ever." The flaw is in the Kestrel web …
Microsoft adds Copilot voice activation on Windows 11 PCs
Microsoft says Windows 11 users can now start a conversation with the AI-powered Copilot digital assistant by saying the "Hey Copilot" wake word. [...]
Microsoft debuts Copilot Actions for agentic AI-driven Windows tasks
Microsoft announced today a new Windows 11 Copilot feature called Copilot Actions that enables AI agents to perform real tasks on local files and applications. [...]
Senator presses Cisco over firewall flaws that burned US agency
Bill Cassidy letter asks if Switchzilla sat on critical flaws before feds were forced into emergency patching US Senator Bill Cassidy has fired off a pointed letter to Cisco over the firewall flaws that allegedly let hackers breach "at least one federal agency."... [...]
Auction house Sotheby's finds its data on the block after cyberattack
Alert says financial account information lifted from systems Auction house Sotheby's says it was breached on July 24, and those behind the intrusion stole an unspecified amount of data, including Social Security numbers and financial account information.... [...]
Tech industry grad hiring crashes 46% as bots do junior work
GenAI meets Gen Z – only one gets the job ai-pocalypse The UK tech sector is cutting graduate jobs dramatically – down 46 percent in the past year, with another 53 percent drop projected, according to figures from the Institute of Student Employers (ISE).... [...]
Cryptocurrency ATMs
CNN has a great piece about how cryptocurrency ATMs are used to scam people out of their money. The fees are usurious, and they’re a common place for scammers to send victims to buy cryptocurrency for them. The companies behind the ATMs, at best, do not care about …
Machine learning meets malware: how AI-powered ransomware could destroy your business
How to avoid your business being felled by an AI-powered ransomware attack that costs less than a laptop. Passwork KNP Logistics Group, a British transport company from Northamptonshire that’s been around longer than the mass-produced lightbulb, collapsed after a devastating security breach that left more than 700 employees …
Protect your generative AI applications against encoding-based attacks with Amazon Bedrock Guardrails
Amazon Bedrock Guardrails provides configurable safeguards to help you safely build generative AI applications at scale. It offers integrated safety and privacy protections that work across multiple foundation models (FMs), including models available in Amazon Bedrock and models hosted outside Amazon Bedrock from other providers. Bedrock Guardrails currently offers …
Capita to pay £14 million for data breach impacting 6.6 million people
The Information Commissioner's Office (ICO) in the UK has fined Capita, a provider of data-driven business process services, £14 million ($18.7 million) for a data breach incident in 2023 that exposed the personal information of 6.6 million people. [...]
Thousands of customers imperiled after nation-state ransacks F5’s network
Thousands of networks—many of them operated by the US government and Fortune 500 companies—face an “imminent threat” of being breached by a nation-state hacking group following the breach of a major maker of software, the federal government warned Wednesday. F5, a Seattle-based maker of networking software, disclosed …
PowerSchool hacker gets sentenced to four years in prison
19-year-old college student Matthew D. Lane, from Worcester, Massachusetts, was sentenced to 4 years in prison for orchestrating a cyberattack on PowerSchool in December 2024 that resulted in a massive data breach. [...]
Simplified model access in Amazon Bedrock
Amazon Bedrock has simplified how you access foundation models, streamlining the integration of AI capabilities into your applications. Here’s what’s changed and how to maintain control over model access in your organization. What’s new: Simplified model access Amazon Bedrock now provides automatic access to the serverless …
Fake LastPass, Bitwarden breach alerts lead to PC hijacks
An ongoing phishing campaign is targeting LastPass and Bitwarden users with fake emails claiming that the companies were hacked, urging them to download a supposedly more secure desktop version of the password manager. [...]
F5 releases BIG-IP patches for stolen security vulnerabilities
Cybersecurity company F5 has released security updates to address BIG-IP vulnerabilities stolen in a breach detected on August 9, 2025. [...]
Google is named a Leader in the 2025 Gartner® Magic Quadrant™ for SIEM
The evolving security landscape demands more than just speed. It requires an intelligent, automated defense. Google Security Operations is an AI-powered platform built to deliver a modern agentic security operations center (SOC), where generative AI is woven into the fabric of your operations. We go beyond traditional SIEM and …
Devs are writing VS Code extensions that blab secrets by the bucketload
Vibe coding may have played a role in what took researchers months to fix Developers of VS Code extensions are leaking sensitive secrets left, right and center, according to researchers who worked with Microsoft to combat an issue that could have led to some nasty supply chain attacks.... [...]
Clothing giant MANGO discloses data breach exposing customer info
Spanish fashion retailer MANGO is sending notices of a data breach to its customers, warning that its marketing vendor suffered a compromise exposing personal data. [...]
How to spot dark web threats on your network using NDR
Dark web activity can hide in plain sight within everyday network traffic. Corelight's NDR platform brings deep visibility, AI-driven detection, and behavioral analytics to uncover hidden threats across your network. [...]
F5 says hackers stole undisclosed BIG-IP flaws, source code
U.S. cybersecurity company F5 disclosed that nation-state hackers breached its systems and stole undisclosed BIG-IP security vulnerabilities and source code. [...]
Apple’s Bug Bounty Program
Apple is now offering a $2M bounty for a zero-click exploit. According to the Apple website : Today we’re announcing the next major chapter for Apple Security Bounty, featuring the industry’s highest rewards, expanded research categories, and a flag system for researchers to objectively demonstrate vulnerabilities and obtain …
Capita fined £14M after 58-hour delay exposed 6.6M records
ICO makes example of outsourcing giant over sluggish cyber response The UK's Information Commissioner's Office (ICO) has issued a £14 million ($18.6 million) penalty to outsourcing giant Capita following a catastrophic 2023 cyberattack that exposed the personal data of 6.6 million people.... [...]
Capita fined £14m for data protection failings in 2023 cyber-attack
Hackers stole personal information of 6.6m people but outsourcing firm did not shut device targeted for 58 hours The outsourcing company Capita has been fined £14m for data protection failings after hackers stole the personal information of 6.6 million people, including staff details and those of its …
Cloud CISO Perspectives: Disrupt ransomware with AI in Google Drive
Welcome to the first Cloud CISO Perspectives for October 2025. Today, Kristina Behr, VP, Workspace Product Management, and Jorge Blanco, director, Office of the CISO, explain how a new AI-driven capability in Google Drive can help security and business leaders protect their data and minimize the impact of ransomware …
Patch Tuesday, October 2025 ‘End of 10’ Edition
Microsoft today released software updates to plug a whopping 172 security holes in its Windows operating systems, including at least two vulnerabilities that are already being actively exploited. October’s Patch Tuesday also marks the final month that Microsoft will ship security updates for Windows 10 systems. If you …
Malicious crypto-stealing VSCode extensions resurface on OpenVSX
A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and plant backdoors. [...]
Securing AI agents with Amazon Bedrock AgentCore Identity
By using Amazon Bedrock AgentCore, developers can build agentic workloads using a comprehensive set of enterprise-grade services that help quickly and securely deploy and operate AI agents at scale using any framework and model, hosted on Amazon Bedrock or elsewhere. AgentCore services are modular and composable, allowing them to …
New Android Pixnapping attack steals MFA codes pixel-by-pixel
A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels displayed by applications or websites, and reconstructing them to derive the content. [...]
Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws
Today is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day vulnerabilities. Get patching! [...]
US seizes $15 billion in crypto from 'pig butchering' kingpin
The U.S. Department of Justice has seized $15 billion in bitcoin from the leader of Prince Group, a criminal organization that stole billions of dollars from victims in the United States through cryptocurrency investment scams, also known as romance baiting or pig butchering. [...]
page 1 | older articles »