A significant spike in exploitation attempts targeting TVT NVMS9000 DVRs has been detected, peaking on April 3, 2025, with over 2,500 unique IPs scanning for vulnerable devices. [...]

Amazon Web Services (AWS) has added support for the ML-KEM post-quantum key encapsulation mechanism to AWS Key Management Service (KMS), AWS Certificate Manager (ACM), and AWS Secrets Manager, making TLS connections more secure. [...]

Despite arrests, eight-legged menace targeted more victims this year Despite several arrests last year, Scattered Spider's social engineering attacks are continuing into 2025 as the cybercrime collective targets high-profile organizations and adds another phishing kit to its arsenal along with a new version of Spectre RAT malware.... [...]

At a Congressional hearing earlier this week, Matt Blaze made the point that CALEA, the 1994 law that forces telecoms to make phone calls wiretappable, is outdated in today’s threat environment and should be rethought: In other words, while the legally-mandated CALEA capability requirements have changed little over …

How will 'gutting' civilian defense agency make American cybersecurity great again? Analysis Slashing staff at the US govt's Cybersecurity and Infrastructure Security Agency, aka CISA, and scrapping vital programs, isn’t exactly boosting national security, say infosec and national security officials watching America’s digital defenses unravel in real …

Reliability, honesty, accuracy. And then there's this lot Oracle has briefed some customers about a successful intrusion into its public cloud, as well as the theft of their data, after previously denying it had been compromised.... [...]

Amazon Web Services (AWS) is pleased to announce the successful renewal of the United Kingdom Cyber Essentials Plus certification. The Cyber Essentials Plus certificate is valid for one year until March 21, 2026. Cyber Essentials Plus is a UK Government-backed, industry-supported certification scheme intended to help organizations demonstrate organizational …

EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling the line between cybercrime and security research. [...]

But this mystery isn't over yet, Unit 42 opines That massive GitHub supply chain attack that spilled secrets from countless projects? It traces back to a stolen token from a SpotBugs workflow - exposed way back in November, months earlier than previously suspected.... [...]

Spain's police arrested six individuals behind a large-scale cryptocurrency investment scam that used AI tools to generate deepfake ads featuring popular public figures to lure people. [...]

Amazon Web Services (AWS) is excited to announce that the latest hybrid post-quantum key agreement standards for TLS have been deployed to three AWS services. Today, AWS Key Management Service (AWS KMS), AWS Certificate Manager (ACM), and AWS Secrets Manager endpoints now support Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) for hybrid …

The dark web leak site of the Everest ransomware gang has apparently been hacked over the weekend by an unknown attacker and is now offline. [...]

Crummy OPSEC leads to potentially decades in prison Noah Michael Urban, 20, of alleged Scattered Spider infamy, has pleaded guilty to various charges and potentially faces decades in prison.... [...]

Google has released patches for 62 vulnerabilities in Android's April 2025 security update, including two zero-days exploited in targeted attacks. [...]

Nine VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer to mine Ethereum and Monero. [...]

US food giant WK Kellogg Co is warning employees and vendors that company data was stolen during the 2024 Cleo data theft attacks. [...]

Microsoft has introduced a new Windows 11 24H2 safeguard hold for systems running security or enterprise software using SenseShield Technology's sprotect.sys driver. [...]

After 23 years, the privacy plumber has finally arrived to clean up this mess A 23-year-old side-channel attack for spying on people's web browsing histories will get shut down in the forthcoming Chrome 136, released last Thursday to the Chrome beta channel.... [...]

Last month's secret hearing comes to light Details of Apple's appeal against the UK's so-called "backdoor order" will now play out in public after the Home Office failed in its bid to keep them secret on national security grounds.... [...]

You have until April 27 at 11:59 p.m. PT to grab lifetime access to AdGuard's privacy and ad-blocking tools for just $15.97 (reg. $169)—remember to enter code FAMPLAN at checkout for this limited-time discount. [...]

In “ Secrets and Lies ” (2000), I wrote: It is poor civic hygiene to install technologies that could someday facilitate a police state. It’s something a bunch of us were saying at the time, in reference to the vast NSA’s surveillance capabilities. I have been thinking of that …

Native tools help, but they don’t cover everything - here’s what they miss and how to close the gaps Partner Content : AWS provides a number of security services, such as GuardDuty, Inspector, Config, and Security Hub, designed to protect your cloud environment.... [...]

PLUS: Qualcomm acquires Vietnamese AI outfit; China claims US hacked winter games; India's browser challenge winner disputed; and more Asia In Brief Asian nations and tech companies are trying to come to terms with the USA’s new universal import tariffs and additional “reciprocal tariffs”.... [...]

PLUS: Google re-patches Quick Share flaws; Critical Cisco flaw exploited; WordPress plugin trouble; and more Infosec in Brief How did journalist Jeffrey Goldberg’s phone number end up in a Signal group chat? According to The Guardian, US national security adviser Mike Waltz accidentally saved it into the contact …

An ongoing phishing campaign impersonating E-ZPass and other toll agencies has surged recently, with recipients receiving multiple iMessage and SMS texts to steal personal and credit card information. [...]

A newly discovered malicious PyPi package named 'disgrasya' that abuses legitimate WooCommerce stores for validating stolen credit cards has been downloaded over 34,000 times from the open-source package platform. [...]

Coinbase is fixing an incorrect account activity message that freaks out customers and makes them think their credentials were compromised. [...]

A vulnerability in the WinRAR file archiver solution could be exploited to bypass the Mark of the Web (MotW) security warning and execute arbitrary code on a Windows machine. [...]

The Brooklyn indie art-punk group, Two-Man Giant Squid, just released a new album. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. [...]

A technique that hostile nation-states and financially motivated ransomware groups are using to hide their operations poses a threat to critical infrastructure and national security, the National Security Agency has warned. The technique is known as fast flux. It allows decentralized networks operated by threat actors to hide their …

Intelligence chief booted after less than two years on the job President Trump yesterday fired the head of the NSA and US Cyber Command and his deputy.... [...]

​Port of Seattle, the U.S. government agency overseeing Seattle's seaport and airport, is notifying roughly 90,000 individuals of a data breach after their personal information was stolen in an August 2024 ransomware attack. [...]

A large-scale phishing campaign dubbed 'PoisonSeed' compromises corporate email marketing accounts to distribute emails containing crypto seed phrases used to drain cryptocurrency wallets. [...]

A Minnesota cybersecurity and computer forensics expert whose testimony has featured in thousands of courtroom trials over the past 30 years is facing questions about his credentials and an inquiry from the Federal Bureau of Investigation (FBI). Legal experts say the inquiry could be grounds to reopen a number …

Over the weekend, a massive wave of credential stuffing attacks hit multiple large Australian super funds, compromising thousands of members' accounts. [...]

A hacker breached the GitLab repositories of multinational car-rental company Europcar Mobility Group and stole source code for Android and iOS applications, as well as some personal information belonging to up to 200,000 users. [...]

The industry’s approach to keeping quality backups may be masking the importance of other recovery mainstays Maintaining good-quality backups is often seen as the spine of any organization's ability to recover from cyberattacks quickly. Naturally, given the emphasis placed on them by experts of all stripes, you'd be …

In case you need proof that anyone, even people who do cybersecurity for a living, Troy Hunt has a long, iterative story on his webpage about how he got phished. Worth reading. [...]

Law enforcement facing huge gap in 'AI adoption' The National Crime Agency (NCA) will "closely examine" the recommendations made by the Alan Turing Institute after it claimed the UK was ill-equipped to tackle AI-enabled crime.... [...]

We're not Putin up with this alleged industrial espionage, say the Dutch A Russian national appeared in a Netherlands court on Thursday accused of industrial espionage against ASML, the world’s leading manufacturer of chip factory equipment and a key supplier that helps the likes of TSMC pump out …

Australians checking their pensions are melting down call centers and websites Australian retirement fund operators are scrambling after reports emerged of unauthorized access to customer accounts leading to theft of cash.... [...]

Classification compliance? Records retention requirements? How quaint A US Department of Defense watchdog has opened an investigation into its own Secretary of Defense, Pete Hegseth, over his use of instant-messaging app Signal to discuss government business.... [...]

Shape shifting technique described as menace to national security The US govt's Cybersecurity Infrastructure Agency, aka CISA, on Thursday urged organizations, internet service providers, and security firms to strengthen defenses against so-called fast flux attacks.... [...]

Shape shifting technique described as menace to national security The US govt's Cybersecurity Infrastructure Agency, aka CISA, on Thursday urged organizations, internet service providers, and security firms to strengthen defenses against so-called fast flux attacks.... [...]

A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0. [...]

When Google announced Tuesday that end-to-end encrypted messages were coming to Gmail for business users, some people balked, noting it wasn’t true E2EE as the term is known in privacy and security circles. Others wondered precisely how it works under the hood. Here’s a description of what …

When Google announced Tuesday that end-to-end encrypted messages were coming to Gmail for business users, some people balked, noting it wasn’t true E2EE as the term is known in privacy and security circles. Others wondered precisely how it works under the hood. Here’s a description of what …

The Hunters International Ransomware-as-a-Service (RaaS) operation is shutting down and rebranding with plans to switch to date theft and extortion-only attacks. [...]

CISA, the FBI, the NSA, and international cybersecurity agencies are calling on organizations and DNS providers to mitigate the "Fast Flux" cybercrime evasion technique used by state-sponsored threat actors and ransomware gangs. [...]

Simple denial-of-service blunder turned out to be remote unauth code exec disaster Suspected Chinese government spies have been exploiting a newly disclosed critical bug in Ivanti VPN appliances since mid-March. This is now at least the third time in three years these snoops have been pwning these products.... [...]