PLUS: Google re-patches Quick Share flaws; Critical Cisco flaw exploited; WordPress plugin trouble; and more Infosec in Brief How did journalist Jeffrey Goldberg’s phone number end up in a Signal group chat? According to The Guardian, US national security adviser Mike Waltz accidentally saved it into the contact …
An ongoing phishing campaign impersonating E-ZPass and other toll agencies has surged recently, with recipients receiving multiple iMessage and SMS texts to steal personal and credit card information. [...]
A newly discovered malicious PyPi package named 'disgrasya' that abuses legitimate WooCommerce stores for validating stolen credit cards has been downloaded over 34,000 times from the open-source package platform. [...]
Coinbase is fixing an incorrect account activity message that freaks out customers and makes them think their credentials were compromised. [...]
A vulnerability in the WinRAR file archiver solution could be exploited to bypass the Mark of the Web (MotW) security warning and execute arbitrary code on a Windows machine. [...]
The Brooklyn indie art-punk group, Two-Man Giant Squid, just released a new album. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. [...]
A technique that hostile nation-states and financially motivated ransomware groups are using to hide their operations poses a threat to critical infrastructure and national security, the National Security Agency has warned. The technique is known as fast flux. It allows decentralized networks operated by threat actors to hide their …
Intelligence chief booted after less than two years on the job President Trump yesterday fired the head of the NSA and US Cyber Command and his deputy.... [...]
Port of Seattle, the U.S. government agency overseeing Seattle's seaport and airport, is notifying roughly 90,000 individuals of a data breach after their personal information was stolen in an August 2024 ransomware attack. [...]
A large-scale phishing campaign dubbed 'PoisonSeed' compromises corporate email marketing accounts to distribute emails containing crypto seed phrases used to drain cryptocurrency wallets. [...]
A Minnesota cybersecurity and computer forensics expert whose testimony has featured in thousands of courtroom trials over the past 30 years is facing questions about his credentials and an inquiry from the Federal Bureau of Investigation (FBI). Legal experts say the inquiry could be grounds to reopen a number …
Over the weekend, a massive wave of credential stuffing attacks hit multiple large Australian super funds, compromising thousands of members' accounts. [...]
A hacker breached the GitLab repositories of multinational car-rental company Europcar Mobility Group and stole source code for Android and iOS applications, as well as some personal information belonging to up to 200,000 users. [...]
The industry’s approach to keeping quality backups may be masking the importance of other recovery mainstays Maintaining good-quality backups is often seen as the spine of any organization's ability to recover from cyberattacks quickly. Naturally, given the emphasis placed on them by experts of all stripes, you'd be …
In case you need proof that anyone, even people who do cybersecurity for a living, Troy Hunt has a long, iterative story on his webpage about how he got phished. Worth reading. [...]
Law enforcement facing huge gap in 'AI adoption' The National Crime Agency (NCA) will "closely examine" the recommendations made by the Alan Turing Institute after it claimed the UK was ill-equipped to tackle AI-enabled crime.... [...]
We're not Putin up with this alleged industrial espionage, say the Dutch A Russian national appeared in a Netherlands court on Thursday accused of industrial espionage against ASML, the world’s leading manufacturer of chip factory equipment and a key supplier that helps the likes of TSMC pump out …
Australians checking their pensions are melting down call centers and websites Australian retirement fund operators are scrambling after reports emerged of unauthorized access to customer accounts leading to theft of cash.... [...]
Classification compliance? Records retention requirements? How quaint A US Department of Defense watchdog has opened an investigation into its own Secretary of Defense, Pete Hegseth, over his use of instant-messaging app Signal to discuss government business.... [...]
Shape shifting technique described as menace to national security The US govt's Cybersecurity Infrastructure Agency, aka CISA, on Thursday urged organizations, internet service providers, and security firms to strengthen defenses against so-called fast flux attacks.... [...]
Shape shifting technique described as menace to national security The US govt's Cybersecurity Infrastructure Agency, aka CISA, on Thursday urged organizations, internet service providers, and security firms to strengthen defenses against so-called fast flux attacks.... [...]
A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0. [...]
When Google announced Tuesday that end-to-end encrypted messages were coming to Gmail for business users, some people balked, noting it wasn’t true E2EE as the term is known in privacy and security circles. Others wondered precisely how it works under the hood. Here’s a description of what …
When Google announced Tuesday that end-to-end encrypted messages were coming to Gmail for business users, some people balked, noting it wasn’t true E2EE as the term is known in privacy and security circles. Others wondered precisely how it works under the hood. Here’s a description of what …
The Hunters International Ransomware-as-a-Service (RaaS) operation is shutting down and rebranding with plans to switch to date theft and extortion-only attacks. [...]
CISA, the FBI, the NSA, and international cybersecurity agencies are calling on organizations and DNS providers to mitigate the "Fast Flux" cybercrime evasion technique used by state-sponsored threat actors and ransomware gangs. [...]
Simple denial-of-service blunder turned out to be remote unauth code exec disaster Suspected Chinese government spies have been exploiting a newly disclosed critical bug in Ivanti VPN appliances since mid-March. This is now at least the third time in three years these snoops have been pwning these products.... [...]
Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025. [...]
The State Bar of Texas is warning it suffered a data breach after the INC ransomware gang claimed to have breached the organization and began leaking samples of stolen data. [...]
Oracle has finally acknowledged to some customers that attackers have stolen old client credentials after breaching a "legacy environment" last used in 2017. [...]
It's going to happen to you one day, so get your ducks in a row As Benjamin Franklin famously said: "An ounce of prevention is worth a pound of cure," and that's especially true when it comes to disaster recovery.... [...]
A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen from a SpotBugs workflow, which allowed a threat actor to compromise multiple GitHub projects. [...]
Espionage? Botnets? Trying to exploit a zero-day? Someone or something is probing devices made by Juniper Networks and Palo Alto Networks, and researchers think it could be evidence of espionage attempts, attempts to build a botnet, or an effort to exploit zero-day vulnerabilities.... [...]
ProtectEU plan wants to have its cake and eat it too The EU has shared its plans to ostensibly keep the continent's denizens secure – and among the pages of bureaucratese are a few worrying sections that indicate the political union wants to backdoor encryption by 2026, or even sooner …
If you’ve ever taken a computer security class, you’ve probably learned about the three legs of computer security—confidentiality, integrity, and availability—known as the CIA triad. When we talk about a system being secure, that’s what we’re referring to. All are important, but to …
Recovery's never been harder in today's tangled, outsourced infrastructure Comment Disaster recovery is getting tougher as IT estates sprawl across on-prem gear, public cloud, SaaS, and third-party ITaaS providers. And it's not floods or fires causing most outages anymore - ransomware now leads the pack, taking down systems faster than …
Stamp it out: Infostealer malware at German outfit may be culprit Updated Britain's Royal Mail is investigating after a crew calling itself GHNA claimed it was selling 144GB of the delivery giant’s customer data, perhaps after acquiring it with the same stolen credentials it used to siphon info …
Stamp it out: Infostealer malware at German outfit may be culprit Britain's Royal Mail is investigating after a crew calling itself GHNA claimed it has put 144GB of the delivery giant’s data up for sale, perhaps after acquiring it with the same stolen credentials it used to crack …
Double-oh-sh... The name's not Bond. It's O'Brien - Keith O'Brien, now-former global payroll compliance manager at the Dublin, Ireland office of HR software-as-a-service maker Rippling.... [...]
The openSNP project, a platform for sharing genetic and phenotypic data, will shut down on April 30, 2025, and delete all user submissions over privacy concerns and the risk of misuse by authoritarian governments. [...]
Amazon Web Services (AWS) is excited to announce the successful completion of the Cloud Security Assurance Program (CSAP) low-tier certification for the AWS Seoul (ICN) Region for the very first time. The certification is valid for a period of five years, from March 28, 2025 to March 27, 2030 …
A vulnerability in Verizon's Call Filter feature allowed customers to access the incoming call logs for another Verizon Wireless number through an unsecured API request. [...]
Bosses say theft now the name of the game with a shift in tactics, apparent branding Big-game ransomware crew Hunters International says its criminal undertaking has become "unpromising, low-converting, and extremely risky," and it is mulling shifting tactics amid an apparent rebrand.... [...]
IAM Roles Anywhere is a feature of AWS Identity and Access Management (IAM) that enables you to use X.509 certificates from your public key infrastructure (PKI) to request temporary Amazon Web Services (AWS) security credentials. By using IAM Roles Anywhere, your workloads, applications, containers, or devices that run …
Over 39 million secrets like API keys and account credentials were leaked on GitHub throughout 2024, exposing organizations and users to significant security risks. [...]
Microsoft has announced that hotpatch updates are now available for business customers using Windows 11 Enterprise 24H2 on x64 (AMD/Intel) systems, starting today. [...]
Royal Mail is investigating claims of a security breach after a threat actor leaked over 144GB of data allegedly stolen from the company's systems. [...]
Fallout shows how what you say must be central to disaster planning Opinion Oracle is being accused of poor incident comms as it reels from two reported data security mishaps over the past fortnight, amid a reluctance to publicly acknowledge all of the events as well as allegedly deleting …
Learn how Infinidat’s enterprise cyber storage solutions can enable near-immediate recovery Sponsored Post It's not a question of if your organization gets hit by a cyberattack - only when, and how quickly it recovers.... [...]
Kidflix, one of the largest platforms used to host, share, and stream child sexual abuse material (CSAM) on the dark web, was shut down on March 11 following a joint action coordinated by German law enforcement. [...]