A Memphis man was arrested and charged with stealing DVDs and Blu-ray discs of unreleased movies and sharing ripped digital copies online before their release. [...]

The EFF has created an open-source hardware tool to detect IMSI catchers: fake cell phone towers that are used for mass surveillance of an area. It runs on a $20 mobile hotspot. [...]

The administrators of the Russian Garantex crypto-exchange have been charged in the United States with facilitating money laundering for criminal organizations and violating sanctions. [...]

I knew you were trouble, Queens DA might have said Police have made two arrests in their quest to start a cybercrime crew's prison eras, alleging the pair stole hundreds of Taylor Swift tickets and sold them for huge profit.... [...]

Japanese telecommunication services provider NTT Communications Corporation (NTT) is warning almost 18,000 corporate customers that their information was compromised during a cybersecurity incident. [...]

Microsoft says a North Korean hacking group tracked as Moonstone Sleet has deployed Qilin ransomware payloads in a limited number of attacks. [...]

Which is why taking down chiefs and infra behind big name brand operations isn't working Interview There's a handful of cybercriminal gangs that Jason Baker, a ransomware negotiator with GuidePoint Security, regularly gets called in to respond to these days, and a year ago only one of these crews …

Best not to buy cheap hardware and use third-party app stores if you want to stay clear of this vast ad fraud effort Human Security’s Satori research team says it has found a new variant of the remote-controllable Badbox malware, and as many as a million infected Android …

At 49, Branden Spikes isn’t just one of the oldest technologists who has been involved in Elon Musk’s Department of Government Efficiency (DOGE). As the current director of information technology at X/Twitter and an early hire at PayPal, Zip2, Tesla and SpaceX, Spikes is also among …

Did US Secret Service not get the memo, or? A coalition of international law enforcement has shut down Russian cryptocurrency exchange Garantex, a favorite of now-defunct ransomware crew Conti and others criminals for money laundering.... [...]

​Microsoft has taken down an undisclosed number of GitHub repositories used in a massive malvertising campaign that impacted almost one million devices worldwide. [...]

The Akira ransomware gang was spotted using an unsecured webcam to launch encryption attacks on a victim's network, effectively circumventing Endpoint Detection and Response (EDR), which was blocking the encryptor in Windows. [...]

President ordered officials to ramp up vetting 'to the maximum degree' The US government's Citizenship and Immigration Service (USCIS) is considering monitoring not just the social media posts of non-citizens coming into the country, but also all those already in America going through an immigration or citizenship process.... [...]

The U.S. Secret Service has seized the domain of the sanctioned Russian cryptocurrency exchange Garantex in collaboration with the Department of Justice's Criminal Division, the FBI, and Europol. [...]

New York prosecutors say that two people working at a third-party contractor for the StubHub online ticket marketplace made $635,000 after almost 1,000 concert tickets and reselling them online. [...]

A malicious Python Package Index (PyPI) package named "set-utils" has been stealing Ethereum private keys through intercepted wallet creation functions and exfiltrating them via the Polygon blockchain. [...]

Over 37,000 internet-exposed VMware ESXi instances are vulnerable to CVE-2025-22224, a critical out-of-bounds write flaw that is actively exploited in the wild. [...]

Akira really wasn't horsing around with this one Toronto Zoo's final update on its January 2024 cyberattack arrived this week, revealing that visitor data going back to 2000 had been compromised.... [...]

The vCISO Academy is a free learning platform to equip service providers with training needed to build and expand their vCISO offerings. Learn more from Cynomi on how the Academy helps you launch or expand your vCISO services. [...]

Attacks strike, facilities go bust, patients die. But it's preventable It will cost upward of $75 million to address the cybersecurity needs of rural US hospitals, Microsoft reckons, as mounting closures threaten the lives of Americans.... [...]

A newly devised "polymorphic" attack allows malicious Chrome extensions to morph into other browser extensions, including password managers, crypto wallets, and banking apps, to steal sensitive information. [...]

A newly discovered network botnet comprising an estimated 30,000 webcams and video recorders—with the largest concentration in the US—has been delivering what is likely to be the biggest denial-of-service attack ever seen, a security researcher inside Nokia said. The botnet, tracked under the name Eleven11bot, first …

Interesting article —with photos!—of the US/UK “Combined Cipher Machine” from WWII. [...]

Complaint alleges 13 funding proposals foundered amid battle for control Eric Gan is no longer CEO of AI security biz Cybereason after what appears to have been a protracted and unpleasant fight with investors, including the SoftBank Vision Fund and Liberty Strategic Capital.... [...]

Xi's freelance infosec warriors apparently paid up to $75K to crack a single American inbox US government agencies announced Wednesday criminal charges against alleged members of China's Silk Typhoon gang, plus internet domain seizures linked to a long-term Chinese espionage campaign that saw Beijing hire miscreants to compromise US …

Would 'destroy a pipeline of top talent essential for hunting' Chinese spies in US networks, Congress told Video Looming staffing cuts to America's security and intelligence agencies, if carried out, would "have a devastating effect on cybersecurity and our national security," former NSA bigwig Rob Joyce has told House …

The Electronic Frontier Foundation (EFF) has released a free, open-source tool named Rayhunter that is designed to detect cell-site simulators (CSS), also known as IMSI catchers or Stingrays. [...]

We’re excited to announce that Amazon Web Services (AWS) has completed the annual Dubai Electronic Security Centre (DESC) certification audit to operate as a Tier 1 Cloud Service Provider (CSP) for the AWS Middle East (UAE) Region. This alignment with DESC requirements demonstrates our continued commitment to adhere …

Microsoft warns that Chinese cyber-espionage threat group 'Silk Typhoon' has shifted its tactics, now targeting remote management tools and cloud services in supply chain attacks that give them access to downstream customers. [...]

The US Justice Department has charged Chinese state security officers along with APT27 and i-Soon hackers for network breaches and cyberattacks that have targeted victims globally since 2011. [...]

They're good at zero-day exploits, too Updated Silk Typhoon, the Chinese government crew believed to be behind the December US Treasury intrusions, has been abusing stolen API keys and cloud credentials in ongoing attacks targeting IT companies and state and local government agencies since late 2024, according to Microsoft …

The BadBox Android malware botnet has been disrupted again by removing 24 malicious apps from Google Play and sinkholing communications for half a million infected devices. [...]

YouTube warns that scammers are using an AI-generated video featuring the company's CEO in phishing attacks to steal creators' credentials. [...]

With increased unidentified drone sightings worldwide, some are concerned they pose a cybersecurity risk. Learn more from Acronis about these risks and a real attack on a Taiwan drone manufacturer. [...]

A first-of-its-kind legal challenge set to be heard this month, per reports Updated Apple has reportedly filed a legal complaint with the UK's Investigatory Powers Tribunal (IPT) contesting the British government's order that it must forcibly break the encryption of iCloud data.... [...]

As AI use increases, security remains a top concern, and we often hear that organizations are worried about risks that can come with rapid adoption. Google Cloud is committed to helping our customers confidently build and deploy AI in a secure, compliant, and private manner. Today, we’re introducing …

The Toronto Zoo, the largest zoo in Canada, has provided more information about the data stolen during a ransomware attack in January 2024. [...]

Of the five, one is a Windows vulnerability, another is a Cisco vulnerability. We don’t have any details about who is exploiting them, or how. News article. Slashdot thread. [...]

English football club offers apologies after fans' card details stolen from online retail store English football club Leeds United says cyber criminals targeted its retail website during a five-day assault in February and stole the card details of "a small number of customers."... [...]

'No regrets' crew continues extorting victims, leaking highly sensitive data Qilin – the "no regrets" ransomware crew wreaking havoc on the global healthcare industry – just claimed responsibility for fresh attacks on a cancer treatment clinic in Japan and a women's healthcare facility in the US.... [...]

List of attacks by 'No regrets' crew leaking highly sensitive data continues to grow Qilin – the "no regrets" ransomware crew wreaking havoc on the global healthcare industry – just claimed responsibility for fresh attacks on a cancer treatment clinic in Japan and a women's healthcare facility in the US.... [...]

Stop cyberattacks before they happen with preventative endpoint security Sponsored Post Every organization is vulnerable to cyber threats, and endpoint devices are a common target for cyber criminals.... [...]

Scammers are impersonating the BianLian ransomware gang in fake ransom notes sent to US companies via snail mail through the United States Postal Service. [...]

Hunters International ready to off-shore 1.4 TB of info allegedly swiped from Indian giant A subsidiary of Indian multinational Tata has allegedly fallen victim to the notorious ransomware gang Hunters International.... [...]

New research has uncovered further links between the Black Basta and Cactus ransomware gangs, with members of both groups utilizing the same social engineering attacks and the BackConnect proxy malware for post-exploitation access to corporate networks. [...]

Three critical vulnerabilities in multiple virtual-machine products from VMware can give hackers unusually broad access to some of the most sensitive environments inside multiple customers’ networks, the company and outside researchers warned Tuesday. The class of attack made possible by exploiting the vulnerabilities is known under several names, including …

A new botnet malware named 'Eleven11bot' has infected over 86,000 IoT devices, primarily security cameras and network video recorders (NVRs), to conduct DDoS attacks. [...]

The heap overflow zero-day in the memory unsafe code by Miss Creant Broadcom today pushed out patches for three VMware hypervisor-hijacking bugs, including one rated critical, that have already been found and exploited by criminals.... [...]

Cisco warned customers today of a vulnerability in Webex for BroadWorks that could let unauthenticated attackers access credentials remotely. [...]

We're pleased to announce that Google has been recognized as a Leader in The Forrester WaveTM: Data Security Platforms, Q1 2025 report. We believe this is a testament to our unwavering commitment to providing cutting-edge data security in the cloud. In today's AI era, comprehensive data security is paramount …