The City of Wichita, Kansas, disclosed it was forced to shut down portions of its network after suffering a weekend ransomware attack. [...]

Cybersecurity is everyone's concern, and for IT workers, a key skill on their resume. This five-course exam prep bundle helps you get more advanced credentials for $49.99, $145 off the $195 MSRP. [...]

The NCA, FBI, and Europol have revived a seized LockBit ransomware data leak site to hint at new information being revealed by law enforcement this Tuesday. [...]

Finland's Transport and Communications Agency (Traficom) has issued a warning about an ongoing Android malware campaign targeting banking accounts. [...]

The Iranian state-backed threat actor tracked as APT42 is employing social engineering attacks, including posing as journalists, to breach corporate networks and cloud environments of Western and Middle Eastern targets. [...]

A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the "Always-on VPN" feature was enabled with the "Block connections without VPN" option. [...]

A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the "Always-on VPN" feature was enabled with the "Block connections without VPN" option. [...]

The NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conformance (DMARC) policies to mask spearphishing attacks. [...]

Google has rolled back a recent release of its reCaptcha captcha script after a bug caused the service to no longer work on Firefox for Windows. [...]

​NATO and the European Union, with international partners, formally condemned a long-term cyber espionage campaign against European countries conducted by the Russian threat group APT28. [...]

Microsoft announced that Windows users can now log into their Microsoft consumer accounts using a passkey, allowing users to authenticate using password-less methods such as Windows Hello, FIDO2 security keys, biometric data (facial scans or fingerprints), or device PINs. [...]

Onur Aksoy, the CEO of a group of companies controlling multiple online storefronts, was sentenced to six and a half years in prison for selling $100 million worth of counterfeit Cisco network equipment to government, health, education, and military organizations worldwide. [...]

Bitwarden, the creator of the popular open-source password manager, has just launched a new authenticator app called Bitwarden Authenticator, which is available for iOS and Android devices. [...]

​CISA and the FBI urged software companies today to review their products and eliminate path traversal security vulnerabilities before shipping. [...]

Law enforcement shut down 12 phone fraud call centers in Albania, Bosnia and Herzegovina, Kosovo, and Lebanon, behind thousands of scam calls daily. [...]

Microsoft has highlighted a novel attack dubbed "Dirty Stream," which could allow malicious Android apps to overwrite files in another application's home directory, potentially leading to arbitrary code execution and secrets theft. [...]

Yaroslav Vasinskyi, a Ukrainian national, was sentenced to 13 years and seven months in prison and ordered to pay $16 million in restitution for his involvement in the REvil ransomware operation. [...]

HPE Aruba Networking has issued its April 2024 security advisory detailing critical remote code execution (RCE) vulnerabilities impacting multiple versions of ArubaOS, its proprietary network operating system. [...]

Cloud storage firm DropBox says hackers breached production systems for its DropBox Sign eSignature platform and gained access to authentication tokens, MFA keys, hashed passwords, and customer information. [...]

The US government is warning that pro-Russian hacktivists are seeking out and hacking into unsecured operational technology (OT) systems used to disrupt critical infrastructure operations. [...]

Panda Restaurant Group, the parent company of Panda Express, Panda Inn, and Hibachi-San, disclosed a data breach after attackers compromised its corporate systems in March and stole the personal information of an undisclosed number of individuals. [...]

The Hôpital de Cannes - Simone Veil (CHC-SV) in France announced it received a ransom demand from the Lockbit 3.0 ransomware gang, saying they refuse to pay the ransom. [...]

​CISA warned today that attackers are actively exploiting a maximum-severity GitLab vulnerability that allows them to take over accounts via password resets. [...]

Qantas Airways confirms that some of its customers were impacted by a misconfiguration in its app that exposed sensitive information and boarding passes to random users. [...]

A new malware named 'Cuttlefish' has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information. [...]