Act passed in 2015 is due to lapse unless a continuing resolution passes - and that's unlikely Barring a last-minute deal, the US federal government would shut down on Wednesday, October 1, and the 2015 Cybersecurity Information Sharing Act would lapse at the same time, threatening what many consider a …
Upgraded nasty slips into Xcode builds, steals crypto, and disables macOS defenses The long-running XCSSET malware strain has evolved again, with Microsoft warning of a new macOS variant that expands its bag of tricks while continuing to target developers.... [...]
CRM giant denies security shortcomings as claims allege stolen data used for ID theft Updated Salesforce is facing a wave of lawsuits in the wake of a cyberattack that exposed customer data.... [...]
Researchers say tens of thousands of instances remain publicly reachable Security researchers have confirmed that threat actors have exploited the maximum-severity vulnerability affecting Fortra's GoAnywhere managed file transfer (MFT), and chastised the vendor for a lack of transparency.... [...]
Operation Cronos didn’t kill LockBit – it just came back meaner Trend Micro has sounded the alarm over the new LockBit 5.0 ransomware strain, which it warns is "significantly more dangerous" than past versions due to its newfound ability to simultaneously target Windows, Linux, and VMware ESXi environments …
More fun with AI agents and their security holes A now-fixed flaw in Salesforce’s Agentforce could have allowed external attackers to steal sensitive customer data via prompt injection, according to security researchers who published a proof-of-concept attack on Thursday. They were aided by an expired trusted domain that …
The downstream consequences of Miljödata’s ransomware attack continue to affect major organizations Volvo North America is the latest large organization to announce attackers accessed employee data after a ransomware attack struck its HR system provider.... [...]
CISA gives feds 24 hours to patch, NCSC urges rapid action as flaws linked to ArcaneDoor spies Cybersecurity agencies on both sides of the Atlantic are sounding the alarm over Cisco firewall vulnerabilities that are being exploited by an "advanced threat actor."... [...]
Prime Minister Starmer revives controversial scheme despite past denials, sparking civil liberties backlash The UK government plans to issue all legal residents a digital identity by the end of the current Parliament, which could run until August 2029, with its use required to get a job.... [...]
It’s amazing the number of calls Jo, Helen, and Ian get through The UK's data protection watchdog fined two Brit businesses with offshore call centers £550,000 (c $735,000) over illegal automated marketing calls.... [...]
Keeping Pyongyang's coffers full North Korean-linked crews connected to the pervasive IT worker scams have upped their malware game, using more advanced tools, including a backdoor that has much of the same code as Pyongyang's infamous Lazarus Group deploys.... [...]
Images of toddlers and home addresses leaked in reprehensible landmark attack A cyber criminal crew has targeted Kido International, a preschool and daycare organization, leaking sensitive details about its pupils and their parents.... [...]
The latest in a run of serious networking bugs gives attackers root if they have SNMP access Cisco has confirmed a new IOS and IOS XE zero-day, the latest in a string of flaws that attackers have been quick to weaponize.... [...]
Biometric Entry/Exit System phased in from October to 29 Schengen countries Travelers including Britons and Americans visiting most European countries will have to register their fingerprints and faces under a system that goes live next month.... [...]
Supermarket says the hack that shut down systems and emptied shelves has turned profits into losses The Co-operative Group has revealed the cyberattack that knocked its systems offline earlier this year will leave it nursing an £80 million hangover.... [...]
Guidance follows privacy complaints over sharp increase in police searches of travel doc and visa pic libraries The Home Office has told police forces to check their own photo databases before asking it to search its libraries of passport and visa facial images, as well as avoiding urgent requests …
Secure your data, avoid US sanctions, and stay compliant with European cybersecurity alternatives Partner Content What happens when your company's future depends on a service controlled by another country that loves trade fights, tariffs, and industrial-scale surveillance? That's the risk for European businesses relying on American providers; a single …
If you recently got an email asking you to verify your credentials to a PyPI site, better change that password The Python Software Foundation warned users of a new string of phishing attacks using a phony Python Package Index (PyPI) website and asking victims to verify their account or …
Mandiant CTO anticipates 'hearing about this campaign for the next one to two years' Unknown intruders – likely China-linked spies – have broken into "numerous" enterprise networks since March and deployed backdoors, providing access for their long-term IP and other sensitive data stealing missions, all the while remaining undetected on average …
After air passenger travel hit across the Atlantic, organized crime agency strikes The UK's National Crime Agency has arrested a man as part of an investigation into a ransomware attack that disrupted airports around the world last weekend.... [...]
Attackers hit jackpot after targeting Boyd Gaming Hotel and casino operator Boyd Gaming has disclosed a cyberattack to US regulators, warning that hackers may have stolen personal information belonging to employees and other individuals.... [...]
Labour accused of sneaking in plans it denied before the general election Seven campaign groups have written to UK prime minister Keir Starmer urging him to scrap plans for a mandatory digital identity system – a project that is expected to be announced imminently, as part an effort to tackle …
Covid-style financial support? Nothing to confirm yet, say MPs The chair of the UK's business and trade committee says the situation at Jaguar Land Rover is likely to get "harder and harder over the next week or two," but stopped short of confirming that the government might intervene with …
AI attacks on the rise A survey of cybersecurity bosses has shown that 62 percent reported attacks on their staff using AI over the last year, either by the use of prompt injection attacks or faking out their systems using phony audio or video generated by AI.... [...]
Security vendor's no good, very bad week year SonicWall on Monday released a firmware update that the security vendor says will remove rootkit malware deployed in recent attacks targeting Secure Mobile Access (SMA) 100 appliances.... [...]