There’s a growing collaboration between hacking groups engaging in espionage on behalf of nation-states and those seeking financial gains through ransomware and other forms of cybercrime, researchers noted this week. There has always been some level of overlap between these two groups, but it has become more pronounced …

Money stolen falls from record $1.25bn to $813m as more victims refuse to pay off criminal gangs Ransomware payments fell by more than a third last year to $813m (£650m) as victims refused to pay cybercriminals and law enforcement cracked down on gangs, figures reveal. The decline in …

Audit watchdog finds 58 critical IT systems assessed in 2024 had ‘significant gaps in cyber-resilience’ The threat of potentially devastating cyber-attacks against UK government departments is “severe and advancing quickly”, with dozens of critical IT systems vulnerable to an expected regular pattern of significant strikes, ministers have been warned …

Scammers are hacking Google Forms to send email to victims that come from google.com. Brian Krebs reports on the effects. Boing Boing post. [...]

An international coalition of police agencies has taken a major whack at criminals accused of running a host of online scams, including phishing, the stealing of account credentials and other sensitive data, and the spreading of ransomware, Interpol said recently. The operation, which ran from the beginning of April …

The US government is finally admitting there’s no need – instead, to fend off cyber-attacks we need passwords that are long but memorable Over the past decade or so, people have accumulated a vast array of logins for dozens of sites and apps, as more of our work and …

Nuclear waste dump in Cumbria pleaded guilty to leaving data that could threaten national security exposed for four years, says regulator Sellafield will have to pay almost £400,000 after it pleaded guilty to criminal charges over years of cybersecurity failings at Britain’s most hazardous nuclear site. The …

Facilities to receive greater protection in attempt to reduce potential impact of adverse incidents or attacks Datacentres in the UK are to be designated as critical national infrastructure in an effort to protect them from cyber-attacks and IT blackouts, the government has said. The buildings store much of the …

Watchdog provisionally finds Advanced failed to act to protect data of 82,946 after ransomware attack in England A software provider faces being fined more than £6m over a 2022 ransomware attack that disrupted NHS and social care services in England, the data protection regulator has announced. The Information …

Prime minister says ‘very significant cyber event’ still under investigation by federal police and he is ‘not aware’ if he is among the 12.9m victims Follow our Australia news live blog for latest updates Get our morning and afternoon news emails, free app or daily news podcast The …

6.8%, to be precise. From ZDNet : However, Distributed Denial of Service (DDoS) attacks continue to be cybercriminals’ weapon of choice, making up over 37% of all mitigated traffic. The scale of these attacks is staggering. In the first quarter of 2024 alone, Cloudflare blocked 4.5 million unique …

Investigation launched after airline reported a suspicious network popped up during a domestic flight in April Follow our Australia news live blog for latest updates Get our morning and afternoon news emails, free app or daily news podcast A man has been charged after he allegedly set up fake …

Cyber-attack earlier this month led to cancellation of almost 1,600 operations and outpatient appointments Data from a ransomware attack has allegedly been published online weeks after the attack halted operations and tests in major London hospitals, NHS England has said. A Russian group carried out the cyber-attack on …

The US Justice Department has dismantled an enormous botnet: According to an indictment unsealed on May 24, from 2014 through July 2022, Wang and others are alleged to have created and disseminated malware to compromise and amass a network of millions of residential Windows computers worldwide. These devices were …

Russian-speaking ransomware gang lets hackers use its tools in exchange for cut of proceeds A Russian-speaking ransomware criminal gang called Qilin is thought to be behind the cyber-attack on NHS medical services provider Synnovis, that halted tests and operations at hospital trusts to a halt and affected GPs across …

Cybercrime group ShinyHunters reportedly demanding £400,000 ransom to prevent data being sold Ticketmaster has been targeted in a cyber-attack, with hackers allegedly offering to sell customer data on the dark web, its parent company, Live Nation, has confirmed. The ShinyHunters hacking group is reportedly demanding about £400,000 …

Clare O’Neil says incident affecting many Australians but appears restricted to the release of names, dates of birth and email addresses Get our morning and afternoon news emails, free app or daily news podcast Ticketek has been hit by a “cyber incident” with personal information of Australian customers …

Clare O’Neil says incident affecting many Australians but appears restricted to the release of names, dates of birth and email addresses Get our morning and afternoon news emails, free app or daily news podcast Ticketek has been hit by a “cyber incident” with personal information of Australian customers …

The notorious ShinyHunters collective is claiming hack of personal details of 560 million global customers Follow our Australia news live blog for latest updates Get our morning and afternoon news emails, free app or daily news podcast Ticketmaster is yet to confirm whether it has experienced a major data …

AFLPA want to protect medical records and performance data Port Adelaide players’ personal information was leaked last year A fear of illicit drug test results and psychologist session notes being leaked onto the dark web is helping drive a call from AFL players to improve data collection and storage …

Exclusive: Defence ministry was told in recent days that staff details accessed but sources say SSCL knew in February The IT company targeted in a Chinese hack that accessed the data of hundreds of thousands of Ministry of Defence staff failed to report the breach for months, the Guardian …

There’s a new report on how criminals are using generative AI tools: Key Takeaways: Adoption rates of AI technologies among criminals lag behind the rates of their industry counterparts because of the evolving nature of cybercrime. Compared to last year, criminals seem to have abandoned any attempt at …

Makers of phones, TVs and smart doorbells legally required to protect devices against access by cybercriminals Tech that comes with weak passwords such as “admin” or “12345” will be banned in the UK under new laws dictating that all smart devices must meet minimum security standards. Measures to protect …

LockBit was a sophisticated criminal operation, offering the tools needed to steal a company’s data and hold it to ransom. Then it was itself hacked. Alex Hern reports A ransomware site on the dark web has allowed criminals to extort hospitals, businesses and schools for years. By encrypting …

Gang sets up new site on dark web and releases rambling statement explaining how it was infiltrated by law enforcement agencies The LockBit ransomware gang is attempting a comeback days after its operations were severely disrupted by a coordinated international crackdown. The Russia-based group has set up a new …