Trust, not tech, is holding back a safer internet Opinion Excuse me, citizen, did you packet this data yourself? CSO06 Feb 2023 | 60
Have we learned anything from SolarWinds supply chain attacks? From frameworks to new federal offices, it's time to get busy Security05 Feb 2023 | 26
Super Bock says 'cyber' nasty 'disrupting computer services' Portugal's biggest exporter of beer warns of restrictions to supply chain Cyber-crime02 Feb 2023 | 12
Gee, tanks: Russian hackers DDoS Germany for aiding Ukraine in brief Also: a week of leaks; Riot Games says 'LoL' to source code ransom demands; and Yandex source also appears online Security30 Jan 2023 | 12
Microsoft to enterprises: Patch your Exchange servers If you want to keep the miscreants out, put the updates in, Redmond says Patches28 Jan 2023 | 14
Microsoft closes another door to attackers by blocking Excel XLL files from the internet More of them used by baddies since Redmond blocked VBA macros Research25 Jan 2023 | 6
CISA sends schools back to the classroom on security Oy, teacher, protect those kids online Government Tech Week25 Jan 2023 | 1
The world is 'clearly' not prepared for cyberwarfare 6,000 netizens can't be wrong Government Tech Week24 Jan 2023 | 17
Live Nation CFO on Taylor Swift ticket chaos: Don't blame me, bots made me crazy Attack was three times the size of anything company had seen – they couldn't shake it off Offbeat24 Jan 2023 | 20
We're just shouting into the void, says US watchdog offering cybersecurity advice Federal depts ignore almost 60% of IT defense recommendations Government Tech Week24 Jan 2023 | 14
Finally, ransomware victims are refusing to pay up Near 50% drop in extorted dosh ... or so it says here Cyber-crime19 Jan 2023 | 18
Ransomware severs 1,000 ships from on-shore servers Get your eyepatch out: Cyber attacks on the high seas are trending Cyber-crime19 Jan 2023 | 24
Been hit by BianLian ransomware? Here's your get-out-of-jail-free card Avast issues a free decryptor so victims can get their data back Security18 Jan 2023 | 3
Cisco warns it won't fix critical flaw in small business routers despite known exploit Software support ended in 2021, so we’re relying on SMBs knowing how to block ports Networks13 Jan 2023 | 42
Homeland Security, CISA builds AI-based cybersecurity analytics sandbox High-spec system is crucial to defending against the latest threats Government Tech Week10 Jan 2023 | 5
No more holidays for US telcos, FCC is cracking down In Brief Also, LastPass faces class action, and Louisiana says that, while the internet may be for porn, ID is still required Security08 Jan 2023 | 41
Twitter whistleblower Peiter 'Mudge' Zatko lands new gig at Rapid7 Updated A long way from password crackers for Windows NT for former L0pht legend Security05 Jan 2023 | 8
Back to work, Linux admins: You may have a CVSS 10 kernel bug to address In brief Also, script kiddies are coming for your gift cards, and Meta's Cambridge Analytica pathetic payout Security24 Dec 2022 | 23
Fraudulent ‘popunder’ Google Ad campaign generated millions of dollars The scam was lurking behind the content of an adult website Security22 Dec 2022 | 44
UK's Guardian newspaper breaks news of ransomware attack on itself Reporters work from home as publication promises Thursday's print edition will hit newstands on time Cyber-crime21 Dec 2022 | 44
NASA infosec again falls short of required US government standard Good thing space agency doesn’t have any state secrets … oh, hang on CSO21 Dec 2022 | 13
Malicious PyPI package found posing as a SentinelOne SDK Security firm tagged with malware misrepresentation Security21 Dec 2022 | 8
Microsoft reports macOS Gatekeeper has an 'Achilles' heel Insert your Trojan joke here Security20 Dec 2022 | 12
Email hijackers scam food out of businesses, not just money In brief Also, TLC gets schooled by Karakurt, and Cloudflare is offering free zero trust stuff to some small companies Security17 Dec 2022 | 20
Uber staff info leaks after supplier Teqtivity gets pwned Thankfully no customer info – but the spotlight is back on third-party attacks Security13 Dec 2022 | 3
IT security teams, business execs still not on same page In brief Also: Guri the air-gap guru strikes again, while pro-Ukraine hackers set up a proxy network in Russia Security12 Dec 2022 | 6
Taiwan bans state-owned devices from running Chinese platform TikTok US FCC Commissioner praises Taiwan’s security decision as US state governments follow suit Security07 Dec 2022 | 15
Amnesty International Canada claims attack by China-backed forces Threat actors allegedly looking for contacts and monitoring org's future plans Security07 Dec 2022 | 5
KmsdBot botnet is down after operator sends typo in command Cashdollar: 'It’s not often we get this kind of story in security' Cyber-crime06 Dec 2022 | 31
Remuneration coming for TrustCor customers impacted by CA revocation In brief Also, a Capone henchman lands behind bars, while nearly 9/10 DoD contract firms fail security standards Security05 Dec 2022 |
Domain aging gang CashRewindo picks vintage sites to push malvertising Like fine wine, the longer it sits, the better it is Cyber-crime02 Dec 2022 | 22
Mozilla, Microsoft drop TrustCor as root certificate authority Updated 'There is no evidence to suggest that TrustCor violated conduct, policy, or procedure' says biz Security02 Dec 2022 | 53
Lockheed Martin's Army cyber training platform goes civilian Army civilian employees, that is, but aerospace biz says it could be used in the private sector, too Security29 Nov 2022 | 1
Guess the most common password. Hint: We just told you In brief Also, Another red team tool at risk of turning to the darkside, and Meta catches the US military behaving badly CSO25 Nov 2022 | 108
European Parliament Putin things back together after cyber attack DDoS started not long after Russia was declared a state sponsor of terrorism Cyber-crime24 Nov 2022 | 56
FTC urged to clamp down on businesses' voracious appetite for data ACLU agrees that the only way to protect consumers is to control what can be collected Personal Tech22 Nov 2022 | 4
Serendipitous discovery nets security researcher $70k bounty In brief Also, a phishing gang goes Royal, while another employee at Snowden's old haunt gets caught nabbing data Security20 Nov 2022 | 10
Shocker: EV charging infrastructure is seriously insecure What did we learn from the IoT days? Apparently nothing. Security15 Nov 2022 | 42
LockBit suspect cuffed after ransomware forces emergency services to use pen and paper In Brief Plus: CISA has a flowchart for patching, privacy campaign goes after face search engine Cyber-crime12 Nov 2022 | 13
Robin Banks crooks back at the table with fresh phish from Russia Phishing-as-a-service group's toolset now includes ways to get around MFA Research08 Nov 2022 | 1
Oh, look: More malware in the Google Play store in brief Also, US media hit with JavaScript supply chain attack, while half of govt employees use out-of-date mobile OSes Research07 Nov 2022 | 25
Japan officially joins NATO's cyber defense center Already red-teaming and blue teaming in the international Locked Shields contest every year Cyber-crime07 Nov 2022 | 4
China is likely stockpiling and deploying vulnerabilities, says Microsoft Increase in espionage and cyberattacks since law requiring vulnerabilities first be reported to Beijing Security07 Nov 2022 | 36
Multi-factor auth fatigue is real – and it's why you may be in the headlines next Analysis Overwhelmed by waves of push notifications, worn-down users inadvertently let the bad guys in Security03 Nov 2022 | 88
International summit agrees crack down on crypto to combat ransomware Commitments include international wallet info sharing, KYC requirements, and an AML crackdown Security03 Nov 2022 | 20
The White House's global ransomware summit couldn't come at a better time As cyber threats ramp up, businesses and organizations will be hoping for more than platitudes Security31 Oct 2022 |
Apple patches actively exploited iPhone, iPad kernel vulns In brief Plus: Misconfigured server leaks Thomson Reuters data; VMware patches critical flaw in retired software; MalwareBytes apologies for a hoodie Security31 Oct 2022 | 8
This Windows worm evolved into slinging ransomware. Here's how to detect it Raspberry Robin hits 1,000 orgs in just one month Research28 Oct 2022 | 12
Google says slap some GUAC on your software supply chain In brief Also: Iranian election hackers are back, the TSA gets regulatory on train cybersecurity, and more Security24 Oct 2022 | 2
President Biden still wants his cybersecurity labels on those smart devices May follow Finland and Germany in adopting Singapore's standard Security20 Oct 2022 | 20
DuckDuckGo's macOS browser hits public beta Remember, remember, the Microsoft trackers Personal Tech19 Oct 2022 | 4
Millennials, Gen Z actually suck at workplace security OK, boomer – how do I turn off cookies? CSO19 Oct 2022 | 76
So, the US, China, and Russia walk into an infosec conference Suffice to say things got a little awkward CSO19 Oct 2022 | 3
China-linked Budworm burrows hole in US legislature systems In brief Also, Senator Warren says banks need to grow the Zelle up, an AirTag does some good – if you’re a Democrat, and more Security17 Oct 2022 | 7
Microsoft tries again to ignite interest in DevOps cloud security Ignite Identity governance and SOCs also on the menu Security12 Oct 2022 | 3
If you're wondering why Google blew $5b on Mandiant, this may shed some light GCN Automating infosec knowhow, essentially Security11 Oct 2022 | 7
It’s 2022 and netizens are only now getting serious about cybersecurity US folks start to get the message about protecting themselves online Security10 Oct 2022 | 12
When are we gonna stop calling it ransomware? It's just data kidnapping now Comment It's not like the good old days with iffy cryptography and begging for keys Security09 Oct 2022 | 20
Biden's Privacy Shield 2.0 order may not satisfy Europe In brief Also, Albania almost called in NATO over cyber attacks, and Facebook warns of account-stealing mobile apps Security08 Oct 2022 | 20
Top of the Pops: US authorities list the 20 hottest vulns that China's hackers love to hit Microsoft has four entries on list of shame, Log4j tops the chart Security07 Oct 2022 | 4
Foreign spies hijacking US mid-terms? FBI, CISA are cool as cucumbers about it I think we can handle one little Russia. We sent two units, they're bringing any attempts down now Security06 Oct 2022 | 40