Ars Technica
Arizona woman accused of helping North Koreans get remote IT jobs at 300 companies
Alleged $6.8M conspiracy involved "laptop farm," identity theft, and résumé coaching.
The Cyber Express
US Charged North Korean Job Fraud Nexus Amassing Funds for Nuclear Program
The U.S. federal prosecutors on Thursday revealed charges against a North Korean job fraud nexus that ran its fraudulent scheme
Bleeping Computer
Five charged for cyber schemes to benefit North Korea's weapons program
The U.S. Justice Department charged five individuals today, a U.S. Citizen woman, a Ukrainian man, and three foreign nationals, for their involvement in cyber schemes that generated revenue for North Korea's nuclear weapons program.
Infosecurity News
53,000 Employees' Social Security Numbers Exposed in Nissan Breach
Car manufacturer Nissan revealed that over 53,000 of its North America employees had their social security numbers accessed by a ransomware attacker
DarkReading
FCC Reveals 'Royal Tiger' Robocall Campaign
In a first-ever move, the commission's enforcement bureau has high hopes that official classification will allow law enforcement partners to better combat these kinds of threats.
Cyber Security News
Top 10 Best Managed Service Providers (MSP) for CISO, CTO & IT Managers - 2024
Best MSP for CISO, CTO & IT Managers - 1. Perimeter 812. Secureworks 3. IBM 4. Trustwave 5. Wipro 6. Verizon 7. Sophos 8. Symantec.
DarkReading
Windows Quick Assist Anchors Black Basta Ransomware Gambit
When abused by threat actors with sophisticated social-engineering chops, remote-access tools demand that enterprises remain sharp in both defense strategy and employee-awareness training.
Infosecurity News
BreachForums Hacking Marketplace Taken Down Again
The FBI claims to have seized the domain and servers of hacking forum BreachForums
Cyber Security News
Palo Alto Networks Buys IBM’s QRadar
In a major move to bolster its cloud security offerings, Palo Alto Networks announced today that it has agreed to purchase the QRadar .
Ars Technica
BreachForums, an online bazaar for stolen data, seized by FBI
An earlier iteration of the site was taken down last year; now its reincarnation is gone.
Security Affairs
FBI seized the notorious BreachForums hacking forum
An international law enforcement operation coordinated by the FBI led to the seizure of the notorious BreachForums hacking forum.
DarkReading
FBI, DoJ Shut Down BreachForums, Launch Investigation
Instead of online contraband, the website now asks anyone with information that could help with the investigation to contact authorities.
The Hacker News
FBI Seizes BreachForums Again, Urges Users to Report Criminal Activity
BreachForums, a notorious online bazaar for stolen data, has been seized by law enforcement agencies for the second time in a year.
The Cyber Express
BREAKING: FBI Seizes BreachForums, Yet Again!
The notorious BreachForums seized for the second time in a year. The U.S. law enforcement today seized the clear web
Bleeping Computer
FBI seize BreachForums hacking forum used to leak stolen data
The FBI has seized the notorious BreachForums hacking forum used to leak and sell stolen corporate data to other cybercriminals.
The Cyber Express
The Cybersecurity Guardians: Meet the Top 30 cybersecurity Influencers to Follow in 2024
The ever-evolving landscape of cybersecurity is shaped by a dedicated group of individuals. These pioneers, through their research, entrepreneurship, and
The Cyber Express
Tornado Cash Co-Founder Gets Over 5 Years for Laundering $1.2Bn
A Dutch court ruling on Tuesday found one of the co-founders of the now-sanctioned Tornado Cash cryptocurrency mixer service guilty
The Cyber Express
DragonForce Cyberattack Strikes Again: Malone & Co and Watt Carmicheal Added as Victims
The notorious DragonForce ransomware group has expanded its list of victims, adding two new names to their dark web portal
The Hacker News
Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years
Ebury malware botnet has compromised an estimated 400,000 servers since 2009. Learn how to protect your systems from this advanced threat.
The Hacker News
Dutch Court Sentences Tornado Cash Co-Founder to 5 Years in Prison for Money Laundering
Alexey Pertsev, co-founder of Tornado Cash, sentenced to 5+ years in prison by Dutch court. The crypto mixer service was sanctioned by the U.S.
Ars Technica
Chief Scientist Ilya Sutskever leaves OpenAI six months after Altman ouster
CEO Altman: "OpenAI would not be what it is without him."
CyberNews
North Korea launders $148 million of stolen crypto using Tornado Cash
A UN sanctions investigation says North Korea laundered $147.5 million of stolen crypto through the virtual mixer platform Tornado Cash in March.
DarkReading
Singapore Cybersecurity Update Puts Cloud Providers on Notice
The nation amends its Cybersecurity Act, giving its primary cybersecurity agency more power to regulate critical infrastructure and third parties, and requiring cyber incidents be reported.
SC Magazine
BreachForums seized by FBI for 2nd time
The infamous data leak site’s domain and Telegram account were seized Wednesday morning.
DarkReading
Microsoft Windows DWM Zero-Day Poised for Mass Exploit
CVE-2024-30051 is the most concerning out of this month's Patch Tuesday offerings, and is already under active exploit by several QakBot actors.
DarkReading
As the FBI Closes In, Scattered Spider Attacks Finance, Insurance Orgs
Scattered Spider is as active as ever, despite authorities claiming that they're close to nailing its members.
DarkReading
Dangerous Google Chrome Zero-Day Allows Sandbox Escape
Exploit code is circulating for CVE-2024-4761, disclosed less than a week after a similar security vulnerability was disclosed as being used in the wild.
Infosecurity News
NIST Confusion Continues as Cyber Pros Complain CVE Uploads Stopped
Several software security experts have told Infosecurity that no new vulnerabilities have been added to the US NVD since May 9
SecurityWeek
Hacker Conversations: Ron Reiter, and the Making of a Professional Hacker
Ron Reiter was a childhood hacker in Israel and recruited into the IDF’s Unit 8200. Now he is CTO and co-founder of cybersecurity firm Sentra.
The Cyber Express
Cybersecurity Concerns Surround ChatGPT 4o’s Launch; Open AI Assures Beefed up Safety Measure
The field of Artificial Intelligence is rapidly evolving, and OpenAI's ChatGPT is a leader in this revolution. This groundbreaking large
The Cyber Express
The Cyber Express Sets the Stage to Host World CyberCon META Edition 2024 in Dubai
This May, the heartbeat of the cybersecurity industry will resonate through Dubai, where The Cyber Express is set to host
The Record
Tornado Cash co-founder convicted of laundering $1.2 billion by Dutch court
Alexey Pertsev's case has been seen as a bellwether pitting financial privacy advocates who view blockchain anonymity as a fundamental right against law enforcement intent on tracking the source of funds.
SC Magazine
Google patches 6th Chrome zero-day of 2024, three days after last one
Security pros say the industry can expect to see this bug exploited soon, so patch, monitor and conduct other measures, like browser isolation and sandboxing.
The Record
UK 'increasingly concerned' about Russian intelligence links to hacktivists
GCHQ Director Anne Keast-Butler warned at the CyberUK conference that the Kremlin’s partnership with criminal groups was contributing to cyberattacks as well as other operations.
The Record
Is this Iowa congressman the next House Republican point man on cyber?
Rep. Zach Nunn arrived in Congress with arguably more cyber experience than any other new member in history. Can he fill the shoes of Rep. Mike Gallagher, the party's longtime House leader on cybersecurity issues?
CyberNews
Netflix changes stance on sports streaming with Christmas NFL games
Netflix, the largest streamier out there, has always claimed it wasn't seeking to show big sports. Now, though, it’s nearing a deal to stream NFL games on Christmas Day.
The Cyber Express
Christie’s Auction Website Hacked Just Before Major Sales
Just days before its highly anticipated spring art auctions, Christie's, the renowned auction house, had fallen victim to a cyberattack,
CyberNews
AI abused to clone voices, FBI warns
The San Francisco division of the FBI is warning individuals and organizations to be aware of AI used by cybercriminals.
The Cyber Express
TCE Cyberwatch: Weekly Wrap on AI, Deepfakes, Cybersecurity Challenges Affecting Nations Worldwide
This week on TCE Cyberwatch we’re covering the different data breaches and vulnerabilities faced by different companies. Along with this,
SC Magazine
Ascension ‘making progress’ to restore systems after ransomware attack
Black Basta, the gang reportedly responsible for the attack against the large health system, is described as prolific and sophisticated by federal agencies.
CyberSecurity Dive
White House wants to hold the software sector accountable for security
Federal officials are taking steps toward a long-stated goal of shifting the security burden from technology users to the companies that build it.
CyberSecurity Dive
Officials see a real change in Microsoft’s security plans: financial accountability
CISA Director Jen Easterly pointed to Microsoft’s decision to link security to executive compensation as a meaningful signal of its priorities.
SC Magazine
Google patches fifth Chrome zero-day of 2024
While Google confirmed that the bug exists in the wild, security researchers say there has yet to have been an instance of active exploitation.
DarkReading
Aggressive Cloud-Security Player Wiz Scores $1B in Funding Round
The latest round of investment prices the fast-growing cloud native application protection platform (CNAPP) at $12 billion with a simple mandate: Grow quickly through acquisition.
Infosecurity News
Why Cybersecurity Professionals Have a Duty to Secure AI
Experts at the RSA Conference urged cyber professionals to lead the way in securing AI systems today and pave the way for AI to solve huge societal challenges
Infosecurity News
RSAC: How CISOs Should Protect Themselves Against Indictments
Experts at the RSA Conference discussed what CISOs can do to protect themselves against legal pressure
Cyber Security News
CISA Announced Vulnrichment : Project to Enrich CVE Records
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced a new initiative called "Vulnrichment" aimed at enriching Common Vulnerabilities and Exposures (CVE) records with additional metadata to help organizations better prioritize vulnerability remediation efforts.
CyberNews
AI ethicists warn against haunting of ‘griefbots’
The emerging industry of “digital afterlives” will cause social and psychological harm, University of Cambridge researchers have warned.
.webp)
Cyber Security News
CrowdStrike & NinjaOne Announce Partnership to Bridge Gaps Between IT & SOC Teams
CrowdStrike and NinjaOne, a frontrunner in IT platform services for endpoint management have announced a strategic partnership.
The Cyber Express
Google Brings Gemini AI to Cybersecurity
Google has brought together its Gemini AI model with its Mandiant cybersecurity unit and VirusTotal threat Intelligence to enhance threat
DarkReading
Token Security Launches Machine-Centric IAM Platform
Instead of building a list of users and identifying what systems each use can access, Token Security starts with a list of machines and determining who can access each system.
SC Magazine
Cybersecurity incident impacts operations at Ascension hospitals
Large Catholic nonprofit hired Mandiant to investigate what’s now an unspecified cybersecurity incident that has reportedly forced hospitals in at least Maryland, Michigan, Kansas, and Wisconsin to shut down its systems.
Ars Technica
Dell responds to return-to-office resistance with VPN, badge tracking
Report claims new tracking starts May 13 with unclear consequences.
DarkReading
CISOs Are Worried About Their Jobs & Dissatisfied With Their Incomes
The research shows a significant drop in the number of tech CISOs that got a base salary increase in the past year — roughly 18% year over year.
Infosecurity News
#RSAC: CISA Launches Vulnrichment Program to Address NVD Challenges
CISA launched a new software vulnerability enrichment program to fill the gap left by NIST’s National Vulnerability Database backlog
SecurityWeek
Token Security Raises $7 Million Seed Funding for Machine-First Identity Security
Tel Aviv-based Token Security has emerged from stealth with $7 million seed funding led by TLV Partners with participation from SNR and angel investors.
Infosecurity News
A Third of Tech CISOs Are Unhappy With Their Income
New IANS Research data finds many tech CISOs are concerned about their compensation as salaries stagnate
The Cyber Express
Data Breach Victim Initiates Class Action Lawsuit Against J.P. Morgan for Security Lapses
A class action lawsuit has been filed against J.P. Morgan Chase & Co., alleging that the financial giant failed to
CSO
Google, Meta, Spotify accused of flouting Apple’s device fingerprinting rules
Security researchers allege that several apps are collecting data from iOS devices, violating Apple’s policy on device fingerprinting.
Cyber Security News
Akamai to Acquire API Security Startup Noname for $450 Million
Akamai Technologies, Inc. is set to acquire Noname Security, a top API security vendor, for $450 million, signaling a major move to boost its API security capabilities.
SC Magazine
RSAC 2024: CISA, DHS grapple with cyber risks in the age of AI
AI and “secure by design” will be crucial to defend against ransomware, CI attacks and AI threats in the coming years.
CyberNews
TikTok and ByteDance file lawsuit to block US divest-or-ban bill
TikTok and Chinese parent company ByteDance filed suit in US federal court seeking to block a law that would force the company to divest from TikTok or face a ban.
Ars Technica
Ransomware mastermind LockBitSupp reveled in his anonymity—now he’s been ID’d
The US places a $10 million bounty for the arrest of Dmitry Yuryevich Khoroshev.
Infosecurity News
Three Battle-Tested Tips for Surviving a Cyber-Attack
CISOs share their experience of managing real-life cyber incidents provide their recommendations to survive cyber-attacks
SecurityWeek
Wiz Raises $1 Billion at $12 Billion Valuation
Cloud security giant Wiz has raised $1 billion, which brings the total funding to $1.9 billion, at a valuation of $12 billion.
DarkReading
Feds: Reducing AI Risks Requires Visibility & Better Planning
While attackers have targeted AI systems, failures in AI design and implementation are far more likely to cause headaches, so companies need to prepare.
CyberNews
LockBit gang leader exposed in FBI ransomware breakthrough
The leadership identity of the LockBit ransomware group is unveiled by the US Department of Justice (DoJ), UK’s National Crime Agency (NCA), and Europol.
The Cyber Express
Global Infosec Awards 2024: Cyble Wins Nine Accolades, Recognized Among the Best in Cybersecurity
Cyber Defense Magazine (CDM), marking its 12th anniversary as the leading electronic information security magazine, announced the winners of the
SecurityWeek
Akamai to Acquire API Protection Startup Noname Security for $450 Million
Akamai has announced plans to acquire Noname Security for $450 million to enhance its API protection offering.
The Cyber Express
UK Ministry of Defence Suffers Major Data Breach, China’s Involvement Suspected
The personal data of an unspecified number of active UK military personnel had been compromised in a significant Ministry of
HACKRead
China Suspected in Major Cyberattack on UK's Ministry of Defence (MoD)
The United Kingdom's Ministry of Defence (MoD) is reportedly under investigation for a suspected cyberattack originating from China.
CyberSecurity Dive
CISA, FBI urge software companies to eliminate directory traversal vulnerabilities
The software defects are linked to recent exploitation campaigns against critical infrastructure providers, including healthcare and schools.
The Hacker News
Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering
Russian operator of BTC-e crypto exchange pleads guilty to money laundering charges spanning 2011-2017.
The Record
Mayorkas: Implementation of AI can’t lead to 'a perpetuation of implicit bias'
The secretary of Homeland Security told an RSA Conference crowd that he was encouraged by the discussion in the first meeting of the department's AI advisory board.
SC Magazine
Law enforcement indicts mastermind behind LockBit ransomware gang
Security pros say the move by law enforcement puts a significant dent into LockBit.
Krebs on Security
U.S. Charges Russian Man as Boss of LockBit Ransomware Group
The United States joined the United Kingdom and Australia today in sanctioning 31-year-old Russian national Dmitry Yuryevich Khoroshev as the alleged leader of the infamous ransomware group LockBit. The U.S. Department of Justice also indicted Khoroshev as the gang's leader…
DarkReading
DBIR: Supply Chain Breaches Up 68% Year Over Year
As Verizon Business redefines "supply chain breach," it could either help organizations address third-party risk holistically or just conflate and confuse.
HACKRead
Cuckoo Mac Malware Mimics Music Converter to Steals Passwords and Crypto
Cybersecurity researchers from Mac security provider, Kandji, have discovered a new malware dubbed "Cuckoo" targeting macOS users.
CyberNews
Robinhood crypto hit with SEC Wells notice, action likely
Robinhood Crypto (RHC) trading platform on Monday has responded to being served with a Wells notice from the US Securities and Exchange Commission (SEC).
DarkReading
AT&T Splits Cybersecurity Services Business, Launches LevelBlue
The new company will focus on cybersecurity services as a top-10 managed security service provider, but must expand outside the low-margin managing of security into detection and response.
SecurityWeek
CyberNut Emerges From Stealth With K-12 Security Awareness Training Solution
CyberNut has emerged from stealth mode with a K-12-focused security awareness training solution and $800k in pre-seed funding.
SecurityWeek
Anetac Emerges From Stealth Mode With $16 Million in Funding
Identity management startup Anetac has emerged from stealth mode with a $16 million investment led by Liberty Global.
DarkReading
Anetac Targets Service Account Security
The new startup's identity and access management platform uncovers poorly monitored service accounts and secures them from abuse.
The Cyber Express
Cyble Showcases Next-Gen Cybersecurity Technologies at RSA Conference 2024
San Francisco, May 6, 2024 — Cyble, the leading provider of AI-driven cybersecurity solutions, is excited to announce its participation
SecurityWeek
Permira to Acquire Majority Stake in BioCatch at $1.3 Billion Valuation
Permira has agreed to acquire a majority of BioCatch shares, primarily from Bain Capital Tech Opportunities and Maverick Ventures.
The Cyber Express
Six Australian MPs Confirm They were Targeted by China’s APT31 Hackers
Six Australian Members of the Parliament confirmed today that they were targeted by Chinese-state hackers APT31 in a brazen cyberattack
The Hacker News
New 'Cuckoo' Persistent macOS Spyware Targeting Intel and Arm Macs
A new malware called "Cuckoo" is on the loose, targeting both Intel and ARM-based Macs.
SC Magazine
RSAC 2024: How to use AI without getting in trouble
For more real-time RSAC coverage from SC Media please visit here.
Krebs on Security
Why Your VPN May Not Be As Secure As It Claims
Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers…
.png)
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
The weekly news summary keeps you up to date with what’s happening in cybersecurity, including developments, vulnerabilities, breaches, threats, and defensive strategies. Knowing about new cyber risks and attack vectors helps you put up safeguards and preventive measures as soon as possible to protect your systems. Remaining constantly aware gives you a holistic view of […]
Ars Technica
These dangerous scammers don’t even bother to hide their crimes
Cybercriminals openly run dozens of scams across social media and messaging apps.
CyberNews
Darknet 'BenzoBoys' gets prison selling millions counterfeit Xanax
Brandon Adams, aka BenzoBoys, from Missouri, was sentenced to two years in prison and will forfeit $1 million for selling millions of fake Xanax pills on the dark web.
DarkReading
REvil Affiliate Off to Jail for Ransomware Scheme
Charges against the ransomware gang member included damage to computers, conspiracy to commit fraud, and conspiracy to commit money laundering.
Security Magazine
Verizon 2024 Data Breach Report shows the risk of the human element
The 2024 Data Breach Investigations Report reveals the role that the human element plays in cyber threats, and security leaders are weighing in.
DarkReading
New AI Security Startup Apex Secures AI Models, Apps
The security startup’s platform will allow organizations to define appropriate AI usage and enforce security policies.
SecurityWeek
Horizon3.ai Introduces AI-Assisted Service to Prioritize and Patch Vulnerabilities Faster
Horizon3.ai's AISaaS-based, AI-assisted penetration service allows proactive defensive action against exploitation of new vulnerabilities.
SecurityWeek
Ukrainian REvil Ransomware Affiliate Gets 13 Years in US Prison
Yaroslav Vasinskyi was sentenced to 13 years and seven months in prison for his alleged role in the REvil ransomware operation.
Security Affairs
Ukrainian REvil gang member sentenced to 13 years in prison
A Ukrainian national, a member of the REvil group, has been sentenced to more than 13 years in prison for his role in extortion activities.
Latest Hacking News
LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere
Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience LayerX, pioneer of the LayerX Browser Security platform, today announced $26
%20(1).webp)
Cyber Security News
LayerX Security Raises $24M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere
“We’ve transformed workforce protection for organizations without requiring the transition to a dedicated secure browser.
Loading more articles....