Ars Technica
Arizona woman accused of helping North Koreans get remote IT jobs at 300 companies
Alleged $6.8M conspiracy involved "laptop farm," identity theft, and résumé coaching.
Ars Technica
Alleged $6.8M conspiracy involved "laptop farm," identity theft, and résumé coaching.
The Cyber Express
A ransomware attack has compromised MediSecure, a leading Australian script provider facilitating electronic prescribing and dispensing of prescriptions. The MediSecure
Infosecurity News
Despite this setback, the auction house said bids can still be placed by phone and in-person
The Cyber Express
The ever-evolving landscape of cybersecurity is shaped by a dedicated group of individuals. These pioneers, through their research, entrepreneurship, and
HACKRead
A new Android malware poses as popular applications like WhatsApp, Instagram, and Snapchat to steal user data, including login credentials.
Security Magazine
The Federal Trade Commission (FTC) has ordered Cerebral, Inc. to restrict how the company can use and/or disclose sensitive consumer data.
CyberNews
VPN provider Surfshark has set up transparent toilets in popular areas of London to raise awareness of online safety and privacy.
The Record
CEO Guillaume Cerutti confirmed that the auction house was dealing with a “technology security incident” after the organization’s website went down before the weekend.
The Hacker News
Fake Android apps mimicking popular platforms like Google & WhatsApp are stealing user data.
Ars Technica
Quadrupeds being reviewed have automatic targeting systems but require human oversight to fire.
The Record
The ransomware operation gave the Kansas city until May 15 to pay up. The incident continues to unfold as law enforcement agencies announced actions against the gang's suspected leader.
The Hacker News
APT42, an Iranian state-backed hacking group, is leveling up its social engineering tactics. They're posing as journalists and event organizers to bui
SecurityWeek
SecurityWeek discusses cybersecurity leadership with Geoff Belknap, CISO at LinkedIn, and Guy Rosen, CISO at Facebook parent company Meta.
Ars Technica
Amazon says it's working on stopping others from "making your AWS bill explode."
The Cyber Express
A complaint lodged by privacy advocacy group Noyb with the Austrian data protection authority (DSB) alleged that ChatGPT's generation of
CyberNews
Nico Murillo A former Tesla employee has gone viral on LinkedIn after telling the story of how he was laid off.
Ars Technica
CEO-heavy board to tackle elusive AI safety concept and apply it to US infrastructure.
SecurityWeek
A new phishing campaign abuses compromised email accounts and targets corporate users with PDF files hosted on Autodesk Drive.
Infosecurity News
Email-borne fraud accounted for more insurance claims than any other category in 2023, says Coalition
HACKRead
The website, Spy.pet, is apparently an internet-scraping company, that has been collecting data from Discord since November 2023.
The Cyber Express
In today's digital age, where data breaches and cyber threats loom large, the role of Chief Information Security Officer (CISO)
CyberSecurity Dive
Exploits of Ivanti VPN products have hit roughly 1,700 organizations. To Mitre, guidance from the vendor and government fell short.
CSO
According to the non-profit, the breach occurred in January 2024 when the nation-state threat actor conducted a reconnaissance of MITRE’s networks by exploiting one of its VPNs through two Ivanti Connect Secure zero-day vulnerabilities.
The Record
A joint declaration from European police chiefs does not mention Meta by name, but just a few months ago the company began rolling out the technology as default across “all personal chats and calls on Messenger and Facebook.”
The Cyber Express
Mitel, a leading provider of business communications solutions worldwide, has announced the appointment of Bill Dunnion as its new Chief
Bleeping Computer
The U.S. Federal Trade Commission has reached a settlement with telehealth firm Cerebral in which the company will pay $7,000,000 over allegations of mishandling people's sensitive health data.
Infosecurity News
New Check Point data found Microsoft was impersonated in 38% of all brand phishing attacks in Q1 2024, up from 33% in Q4 2024
The Hacker News
The FTC fined mental telehealth service Cerebral over $7 million for deceptive data sharing practices and failing to honor its cancellation policies.
CyberNews
A study shows that ad transparency tools requested by watchdogs are still vague on 11 major tech platforms, leaving users vulnerable to misinformation ahead of the election year.
CyberSecurity Dive
Generative AI tools emerged as the latest villain in the enterprise battle to curb SaaS bloat and rationalize software portfolios, Productiv analysis found.
SecurityWeek
Former security engineer Shakeeb Ahmed was sentenced to prison for hacking and defrauding cryptocurrency exchanges.
Cyber Security News
The weekly cybersecurity news wrap-up provides readers with the latest information on emerging risks, vulnerabilities, ways to reduce them, and harmful schemes to help make defensive measures proactive.
Krebs on Security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard.…
Trend Micro
Delve into the world of red team exercises, their vital role in enhancing organizational security through simulated cyberattacks, including tactics like phishing and lateral movement within networks, and understand the need for regular testing and improvement to counter evolving threats effectively.
CyberNews
Ransomware attacks on a database company, GBI Genios, have left German institutions without access to press publications and business information.
DarkReading
As more electric vehicles are sold, the risk to compromised charging stations looms large alongside the potential for major cybersecurity exploits.
The Record
The Munich-based company said that as a result of the incident, “unfortunately we have to assume an outage for several days.”
SecurityWeek
SecurityWeek editor-at-large Ryan Naraine says findings of CSRB report on China's hack of Microsoft’s Exchange Online are no surprise.
Cyber Security News
The Leading Company for Securing Access Between Workloads Recognized for the Aembit Workload IAM Platform Aembit, the Workload Identity and Access Management (IAM) Company, has been named one of the Top 10 Finalists for the RSA Conference™ 2024 Innovation Sandbox contest for its platform that manages and secures access between critical software resources, like applications […]
HACKRead
Silver Spring, United States / Maryland, April 3rd, 2024, CyberNewsWire
Cyber Security News
StrelaStealer malware identified, targeting Spanish-speaking users with the primary aim of pilfering email account credentials.
SecurityWeek
Quantum decryption will make all certificates and everything else using RSA encryption vulnerable to everyone.
Cyber Security News
An automated risk detection system identified a typosquatting campaign targeting popular Python libraries on PyPI.
SC Magazine
The company reset passcodes and acknowledged the years-old leak for the first time Saturday.
Computerworld
When McDonald's in March suffered a global outage preventing it from accepting payments, it issued a lengthy statement about the incident that was vague, misleading and yet still allowed many of the technical details to be figured out.
SecurityWeek
Avoiding burnout in cybersecurity: Mental well-being is essential but is under constant threat from stress in the cybersecurity profession.
Infosecurity News
After months of speculation, NIST has finally confirmed its intention to establish an industry consortium to develop the NVD in the future
The Hacker News
Researchers uncover active exploitation of a critical flaw in Anyscale Ray, a popular AI platform.
Bleeping Computer
A new hacking campaign dubbed "ShadowRay" targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing power and leak sensitive data from thousands of companies.
HACKRead
Discover the new ShadowRay campaign exploiting CVE-2023-48022 in the Ray AI framework, risking thousands of companies
Cyber Security News
A significant vulnerability has been identified in the Rank Math SEO plugin for WordPress, this flaw cataloged under CVE-2023-32600,
Bleeping Computer
Microsoft plans to limit access to over fifty cloud products for Russian organizations by the end of March as part of the sanctions requirements against the country issued by EU regulators last December.
The Record
U.N. experts reported on the activity of North Korean cyberthreat actors, including those known to researchers as Kimsuky, the Lazarus Group, Andariel and BlueNoroff.
DarkReading
NVD may be in peril and while alternatives exist, enterprise security managers will need to plan accordingly to stay on top of new threats.
Cyber Security News
The Fédération Française de Football (FFF) has been informed of allegations regarding a potential security breach within their systems. The French Football Federation (FFF) is the governing body of football in France. It oversees the operations and organization of French football leagues and national teams. The FFF supports players, clubs, and volunteers nationwide and is […]
SecurityWeek
Microsoft hired Mustafa Suleyman to head up its new AI business, a technology that Suleyman views as both as a boon and threat to humanity.
Krebs on Security
It's not unusual for the data brokers behind people-search websites to use pseudonyms in their day-to-day lives (you would, too). Some of these personal data purveyors even try to reinvent their online identities in a bid to hide their conflicts…
CyberNews
The deepfake of Mark Zuckerberg is just one of several published online by an AI startup bent on making video cameras a thing of the past.
Ars Technica
Report highlights big turnaround from Dell's previous pro-WFH stance.
SC Magazine
Crucial enrichment data is not being added to NVD entries as NIST works through a “transition” process.
Cyber Security News
A new tool has surfaced on the Dark Web, signaling a shift in the methods used by cybercriminals to gain unauthorized remote access.
Krebs on Security
The data privacy company Onerep.com bills itself as a Virginia-based service for helping people remove their personal information from almost 200 people-search websites. However, an investigation into the history of onerep.com finds this company is operating out of Belarus and…
Cyber Security News
The Android banking malware known as PixPirate is pushing the boundaries of stealth with innovative techniques to evade detection.
The Cyber Express
Atlanta-based Cyble Inc. has once again made waves in the cybersecurity industry. The trailblazing AI-powered threat intelligence platform secured a
Bleeping Computer
Microsoft has released the KB5035845 cumulative update for Windows 10 21H2 and Windows 10 22H2, which includes nine new changes and fixes.
Cyber Security News
Cybersecurity circles are abuzz with the latest campaign involving the notorious Remote Control System (RAT), Remcos.
The Cyber Express
By Zinet Kemal, Associate Cloud Security Engineer, Best Buy The cybersecurity space, as dynamic and challenging as it is, has
PCMag
Linwei Ding was allegedly preparing to use information to start his own AI company in China.
Bleeping Computer
BleepingComputer has discovered a content farm operating some 60+ domains named after popular media outlets, including the BBC, CNBC, CNN, Forbes, Huffington Post, The Guardian, and Washington Post, among others. These sites build SEO for their online gambling ventures and sell "press release" slots at hefty prices.
Bleeping Computer
BleepingComputer has discovered a content farm operating some 60+ domains named after popular media outlets, including the BBC, CNBC, CNN, Forbes, Huffington Post, The Guardian, and Washington Post, among others. These sites build SEO for their online gambling ventures and sell "press release" slots at hefty prices.
PCMag
A new FAQ says 'we may use your data to train DocuSign's in-house, proprietary AI models.'
The Cyber Express
In a world where technology and healthcare collide, a disturbing pattern has emerged: cyberattacks on hospitals in the United States
Bleeping Computer
Microsoft has released the optional KB5034843 Preview cumulative update for Windows 10 22H2 with an updated sharing experience and eight other fixes or changes.
The Cyber Express
A newcomer to the underground forum "Crackingx" under the username "10cker" caused a stir by offering the source code of
SC Magazine
Initial reports that the malware strain involved a LockBit affiliate, but recent data suggests an ALPHV/BlackCat link.
Ars Technica
Identifiable data included job searches, map directions, "cosplay erotica."
DarkReading
Hundreds of initial access brokers and cybercrime gangs are jumping on the max-critical CVE-2024-1709 authentication bypass, threatening orgs and downstream customers.
DarkReading
Organizations boost cybersecurity budgets to tackle data-privacy and cloud-security threats amid speedy adoption of generative AI.
CyberNews
A new report finds that three in ten job board users have fallen victim to fake job ads on popular sites such as Indeed, LinkedIn, and Craigslist.
SecurityWeek
The ransomware threat will continue to grow and expand. It is the quintessential business plan for cybercriminals.
SC Magazine
After the kingpin RaaS gang’s spectacular takedown, security pros expect other threat groups will be quick to take LockBit’s place.
The Hacker News
North Korean Hackers Target Defense Sector! Learn how state-sponsored actors employ sophisticated techniques via LinkedIn job scams.
The Hacker News
Destructive malware, targeted phishing... new report analyzes sophisticated attacks deployed alongside Israel-Hamas war. This is the evolving face of
CyberNews
Romance scams might be the most damaging of all, as victims are not only scammed of thousands of dollars but also have their romantic dreams crushed overnight.
The Hacker News
Meta uncovers a range of international spyware firms are actively targeting users across iOS, Android, and Windows devices.
CyberScoop
The man alleged to have impersonated Joe Biden appears to control a network of marketing firms and fundraising operations.
SecurityWeek
The cybersecurity industry must question marketing claims and use of Fear, Uncertainty, and Doubt (FUD) and misinformation to sell products.
Computerworld
The faked images of singer Taylor Swift that showed up online are likely just the beginning of a coming swarm of deepfakes. Don’t look to Microsoft to do much about the problem.
DarkReading
Hamas-linked threat actors have defied norms, with no discernible uptick in cyber operations prior to its terror attack and a complete abandonment of them thereafter.
Bleeping Computer
Data breaches at two French healthcare payment service providers, Viamedis and Almerys, have now been determined to impact over 33 million people in the country.
SecurityWeek
Elizabeth Kelly was named as the director of the newly established safety institute for artificial intelligence (AI).
CyberScoop
An investigation identified Life Corporation and Lingo Telecom as allegedly behind the operation that impersonated President Joe Biden.
Bleeping Computer
French healthcare services firm Viamedis suffered a cyberattack that exposed the data of policyholders and healthcare professionals in the country.
Cyber Security News
Bazel, an open-source software used for automation of building and testing has been discovered with a critical supply chain vulnerability.
HACKRead
Cybersecurity firm Resonance has hired the prominent industry veteran George Skouroupathis to head up its offensive security engineering team.
DarkReading
Deepfakes are fast becoming more realistic, and access to them more democratic, enabling even ordinary attackers to enact major fraud. What's the most effective way to fight back?
HACKRead
The Deepfake scam took place in Hong Kong; however, the name of the targeted company is still unknown.
HACKRead
According to the report, in 2023, 835 vulnerability reports were submitted by 93 ethical hackers, with 96 cases reported in the HackerOne repository.
Security Affairs
What is Data Security Posture Management (DSPM) and how can mitigate the risks of data leaks such as the 'Mother of all Breaches.'
Security Affairs
A former software engineer with the U.S. CIA has been sentenced to 40 years in prison for leaking classified documents.
Loading more articles....