#cybersecurity

[ follow ]
#north-korea
Cryptocurrency
fromNextgov.com
21 hours ago

DOJ files complaint to get nearly $8 million in stolen funds back from North Korea

North Korea's illicit cryptocurrency schemes are being targeted by the U.S. Department of Justice to disrupt funding for its missile programs.
Cryptocurrency
fromNextgov.com
21 hours ago

DOJ files complaint to get nearly $8 million in stolen funds back from North Korea

North Korea's illicit cryptocurrency schemes are being targeted by the U.S. Department of Justice to disrupt funding for its missile programs.
more#north-korea
#data-breach
Information security
fromZDNET
1 day ago

86 million A&T customer records reportedly up for sale on the dark web

A significant data breach at AT&T exposed 86 million customer records, including sensitive information, now available for sale on the dark web.
Privacy professionals
fromTechRadar
3 days ago

Top US dental firm spills over 8 million user files online

A massive unsecured database exposed millions of dental records, stressing the importance of cloud security awareness.
Dental marketing agency may be linked to the unsecured data breach.
Toronto startup
fromTheregister
3 days ago

'Deliberate attack' deletes shopping app's cloudy resources

KiranaPro faced a targeted cyberattack that deleted its GitHub and AWS resources, prompting plans for enhanced security measures.
Information security
fromZDNET
2 days ago

Is your Asus router part of a botnet? How to check - and what you can do

Asus routers faced a significant security breach, impacting thousands as cybercriminals exploited vulnerabilities and established persistent backdoors.
Information security
fromHackernoon
2 months ago

AI-Driven Cybersecurity Compliance: A Strategic Imperative | HackerNoon

Investment in security automation and AI can save millions, highlighting the importance of proactive cybersecurity compliance.
Information security
fromZDNET
1 day ago

86 million A&T customer records reportedly up for sale on the dark web

A significant data breach at AT&T exposed 86 million customer records, including sensitive information, now available for sale on the dark web.
Privacy professionals
fromTechRadar
3 days ago

Top US dental firm spills over 8 million user files online

A massive unsecured database exposed millions of dental records, stressing the importance of cloud security awareness.
Dental marketing agency may be linked to the unsecured data breach.
Toronto startup
fromTheregister
3 days ago

'Deliberate attack' deletes shopping app's cloudy resources

KiranaPro faced a targeted cyberattack that deleted its GitHub and AWS resources, prompting plans for enhanced security measures.
Information security
fromZDNET
2 days ago

Is your Asus router part of a botnet? How to check - and what you can do

Asus routers faced a significant security breach, impacting thousands as cybercriminals exploited vulnerabilities and established persistent backdoors.
Information security
fromHackernoon
2 months ago

AI-Driven Cybersecurity Compliance: A Strategic Imperative | HackerNoon

Investment in security automation and AI can save millions, highlighting the importance of proactive cybersecurity compliance.
more#data-breach
#it-security
fromHackernoon
2 months ago
Startup companies

Cybersecurity Essentials For Startups: 8 Tools to Scale Safely (and Avoid a Breach) | HackerNoon

fromHackernoon
2 months ago
Startup companies

Cybersecurity Essentials For Startups: 8 Tools to Scale Safely (and Avoid a Breach) | HackerNoon

more#it-security
Information security
fromNextgov.com
16 hours ago

Trump cyber executive order aims to amend 'problematic' parts of Biden, Obama cyber orders

Trump's cybersecurity executive order aims to simplify previous regulations while limiting sanctions to foreign actors only.
#malware
Artificial intelligence
fromWIRED
3 days ago

The Rise of 'Vibe Hacking' Is the Next AI Nightmare

AI's ability to generate code could lower barriers to cybercrime, posing a greater threat from established hacker groups.
Artificial intelligence
fromWIRED
3 days ago

The Rise of 'Vibe Hacking' Is the Next AI Nightmare

AI's ability to generate code could lower barriers to cybercrime, posing a greater threat from established hacker groups.
Marketing tech
fromThe Hacker News
21 hours ago

New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users

A new malware campaign uses social engineering to install Atomic macOS Stealer on macOS systems.
Cybercriminals impersonate a telecom provider to trick users into executing malicious scripts.
more#malware
#voice-phishing
Information security
fromSecuritymagazine
1 day ago

IT Support Impersonated in Voice Phishing Campaign

The threat group UNC6040 is successfully using voice phishing to exploit organizations and access sensitive data, particularly in Salesforce instances.
Growth hacking
fromThe Hacker News
2 days ago

Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App

UNC6040 specializes in vishing campaigns targeting Salesforce for data theft.
The group uses social engineering tactics to impersonate IT support.
Attackers deploy a modified Salesforce Data Loader for unauthorized access.
The threats allow lateral movement within victims' networks to gather more data.
Marketing tech
fromTechzine Global
2 days ago

Hacking group steals Salesforce data by impersonating IT support

The hacker group UNC6040 exploits voice phishing to gain credentials and access to Salesforce from employees in large organizations.
fromZDNET
1 day ago
Marketing tech

Cybercriminals are stealing business Salesforce data with this simple trick - don't fall for it

Information security
fromSecuritymagazine
1 day ago

IT Support Impersonated in Voice Phishing Campaign

The threat group UNC6040 is successfully using voice phishing to exploit organizations and access sensitive data, particularly in Salesforce instances.
Growth hacking
fromThe Hacker News
2 days ago

Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App

UNC6040 specializes in vishing campaigns targeting Salesforce for data theft.
The group uses social engineering tactics to impersonate IT support.
Attackers deploy a modified Salesforce Data Loader for unauthorized access.
The threats allow lateral movement within victims' networks to gather more data.
Marketing tech
fromTechzine Global
2 days ago

Hacking group steals Salesforce data by impersonating IT support

The hacker group UNC6040 exploits voice phishing to gain credentials and access to Salesforce from employees in large organizations.
fromZDNET
1 day ago
Marketing tech

Cybercriminals are stealing business Salesforce data with this simple trick - don't fall for it

more#voice-phishing
#cisco
Information security
fromTechzine Global
1 day ago

Cisco warns of vulnerability in cloud passwords

A critical flaw in Cisco ISE allows attackers to access sensitive data and modify system settings across cloud platforms.
Remote access to sensitive data is possible due to shared credentials in cloud installations. It scores a CVSS of 9.9.
Information security
fromThe Hacker News
2 days ago

Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI

Cisco patched a critical vulnerability in Identity Services Engine (ISE) that allows unauthenticated attackers to exploit shared static credentials.
The flaw, CVE-2025-20286, poses significant risk to cloud installations of Cisco ISE.
Information security
fromTechzine Global
1 day ago

Cisco warns of vulnerability in cloud passwords

A critical flaw in Cisco ISE allows attackers to access sensitive data and modify system settings across cloud platforms.
Remote access to sensitive data is possible due to shared credentials in cloud installations. It scores a CVSS of 9.9.
Information security
fromThe Hacker News
2 days ago

Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI

Cisco patched a critical vulnerability in Identity Services Engine (ISE) that allows unauthenticated attackers to exploit shared static credentials.
The flaw, CVE-2025-20286, poses significant risk to cloud installations of Cisco ISE.
more#cisco
#federal-agencies
Information security
fromNextgov.com
1 day ago

Wrong time for Trump admin to end mobile app security program, cyber lawmaker says

Ending the Mobile App Vetting program may weaken government cybersecurity against rising digital threats.
fromNextgov.com
1 day ago
Information security

This CISA Project should serve as the roadmap to managing cyber risk and efficiency in a cloud era

Information security
fromNextgov.com
1 day ago

Wrong time for Trump admin to end mobile app security program, cyber lawmaker says

Ending the Mobile App Vetting program may weaken government cybersecurity against rising digital threats.
fromNextgov.com
1 day ago
Information security

This CISA Project should serve as the roadmap to managing cyber risk and efficiency in a cloud era

more#federal-agencies
#incident-response
Information security
fromIT Pro
1 day ago

Cloud breaches are surging, but enterprises aren't quick enough to react

Cloud breaches remain undetected for significant durations due to alert fatigue and tool fragmentation.
Information security
fromIT Pro
1 day ago

Cloud breaches are surging, but enterprises aren't quick enough to react

Cloud breaches remain undetected for significant durations due to alert fatigue and tool fragmentation.
more#incident-response
#security-vulnerabilities
more#security-vulnerabilities
#ransomware
Information security
fromAbove the Law
3 days ago

Another FBI Alert: The Legal Industry Continues To Be Targeted By Ransomware - Above the Law

Law firms are being targeted by Silent Ransom Group, emphasizing the importance of cybersecurity awareness in the legal industry.
Information security
fromTheregister
2 days ago

Ransomware scum leak patient data after disrupting services

Kettering Health's personal data potentially leaked due to a ransomware attack, affecting numerous patients and complicating their care.
Information security
fromAbove the Law
3 days ago

Another FBI Alert: The Legal Industry Continues To Be Targeted By Ransomware - Above the Law

Law firms are being targeted by Silent Ransom Group, emphasizing the importance of cybersecurity awareness in the legal industry.
Information security
fromTheregister
2 days ago

Ransomware scum leak patient data after disrupting services

Kettering Health's personal data potentially leaked due to a ransomware attack, affecting numerous patients and complicating their care.
more#ransomware
fromHackernoon
3 weeks ago

LLM Security: A Practical Overview of the Protective Measures Needed | HackerNoon

Since the emergence of Large Language Models, we've seen particular risks with machine learning models as they've become more accessible through interfaces and APIs. That led to discovering new ways to exploit the intended functioning of those models, hence new problems such as prompt injection.
Artificial intelligence
#privacy-rights
fromNextgov.com
1 day ago
Privacy technologies

Lawmakers warn that UK's Apple backdoor demand 'sets a dangerous precedent'

House lawmakers urge reevaluation of U.S.-UK cybersecurity relations following UK's secret backdoor request to Apple for encrypted data access.
fromwww.theguardian.com
3 days ago
France politics

Pornhub owner to suspend site in France in protest at new verification law

Aylo's adult sites will suspend operations in France to protest age verification laws that threaten privacy.
Age verification should be handled by operating systems instead of individual platforms.
Privacy technologies
fromNextgov.com
1 day ago

Lawmakers warn that UK's Apple backdoor demand 'sets a dangerous precedent'

House lawmakers urge reevaluation of U.S.-UK cybersecurity relations following UK's secret backdoor request to Apple for encrypted data access.
more#privacy-rights
fromTheregister
1 day ago

Cellebrite gets virtual with $170M Corellium buy

The combination of Cellebrite's commitment to innovation and its focus on supporting law enforcement perfectly aligns with Corellium's capabilities in security and virtualization.
Tech industry
SF politics
fromTheregister
1 day ago

Senator hounds Trump's cyber pick over CISA cuts

Sean Cairncross supports offensive cyber actions against adversaries, defending proposed cuts to the US cyber defense agency during Senate hearings.
fromNextgov.com
1 day ago

Senate Homeland panel likely to approve Cairncross, Plankey for key cyber positions

His impressive combination of experience in both the public and private sectors, as well as his ability to navigate government, build coalitions, and implement strategic approaches to the challenges facing the United States make Sean situated particularly well to this role.
SF politics
#cryptocurrency
Cryptocurrency
fromDatabreaches
3 days ago

Taiwan's BitoPro hit by NT$345 million cryptocurrency hack

BitoPro, Taiwan's second-largest crypto platform, lost approximately NT$345 million in a cyberattack involving advanced blockchain exploitation techniques.
fromHackernoon
1 year ago
Cryptocurrency

BingX Launches $150M Shield Fund To Set a New Benchmark For User Protection | HackerNoon

Cryptocurrency
fromDatabreaches
3 days ago

Taiwan's BitoPro hit by NT$345 million cryptocurrency hack

BitoPro, Taiwan's second-largest crypto platform, lost approximately NT$345 million in a cyberattack involving advanced blockchain exploitation techniques.
fromHackernoon
1 year ago
Cryptocurrency

BingX Launches $150M Shield Fund To Set a New Benchmark For User Protection | HackerNoon

more#cryptocurrency
#data-privacy
Privacy technologies
fromThe Hacker News
1 day ago

Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hardcoded Credentials

Popular Google Chrome extensions are exposing user data by transmitting it over unencrypted HTTP.
Certain Chrome extensions may be vulnerable to privacy and security threats.
Privacy technologies
fromThe Hacker News
1 day ago

Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hardcoded Credentials

Popular Google Chrome extensions are exposing user data by transmitting it over unencrypted HTTP.
Certain Chrome extensions may be vulnerable to privacy and security threats.
more#data-privacy
#state-sponsored-hacking
fromIT Pro
2 days ago
Information security

'States don't do hacking for fun': NCSC expert urges businesses to follow geopolitics as defensive strategy

fromIT Pro
2 days ago
Information security

'States don't do hacking for fun': NCSC expert urges businesses to follow geopolitics as defensive strategy

more#state-sponsored-hacking
#ai-models
fromTechCrunch
2 days ago
Artificial intelligence

Anthropic unveils custom AI models for U.S. national security customers | TechCrunch

fromTechCrunch
2 days ago
Artificial intelligence

Anthropic unveils custom AI models for U.S. national security customers | TechCrunch

more#ai-models
#china
Information security
fromSecuritymagazine
2 days ago

Cyber as a Pressure Valve: Why Economic Conflict Is Fueling a New Era of Cyber Escalation

Chinese state-sponsored cyber operations are escalating amid trade tensions, focusing on embedding themselves in critical U.S. infrastructure.
Information security
fromSecuritymagazine
2 days ago

Cyber as a Pressure Valve: Why Economic Conflict Is Fueling a New Era of Cyber Escalation

Chinese state-sponsored cyber operations are escalating amid trade tensions, focusing on embedding themselves in critical U.S. infrastructure.
more#china
Digital life
fromTechzine Global
2 days ago

authID makes passwords obsolete with Ping Identity

authID integrates with Ping Identity to enhance biometric authentication, eliminating passwords and securing user identities.
fromThe Hacker News
2 days ago

Redefining Cyber Value: Why Business Impact Should Lead the Security Conversation

Security teams face growing demands with more tools, more data, and higher expectations than ever.
Business intelligence
#hacking
Information security
fromZDNET
2 days ago

Your Asus router may be part of a botnet - here's how to tell and what to do

A large number of Asus routers have been compromised by cybercriminals exploiting security flaws and using stealth tactics.
Information security
fromZDNET
2 days ago

Your Asus router may be part of a botnet - here's how to tell and what to do

A large number of Asus routers have been compromised by cybercriminals exploiting security flaws and using stealth tactics.
more#hacking
#microsoft
fromIT Pro
3 days ago
Tech industry

Confused at all the threat group names? You're not alone. CrowdStrike and Microsoft want to change that

fromIT Pro
3 days ago
Tech industry

Confused at all the threat group names? You're not alone. CrowdStrike and Microsoft want to change that

more#microsoft
UK news
fromIT Pro
2 days ago

100,000 accounts have been hit in a HMRC scam campaign, but the tax office says it wasn't hacked - here's why

HMRC experienced a £47 million loss due to an organized crime breach affecting 100,000 individuals.
#artificial-intelligence
more#artificial-intelligence
#data-protection
Information security
fromIT Pro
2 days ago

European financial firms are battling a huge rise in third-party breaches

Financial services firms in Europe are facing a significant rise in third-party and fourth-party data breaches, necessitating proactive defenses.
Information security
fromIT Pro
2 days ago

European financial firms are battling a huge rise in third-party breaches

Financial services firms in Europe are facing a significant rise in third-party and fourth-party data breaches, necessitating proactive defenses.
more#data-protection
fromWIRED
2 days ago

What Really Happened in the Aftermath of the Lizard Squad Hacks

"On Christmas Day in 2014 hackers knocked out the Xbox and PlayStation gaming networks, impacting how video game companies handled cybersecurity for years."
Video games
#vulnerability
Node JS
fromCSO Online
3 days ago

Google patches third zero-day flaw in Chrome this year

Chrome's V8 engine has a serious vulnerability that can be exploited via malicious web pages.
Google restricts bug details until most users can update to protect them.
Node JS
fromCSO Online
3 days ago

Google patches third zero-day flaw in Chrome this year

Chrome's V8 engine has a serious vulnerability that can be exploited via malicious web pages.
Google restricts bug details until most users can update to protect them.
more#vulnerability
Information security
fromHackernoon
2 months ago

Dr. Aryendra Dalal's Revolutionary SAP Security Framework Transforms Global Enterprise Standards | HackerNoon

Dr. Aryendra Dalal has developed a comprehensive SAP Security and GRC framework, impacting enterprise cybersecurity practices globally.
NYC startup
fromwww.housingwire.com
2 days ago

Goby Homes launches transaction platform, founder honored

Goby Homes aims to minimize transaction failures and cyber risks in real estate by improving communication and transparency among participants.
#drone-warfare
fromTheregister
2 days ago
Russo-Ukrainian War

Ukraine takes second strike at Russians with Tupolev hack

Ukrainian military intelligence hacked Tupolev's servers, revealing extensive secret data critical to Russian strategic aviation.
fromTheregister
3 days ago
Information security

Mikko Hypponen pivots from infosec to drones inspired by war

Mikko Hyppönen shifts focus from cybersecurity to anti-drone technology amid growing concerns over drone warfare.
Russo-Ukrainian War
fromTheregister
2 days ago

Ukraine takes second strike at Russians with Tupolev hack

Ukrainian military intelligence hacked Tupolev's servers, revealing extensive secret data critical to Russian strategic aviation.
more#drone-warfare
#ai
Artificial intelligence
fromNextgov.com
2 days ago

'I do not have confidence' that US infrastructure is cyber-secure, former NSC official says

U.S. critical infrastructure is vulnerable to cyberattacks, highlighting significant cybersecurity concerns.
fromHackernoon
10 months ago
Cryptocurrency

Pacific Island States Call for Unified Cybersecurity Protocols and Digital Sovereignty | HackerNoon

Prioritize the human aspect in cybersecurity as it remains a critical vulnerability in digital financial inclusion efforts.
Artificial intelligence
fromNextgov.com
2 days ago

'I do not have confidence' that US infrastructure is cyber-secure, former NSC official says

U.S. critical infrastructure is vulnerable to cyberattacks, highlighting significant cybersecurity concerns.
fromHackernoon
10 months ago
Cryptocurrency

Pacific Island States Call for Unified Cybersecurity Protocols and Digital Sovereignty | HackerNoon

more#ai
Information security
fromTheregister
2 days ago

Login.gov's fate in a cyberattack hinges on unproven backups

Login.gov's identity verification system lacks effective backup testing, risking data loss and service disruption during a cyberattack or system failure.
Information security
fromSecuritymagazine
3 days ago

Out of Office for Summer? Cybercriminals Are Just Getting Started

Employee vigilance drops during summer, increasing cyber risk.
Cybercriminals exploit seasonal distractions to launch attacks.
Proactive engagement can mitigate summer cyber threats.
Privacy technologies
fromZDNET
2 days ago

Qualcomm patches three exploited security flaws, but you could still be vulnerable

Qualcomm has patched three critical zero-day security vulnerabilities related to its Adreno GPU driver, indicating ongoing exploitation risks.
Privacy technologies
fromThe Hacker News
3 days ago

Your SaaS Data Isn't Safe: Why Traditional DLP Solutions Fail in the Browser Era

Legacy Data Leakage Prevention (DLP) tools are inadequate for modern SaaS environments, leading to increased risk of data leakage.
fromTearsheet
3 days ago

LATAM's Digital Payment Future w/ Mastercard's Walter Pimenta

A $448.4 billion digital payment opportunity exists across Latin America, with 43% of B2C transactions still in cash as transformation unfolds.
European startups
Digital life
fromWIRED
3 days ago

A GPS Blackout Would Shut Down the World

GPS outages would cause catastrophic disruptions in transportation, financial markets, and essential services globally.
#google
more#google
fromNextgov.com
3 days ago

Trump budget wants agencies to contribute unobligated funds to TMF

The Trump administration is not requesting new funding for the Technology Modernization Fund, but aims to facilitate alternate funding sources from other agencies.
SF politics
[ Load more ]