Alien versus Predator? No, this Android spyware works together
Phone-hugging code can record calls, read messages, track geolocation, access camera, other snooping
Research27 May 2023 |
Security
US govt pushes spyware to other countries? Senator Wyden would like a word
Uncle Sam confirms it's saying nothing
Security26 May 2023 | 2
BlackByte ransomware crew lists city of Augusta after cyber 'incident'
Mayor promises to comment on Friday
Cyber-crime26 May 2023 | 2
It's 2023 and Sri Lanka doesn't have a cyber security authority
All should change this year as the country passes its Cyber Security Bill
Security26 May 2023 | 1
Spotted: Suspected Russian malware designed to disrupt Euro, Asia energy grids
For simulation or for real, we don't like the vibes from this CosmicEnergy
Research25 May 2023 | 6
So the FBI 'persistently' abused its snoop powers. What's to worry about?
Register Kettle When is warrantless surveillance warranted?
Security25 May 2023 |
Facial recog system used by Met Police shows racial bias at low thresholds
Tech used at King's Coronation employs higher thresholds on once-only watch-lists, Met tells MPs
Security25 May 2023 | 18
Five Eyes and Microsoft accuse China of attacking US infrastructure again
Defeating Volt Typhoon will be hard, because the attacks look like legit Windows admin activity
Cyber-crime25 May 2023 | 9
This legit Android app turned into mic-snooping malware – and Google missed it
File-stealing nasty in my Play store? Preposterous!!1
Cyber-crime24 May 2023 | 18
Philly Inquirer says Cuba ransomware gang's data leak claims are fake news
Now that's a Rocky relationship
Cyber-crime24 May 2023 |
IT security analyst admits hijacking cyber attack to pocket ransom payments
Ashley Liles altered blackmail emails in bid to make off with £300,000 in Bitcoin
Cyber-crime24 May 2023 | 20
US bans North Korean outsourcer and its feisty freelancers
They do your work – usually from Russia and China – then send their wages home to pay for missiles
Cyber-crime24 May 2023 | 3
Apria Healthcare says potentially 2M people caught up in IT security breach
Took two years to tell us 'small number of emails' accessed
Cyber-crime23 May 2023 | 4
Dish confirms 300,000 people's data was exposed in February's attack
But don't worry – we know it was deleted. Hmm. How would you know that?
Cyber-crime23 May 2023 | 4
TikTok to let Oracle view source code, algorithm, and content moderation
It's all in the name of national security as Trump-era collab continues in Project Texas
Security23 May 2023 | 10
Ads for lucrative jobs in Asia fail to mention chance of slavery as crypto-scammer
FBI warns jobseekers to be very skeptical of working holidays in Cambodia
Cyber-crime23 May 2023 | 15
China hasn't told Micron why it failed security review, or what its ban means
US memory-maker forecasts single-digit revenue impact, and ongoing gloom in PC and smartmobe markets
Security23 May 2023 | 6
Uncle Sam strangles criminals' cashflow by reining in money mules
Tech support scammer among those targeted by recent crackdowns
Cyber-crime23 May 2023 | 6
Google settles location tracking lawsuit for only $39.9M
in brief Also, more OEM Android malware, Google's bug reports (mostly) ditch CVEs, and this week's critical vulns
Security22 May 2023 | 7
More UK councils caught by Capita's open AWS bucket blunder
As for March megabreach? M&S and Guinness maker Diageo warn pension members about data risks
Cyber-crime22 May 2023 | 33
Popular
Windows XP activation algorithm cracked, keygen now works on Linux
The unkillable OS rises from the grave… Again
Intel mulls cutting ties to 16 and 32-bit support
Hypothetical x86S architecture would boot straight into 64-bit mode
Europe’s biggest city council faces £100M bill in Oracle ERP project disaster
Doubts over Birmingham’s decision to replace SAP in plan once hailed an exemplar win by Larry Ellison
PyPI subpoenaed: US govt demands data on developers
Python package packhouse ponders privacy position
That old box of tech junk you should probably throw out saves a warehouse
On Call When all seemed lost, here comes the Sun … workstation
Facial recog system used by Met Police shows racial bias at low thresholds
Tech used at King's Coronation employs higher thresholds on once-only watch-lists, Met tells MPs
Microsoft has made Azure Linux generally available. Repeat, Azure Linux
Come for the Kubernetes, stay for the containers
Fahrenheit to take over Celsius
0°C×9/5+32 = how much money to thaw frozen crypto accounts?
BlackByte ransomware crew lists city of Augusta after cyber 'incident'
Mayor promises to comment on Friday
BOFH: Get me a new data file or your manager finds out exactly what you think of him
Episode 10 A developer in sales? You poor, poor creature
STORIES
Fighting the five
Hear SANS cyber security experts share advice on how to defend your organization against the latest threats
Sponsored Post
Rigorous dev courageously lied about exec's NSFW printouts – and survived long enough to quit with dignity
Who, Me? Log files don't lie and in this case one nasty incident spoke to a far deeper malaise
Security22 May 2023 | 82
Teen in court after '$600K swiped from DraftKings gamblers'
Bet he didn't expect these computer hacking charges
Cyber-crime19 May 2023 | 17
Russian IT guy sent to labor camp for DDoSing Kremlin websites
Pro-Ukraine techie gets hard time
Cyber-crime19 May 2023 | 25
UK's GDPR replacement could wipe out oversight of live facial recognition
Question not whether UK police should use facial recog, but how, says surveillance chief
Security19 May 2023 | 101
Apple warns of three WebKit vulns under active exploitation, dozens more CVEs across its range
High school student and Amnesty International named among bug-finders
Security19 May 2023 | 13
Cisco squashes critical bugs in small biz switches
You'll want to patch these as proof-of-concept exploit code is out there already
Patches18 May 2023 |
Microsoft decides it will be the one to choose which secure login method you use
Certificate-based authentication comes first and phones last
CSO18 May 2023 | 55
Six million patients' data feared stolen from PharMerica
Cue the inevitable class action lawsuit
Cyber-crime18 May 2023 | 5
'Strictly limit' remote desktop – unless you like catching BianLian ransomware
Do it or don't. We're not cops. But the FBI are, and they have this to say
CSO17 May 2023 | 32
Another security calamity for Capita: An unsecured AWS bucket
Colchester City Council says it and others caught up in new incident, reckons benefits data of local citizens exposed
Security17 May 2023 | 31
Don't panic. Google offering scary .zip and .mov domains is not the end of the world
Comment Did we forget about .pl, .sh and oh yeah, .com ?
CSO17 May 2023 | 80
Upstart encryption app walks back privacy claims, pulls from stores after probe
Try not leaving a database full of user info, chats, keys exposed, eh?
Research17 May 2023 | 40
Ransomware-as-a-service groups rain money on their affiliates
Qilin gang crims can earn up to 85 percent of extortion cash, or jail
Cyber-crime17 May 2023 | 4
Feds offer $10m reward for info on alleged Russian ransomware crim
Infecting cops' computers is one way to put a target on your back
Cyber-crime17 May 2023 | 1
US Dept of Transport security breach exposes info on a quarter-million people
Not the first time Uncle Sam has had the wheels come off its IT systems
Security16 May 2023 | 4
Compliance automation to confound cyber criminals
How you can streamline the auditing process while improving compliance and security
Sponsored Post
Cops crack gang that used bots to book and resell immigration appointments
Keeping files that mention 'robot rental' may not have been the best way to cover their tracks
Cyber-crime16 May 2023 | 24
FTC sues VoIP provider over 'billions of illegal robocalls'
XCast knew it was breaking the law and didn't hold back, watchdog says
Cyber-crime16 May 2023 | 39
Intel says Friday's mystery 'security update' microcode isn't really a security update
We're all for encouraging people to squash bugs but this is an odd way to do it
Patches15 May 2023 | 5
Extra! Extra! Don’t quite read all about it: Cyber attack hits Philadelphia Inquirer
Breaking news, literally
Cyber-crime15 May 2023 |
Some potential: How bad software updates could over-volt, brick remote servers
Video PMFault – from the eggheads who brought you Plundervolt and Voltpillager
Cyber-crime15 May 2023 | 3
No more macros? No problem, say miscreants, we'll adapt
Microsoft blocking 'net scripts sparked 'monumental shift' in attacks
CSO15 May 2023 | 10
An important system on project [REDACTED] was all [REDACTED] up
Who Me? Luckily, [REDACTED] was there to save the day
Security15 May 2023 | 45
Ransomware corrupts data, so backups can be faster and cheaper than paying up
Smash and grab raids don’t leave time for careful encryption
Cyber-crime15 May 2023 | 31
Arm acknowledges side-channel attack but denies Cortex-M is crocked
Black Hat Asia Spectre-esque exploit figures out when interesting info might be in memory
Security15 May 2023 | 7
Toyota's bungling of customer privacy is becoming a pattern
in brief Also: 3D printing gun mods = jail time; France fines Clearview AI for ignoring fine; this week's critical vulns, and more
Security15 May 2023 | 33
'Top three Balkans drug kingpins' arrested after cops crack their Sky ECC chats
Maybe try carrier pigeons instead
Cyber-crime13 May 2023 | 27
Why Microsoft just patched a patch that squashed an under-attack Outlook bug
Let's take a quick dive into Windows API
Patches12 May 2023 | 44
Ex-Ubiquiti dev jailed for 6 years after stealing internal corp data, extorting bosses
Momentary lapse in VPN led to stretch in the cooler, $1.6m bill
Cyber-crime12 May 2023 | 8
Britain's largest private pension scheme reveals scale of Capita break-in
USS says burgled biz reckons data on 470,000 'active, deferred and retired' members may have been accessed
Cyber-crime12 May 2023 | 37
Activists gatecrash Capita's AGM to protest GPS tracking contract
Outsourcer asked to take 'principled stance'
Security12 May 2023 | 23
UK cops score legal win in EncroChat snooping op
But tribunal punts on whether data was intercepted in transit
Cyber-crime12 May 2023 | 11
India to send official whassup to WhatsApp after massive spamstorm
In a weird way, we can blame this on AI being a better bet than blockchain
Security12 May 2023 | 4
Let white-hat hackers stick a probe in those voting machines, say senators
HAVA go at breaking electronic ballot box security
Research11 May 2023 | 47
Millions of mobile phones come pre-infected with malware, say researchers
Black Hat Asia The threat is coming from inside the supply chain
Cyber-crime11 May 2023 | 49
ENISA leans into EU-based clouds with draft cybersecurity label
Time for AWS and pals to start thinking about JVs?
Security11 May 2023 | 8
Sonatype axes 14 percent of staff, reminds them not to talk to the press
Exclusive Workers slam 'horrendous' handling of layoffs that left even 'engineering managers in the dark'
CSO10 May 2023 | 41
Twitter adds new DM features, and Musk claims encryption is here, starting today
Updated We'll believe our DMs are secure when someone provides proof, thanks
Security10 May 2023 | 18
23-year-old Brit linked to 2020 Twitter attack and SIM-swap scheme pleads guilty
Admits to cyberstalking, wire fraud charges as Feds take $700k off him
Cyber-crime10 May 2023 | 12
Capita looking at a bill of £20M over breach clean-up costs
Analyst says expense 'no small drop in ocean' but reputational damage could be 'far greater'
Cyber-crime10 May 2023 | 9
Japan's ubiquitous convenience stores now serving up privacy breaches
Fujitsu in the frame for foul up with government document dispersal app
Security10 May 2023 | 10
Two Microsoft Windows bugs under attack, one in Secure Boot with a manual fix
Patch Tuesday On the plus side, this month's update batch is a bit smaller than usual
Patches09 May 2023 | 20
FBI-led Op Medusa slays NATO-bothering Russian military malware network
Perseus to the rescue as Snake eats itself
Cyber-crime09 May 2023 | 9
Microsoft disarms push notification bombers with number matching in Authenticator
Mandatory measure against attackers who spam MFA folks into submission
Security09 May 2023 | 18
EU proposes spyware Tech Lab to keep Big Brother governments in check
Potential roles for IT pros and lawyers, European city location included
Security09 May 2023 | 7
Beijing raids consultancy, State-sponsored media warns more to come
Retaliation or national security?
Security09 May 2023 | 7
FYI: Intel BootGuard OEM private keys leak from MSI cyber heist
Updated Plus: Court-ordered domain seizures of DDoS-for-hire sites
Cyber-crime09 May 2023 | 13
Western Digital: Customer info stolen in that IT attack
Hard times for buyers of these hard drives
Cyber-crime08 May 2023 | 8
WordPress plugin hole puts '2 million websites' at risk
XSS marks the spot
Patches08 May 2023 | 17
Twitter admits 'security incident' made private Circles not so much
Perhaps one of the thousands of people laid off from the biz could have fixed it, just a thought
Security08 May 2023 | 5
Modern Auth comes to on-prem Exchange Server gear
Guess this'll have to do while we wait for *checks notes* ES 2025
CSO08 May 2023 | 2
T-Mobile US suffers second data theft within months
in brief Also, Capita's buckets are leaking, ransomware attackers deliver demands via emergency alert, and this week's critical vulns
Security08 May 2023 | 6
DEF CON to set thousands of hackers loose on LLMs
Can't wait to see how these AI models hold up against a weekend of red-teaming by infosec's village people
Research06 May 2023 | 27
Dump these insecure phone adapters because we're not fixing them, says Cisco
Security hole ranks 9.8 out of 10 in severity, 0 out of 10 in patch availability
CSO05 May 2023 | 90
A right Royal pain in the Dallas: City IT systems crippled by ransomware
Texas officials preach limited government ... but not this limited
Cyber-crime05 May 2023 | 21
Capita admits some pension data 'likely' to have been accessed in March breach
Weeks after outsourcer admits 'cyber incident' more warnings issued
Cyber-crime05 May 2023 | 23
Users complain over UK state-owned bank's services as Atos eyes the exit
Updated National Savings & Investment contracting for massive tech deals as customers complain of 2FA failure
Security05 May 2023 | 44
China labels USA 'Empire of hacking' based on old Wikileaks dumps
Pot, meet kettle, both containing weak sauce
Security05 May 2023 | 38
Ex-Uber CSO gets probation for covering up theft of data on millions of people
Exec begged judge for leniency – and it worked
Cyber-crime04 May 2023 | 18
Strike three: FTC says Meta still failing to protect user privacy
Deals between Zuckercorp + FTC in 2012 and 2020 are being ignored, so time to get stricter, says commish
Security04 May 2023 | 21
Go ahead, forget that password. Use a passkey instead, says Google
'But they're gonna take my thumbs' hits different in 2023
Security04 May 2023 | 50
Meta does the 'We found baddies and crushed them' thing again – this time for AI
Who would have thought crims would try using Facebook to fool people?
Security03 May 2023 | 1
Insurers can't use 'act of war' excuse to avoid Merck's $1.4B NotPetya payout
'The get-out-of-jail-free card option has been removed' as one expert put it
CSO03 May 2023 | 37
Chrome's HTTPS padlock heads to Google Graveyard
Logowatch As blue check marks start showing up in Gmail
Security03 May 2023 | 40
The importance of being certified
New GIAC Security Professional and revamped GIAC Security Expert qualifications offer increased choice and flexibility for cybersecurity pros
Sponsored Post
Apple pushes first-ever 'rapid' patch – and rapidly screws up
Maybe you're just installing it wrong?
Patches02 May 2023 | 43
Mirai botnet loves exploiting your unpatched TP-Link routers, CISA warns
Oracle and Apache holes also on Uncle Sam's list of big bad abused bugs
Patches02 May 2023 | 1
Apple, Google propose anti-stalking spec for Bluetooth tracker tags
We moved fast and broke things, people got harassed and murdered, so let's revisit privacy
Security02 May 2023 | 30
288 arrested in multinational Monopoly Market takedown
US tells criminals it 'will find you' and has a particular set of skills
Cyber-crime02 May 2023 | 16
Data loss costs are going up – and not just for those who choose to pay thieves
Ransoms, investigations, and breach-related lawsuits are hitting companies in the wallet, law firm says
Cyber-crime02 May 2023 | 6
Russia's APT28 targets Ukraine government with bogus Windows updates
Nasty emails designed to infect systems with info-stealing malware
Cyber-crime02 May 2023 | 4
Feds rethink warrantless search stats and – oh look, a huge drop in numbers
119,000 instances of homeland snooping as the power to do so comes under review
Security02 May 2023 | 20
IT giant Bitmarck shuts down customer, internal systems after cyberattack
Patient data 'was and is never endangered', says medical tech slinger
Cyber-crime01 May 2023 | 6
Centralized secrets management picks up pace
How cloud migration and machine identities are fueling enterprise demand for secrets management systems
Sponsored Feature
Google adds account sync for Authenticator, without E2EE
in brief Also: Your Salesforce Community site might be leaking; a new CPU side-channel; and this week's critical vunls
Security01 May 2023 | 7
Your security failure was so bad we have to close the company … NOT!
Who, Me? There are pranks, and savage pranks, and this prank when the CTO and HR ganged up on a very stressed techie
Security01 May 2023 | 47
China has 50 hackers for every FBI cyber agent, says Bureau boss
Combatting it is going to take more money. Lots of more money.
Cyber-crime01 May 2023 | 27
Online Safety Bill age checks? We won't do 'em, says Wikipedia
World's encyclopedia warns draft law could boot it offline in UK
Security28 Apr 2023 | 89
Google sues CryptBot slingers, gets court order to shut down malware domains
Hands off those Chrome users, they're ours!
Cyber-crime27 Apr 2023 | 7
Biting the hand that feeds IT
