#cybersecurity

[ follow ]
fromTheregister
8 hours ago

Arch Linux takes a pounding as DDoS attack enters week two

Arch Linux is under a sustained DDoS attack disrupting its main website, Arch User Repository, and forums while volunteers work with hosts and evaluate protection options.
#north-korea
fromAol
10 hours ago
Information security

Coinbase CEO says he's mandating in-person orientation to combat North Korean hackers seeking remote jobs

fromAol
10 hours ago
Information security

Coinbase CEO says he's mandating in-person orientation to combat North Korean hackers seeking remote jobs

Information security
fromAol
10 hours ago

Coinbase CEO says he's mandating in-person orientation to combat North Korean hackers seeking remote jobs

North Korean IT workers have tried to exploit Coinbase's remote-first hiring to gain employment and access sensitive systems, prompting stricter in-person and citizenship security rules.
#data-breach
fromTechCrunch
4 days ago
Privacy technologies

HR giant Workday says hackers stole personal data in recent breach | TechCrunch

fromTechCrunch
4 days ago
Privacy technologies

HR giant Workday says hackers stole personal data in recent breach | TechCrunch

fromTechzine Global
2 days ago

405,000 Dutch women receive letter about data breach at laboratory

Over 405,000 cervical screening participants had personal data exposed in a Clinical Diagnostics cyber incident and will be notified to monitor for potential fraud.
Renovation
fromHomebuilding
2 days ago

Are home security cameras safe? What you need to know about the hazards

Home security cameras deter crime but pose hacking and privacy risks, requiring strong device security, careful placement, and legal compliance to protect occupants and others.
Information security
fromSecuritymagazine
2 days ago

Security Isn't Static

The Security Podcasts deliver in-depth conversations with security leaders, offering real-world stories, leadership lessons, and timely analysis on cybersecurity and physical security trends.
fromTheregister
2 days ago

Ollama bug allows drive-by attacks - patch now

A vulnerability in Ollama could lead to drive-by attacks that compromise personal computers and control AI model operations.
fromTheregister
2 days ago

Apache ActiveMQ attackers patch critical vuln after entry

After installing a backdoor to the infected systems, they then downloaded two Java Archive (JAR) files that effectively patched the original vuln.
Information security
#malware
fromZDNET
3 days ago
Information security

DripDropper Linux malware cleans up after itself - how it works

fromZDNET
3 days ago
Information security

DripDropper Linux malware cleans up after itself - how it works

Digital life
fromZDNET
3 days ago

Scammers are sneaking into Google's AI summaries to steal from you - how to spot them

Scammers exploit AI to deceive individuals seeking customer service numbers.
Information security
fromComputerWeekly.com
3 days ago

ISACA launches AI security management certification | Computer Weekly

ISACA is launching the Advanced in AI Security Management certification to address the growing security risks posed by artificial intelligence.
#pki
fromTheregister
3 days ago

Casino outfit Bragg says personal data untouched in attack

Bragg Gaming Group reported a cybersecurity incident but confirmed no customer data was compromised.
fromSecuritymagazine
3 days ago

85% of Organizations Approach Cybersecurity Reactively

85% of organizations react to cybersecurity threats after damage occurs, leaving them vulnerable.
fromTechCrunch
3 days ago

US spy chief says UK has dropped its Apple backdoor demand | TechCrunch

The U.K. has agreed to drop its mandate for Apple to provide a 'back door' that would have enabled access to the protected encrypted data of American citizens and encroached on our civil liberties, Gabbard wrote in a post on X.
Privacy professionals
#ransomware
fromDataBreaches.Net
3 days ago
Privacy professionals

When a deal is not a done deal: Nova demands higher payment from Clinical Diagnostics - DataBreaches.Net

fromDataBreaches.Net
3 days ago
Privacy professionals

When a deal is not a done deal: Nova demands higher payment from Clinical Diagnostics - DataBreaches.Net

fromTechzine Global
3 days ago

Intel data breach: employee data could be accessed via API

Intel's internal site vulnerabilities exposed data of approximately 270,000 employees due to weak security practices.
#operational-technology
fromFortune
3 days ago

Horizon3.ai taps veteran CFO as cybersecurity startup bridging military intelligence and Silicon Valley scales up

Horizon3.ai, a cybersecurity startup, appointed Holly Grey as its first CFO, bringing over 30 years of experience in public company operations and strategic finance.
Business
fromThe Hacker News
3 days ago

U.K. Government Drops Apple Encryption Backdoor Order After U.S. Civil Liberties Pushback

U.S. Director of National Intelligence Tulsi Gabbard stated that the U.K. has agreed to drop its mandate for Apple to provide a 'backdoor', ensuring the protection of Americans' civil liberties.
Privacy technologies
fromIT Pro
3 days ago

Flaw in Lenovo's customer service AI chatbot could let hackers run malicious code, breach networks

Lenovo's AI chatbot Lena has a critical security flaw that can lead to data theft and system compromises.
fromTechzine Global
3 days ago

Founder Nir Zuk leaves Palo Alto

Nir Zuk is stepping down as CTO of Palo Alto Networks after 20 years to pursue new projects.
Science
fromSecuritymagazine
3 days ago

96% of Manufacturers Plan to Invest in Cybersecurity Platforms

Cybersecurity is becoming a critical business focus in manufacturing, with 96% planning investments in cybersecurity platforms.
fromNextgov.com
4 days ago

DARPA aims for interoperability between classic and quantum communication

"Our goal is to marry the benefits of traditional and quantum networking on existing U.S. computing infrastructure and network protocols."
Science
fromThe Hacker News
4 days ago

Noodlophile Malware Campaign Expands Global Reach with Copyright Phishing Lures

The Noodlophile campaign, active for over a year, now leverages advanced spear-phishing emails posing as copyright infringement notices, tailored with reconnaissance-derived details like specific Facebook Page IDs and company ownership information.
Information security
US politics
fromFast Company
4 days ago

How satellites and orbiting weapons make space the new battlefield

Hackers supporting Russia hijacked a satellite, disrupting Ukrainian television with parade footage.
fromDataBreaches.Net
4 days ago

Microsoft's Nuance coughs up $8.5M to rid itself of MOVEit breach suit - DataBreaches.Net

Nuance has settled a class action lawsuit for $8.5 million over the MOVEit Transfer breach, admitting no liability.
fromHackernoon
7 months ago

Meet EC-Council: HackerNoon Company of the Week | HackerNoon

EC-Council's CEH v13 is an ethical hacking course that teaches you everything you need to know to get started and to grow as a cybersecurity expert.
Business
fromFortune
4 days ago

'This is the Cuban Missile Crisis in space': Russia is building a space nuke that could wipe out every satellite in orbit, U.S. warns

Cyber warfare now extends to outer space, demonstrated by Russian hackers disrupting satellite communications to intimidate Ukraine.
fromThe Hacker News
4 days ago

Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks

The termncolor package and its malicious dependency colorinal highlight the increasing sophistication of attacks targeting software repositories, enabling attackers to achieve remote code execution and system persistence.
Information security
Information security
fromSecurityWeek
1 week ago

Vulnerabilities in Xerox Print Orchestration Product Allow Remote Code Execution

Xerox patched two serious vulnerabilities in FreeFlow Core that allow remote attackers to execute arbitrary code.
fromThe Hacker News
4 days ago

Wazuh for Regulatory Compliance

Organizations must comply with regulatory standards to safeguard sensitive data. Effective compliance prevents cybersecurity threats, protects business processes, and reduces financial risks.
Privacy professionals
fromTechRadar
4 days ago

When the insider Is the adversary: North Korea's remote work espionage campaign

The campaign is one of the most aggressive, large-scale examples of an insider threat, where individuals abuse authorized access to cause harm.
Privacy professionals
fromTheregister
4 days ago

Boffins release 5G traffic sniffing tool

Sni5Gect is a framework that sniffs messages from pre-authentication 5G communication in real-time and injects targeted attack payload in downlink communication towards the UE.
Information security
#phishing
fromIT Pro
4 days ago
Privacy professionals

Malicious URLs overtake email attachments as the biggest malware threat

fromIT Pro
4 days ago
Privacy professionals

Malicious URLs overtake email attachments as the biggest malware threat

fromTechzine Global
4 days ago

Workday also appears to have been hit by Salesforce attack

Workday confirmed a breach of its external CRM environment through social engineering, with potential risks for follow-up attacks.
fromTechzine Global
4 days ago

NIS2 is intended to make organizations more secure, but will it succeed?

Many EU countries have not converted the NIS2 Directive into national law by the October 2024 deadline.
fromwww.bbc.com
4 days ago

Should Europe wean itself off US tech?

"Critical data would become inaccessible, websites would go dark, and essential state services like hospital IT systems would be thrown into chaos," says Robin Berjon, a digital governance specialist who advises EU policymakers.
Digital life
fromFortune
5 days ago

Former FBI cyber leader: The cybersecurity law that's quietly keeping America safe is about to expire

The Cybersecurity Information Sharing Act of 2015 (CISA 2015) has quietly become the backbone of our nation's cyber defense. Without creating any additional regulations, it enabled the rapid sharing of threat intelligence between government and businesses that has prevented countless cyber attacks over the past decade. Its potential sunset threatens to unleash a wave of cyberattacks that will devastate the small and medium-sized businesses (SMBs) that form a foundational part of our economy.
US politics
Privacy technologies
fromEntrepreneur
5 days ago

Stay One Step Ahead of Cyber Threats for Five Years for $35 | Entrepreneur

AdGuard VPN offers a five-year subscription for $34.97, providing enterprise-level privacy and security for your business data.
fromwww.theguardian.com
6 days ago

Israeli government official arrested in Nevada in internet crimes against children sting

An Israeli cybersecurity official, Tom Artiom Alexandrovich, was arrested in Las Vegas during an undercover child predator sting operation.
fromWIRED
6 days ago

Russia Is Cracking Down on End-to-End Encrypted Calls

Dozens of data brokers are hiding their opt-out tools from Google Search, making it challenging for individuals to find and remove their personal data.
Privacy professionals
fromwww.mediaite.com
6 days ago

Israeli Official Arrested in Nevada Child Sex Operation Is Released and Back in Israel

A cybersecurity official from Israel was arrested for child sex predator charges in an undercover operation in Nevada.
#apt
fromTechCrunch
6 days ago

How your solar rooftop became a national security issue | TechCrunch

Security vulnerabilities in solar inverters pose risks of data interception and system control for users.
#cisco
fromZDNET
1 week ago
Information security

Cisco patches critical security hole in Firewall Management Center - act now

fromZDNET
1 week ago
Information security

Cisco patches critical security hole in Firewall Management Center - act now

fromComputerWeekly.com
1 week ago

UK cyber leaders feel impact of Trump cutbacks | Computer Weekly

The UK cyber security sector is reacting to US government cuts, as 79% of UK respondents feel uneasy about US cyber security instability and its effect on their partnerships.
Privacy professionals
fromThe Cipher Brief
1 week ago

Expert Q&A: Undersea Cables Under Attack, from Outside and Within

Undersea cables are vital for communications and security, susceptible to sabotage and requiring enhanced protection measures.
fromNextgov.com
1 week ago

Cut costs and boost efficiency with proper IT asset management

Improved federal IT portfolio management could save over $100 billion by reducing duplicative IT investments.
fromwww.fourfourtwo.com
1 week ago

Football on a Fire Stick How to stream games safely from anywhere with a VPN

The Amazon Fire TV Stick provides access to football streaming but also poses legal and cybersecurity risks due to misuse.
fromIT Pro
1 week ago

Using DeepSeek at work is like 'printing out and handing over your confidential information'

DeepSeek poses serious risks to sensitive data, potentially exposing it to Chinese authorities.
fromIT Pro
1 week ago

Can cyber group takedowns last?

"What you mentioned around, you know, data being leaked, that's vital intelligence for law enforcement, for threat researchers, and that's the big takeaway from a lot of these takedowns, I guess. In the wake of that, you're seizing domains, you're seizing servers, you're getting really valuable information on how these organizations work."
Privacy professionals
Privacy professionals
fromIT Pro
1 week ago

Warning issued as new Pakistan-based malware group hits millions globally

A Pakistan-based malware syndicate is conducting infostealer attacks worldwide, utilizing sophisticated techniques to evade detection.
fromTheregister
1 week ago

Dutch prosecution service attack keeps speed cameras offline

The lingering effects of a cyberattack on the Public Prosecution Service of the Netherlands are preventing it from reactivating speed cameras across the country.
Privacy professionals
fromChannelPro
1 week ago

LevelBlue and Akamai are teaming up to launch a managed web application and API protection service

LevelBlue partners with Akamai to launch Managed Web Application and API Protection (WAAP) services aimed at simplifying and enhancing web and API security.
Tech industry
fromHackernoon
1 year ago

Trending Tech in 2025: What's Real (Context Aware AI), What's Hype (Self Driving Cars) & What's Next | HackerNoon

By 2025, multiple technologies, including AI and quantum computing, will mature significantly, impacting various industries while differentiating between real advancements and hype.
fromFortune
1 week ago

This cybersecurity company's AI hacker can locate files on Nimitz-class aircraft carriers 'in less than five minutes'

The defense industry has increasingly served as a template for identifying threats and protecting assets in the private sector.
Privacy professionals
fromABC7 Los Angeles
1 week ago

Woman hands over $17,500 to alleged scammer who showed up at her NC home: 'You have to get cash'

Every morning I wake up and I'm like, I just want this nightmare to go away.
Privacy technologies
fromForbes
1 week ago

Why Constant Evolution Is The Answer To Cybercrime

Seemantini Godbole brings extensive technology leadership experience to Lowe's, focusing on digital innovation and cybersecurity.
fromMedium
3 weeks ago

DLP vs. EDR: A Technical Deep Dive Beyond the Acronyms

Data Loss Prevention (DLP) focuses on identifying and protecting sensitive data from unauthorized access or loss, while Endpoint Detection and Response (EDR) concentrates on detecting, investigating, and responding to security incidents at endpoint devices.
Information security
fromTheregister
1 week ago

Psst: wanna buy a legit FBI email account for $40?

These active accounts have been compromised, allowing criminals to pose as government officials and cops to pursue further crimes, researchers indicated.
Privacy professionals
fromTechCrunch
1 week ago

Norway spy chief blames Russian hackers for hijacking dam | TechCrunch

Russian hackers briefly took control of a Norwegian dam, releasing millions of gallons of water before the attack was halted.
[ Load more ]