Subscribe

Security

  1. Roku forcing 2-factor authentication after 2 breaches of 600K accounts

    Accounts with stored payment information went for as little as $0.50 each.

  2. LastPass users targeted in phishing attacks good enough to trick even the savvy

    Campaign used email, SMS, and voice calls to trick targets into divulging master passwords.

  3. All the pieces are in place for the first crew flight of Boeing’s Starliner

    “This is a test flight, and a complicated one at that."

  4. Kremlin-backed actors spread disinformation ahead of US elections

    To a lesser extent, China and Iran also peddle disinfo in hopes of influencing voters.

  5. Billions of public Discord messages may be sold through a scraping service

    Cross-server tracking suggests a new understanding of "public" chat servers.

  6. Attackers are pummeling networks around the world with millions of login attempts

    Attacks coming from nearly 4,000 IP addresses take aim at VPNs, SSH and web apps.

  7. Alleged cryptojacking scheme consumed $3.5M of stolen computing to make just $1M

    Indictment says man tricked cloud providers into giving him services he never paid for.

  8. Change Healthcare faces another ransomware threat—and it looks credible

    Hackers already received a $22 million payment. Now a second group demands money.

  9. “Highly capable” hackers root corporate networks by exploiting firewall 0-day

    No patch yet for unauthenticated code-execution bug in Palo Alto Networks firewall.

  10. Hackable Intel and Lenovo hardware that went undetected for 5 years won’t ever be fixed

    Multiple links in the supply chain failed for years to identify an unfixed vulnerability.

  11. AT&T: Data breach affects 73 million or 51 million customers. No, we won’t explain.

    When the data was published in 2021, the company said it didn't belong to its customers.

  12. Thousands of LG TVs are vulnerable to takeover—here’s how to ensure yours isn’t one

    LG patches four vulnerabilities that allow malicious hackers to commandeer TVs.

  1. Critical takeover vulnerabilities in 92,000 D-Link devices under active exploitation

    D-Link won't be patching vulnerable NAS devices because they're no longer supported.

  2. Ivanti CEO pledges to “fundamentally transform” its hard-hit security model

    Part of the reset involves AI-powered documentation search and call routing.

  3. How will astronauts cruise around the Moon? NASA narrows choice to three options

    "I know we’re asking a lot of these companies."

  4. How to hack the Jacksonville Jaguars’ jumbotron (and end up in jail for 220 years)

    The story that just keeps getting worse.

  5. Microsoft blamed for “a cascade of security failures” in Exchange breach report

    Summer 2023 intrusion pinned to corporate culture, "avoidable errors."

  6. Missouri county declares state of emergency amid suspected ransomware attack

    Outage occurs on same day as special election, but election offices remain open.

  7. AT&T acknowledges data leak that hit 73 million current and former users

    Data leak hit 7.6 million current AT&T users, 65.4 million former subscribers.

  8. What we know about the xz Utils backdoor that almost infected the world

    Malicious updates made to a ubiquitous tool were a few weeks away from going mainstream.

  9. Backdoor found in widely used Linux utility targets encrypted SSH connections

    Malicious code planted in xz Utils has been circulating for more than a month.

  10. PyPI halted new users and projects while it fended off supply-chain attack

    Automation is making attacks on open source code repositories harder to fight.

  11. Thousands of servers hacked in ongoing attack targeting Ray AI framework

    Researchers say it's the first known in-the-wild attack targeting AI workloads.

  12. “MFA Fatigue” attack targets iPhone owners with endless password reset prompts

    Rapid-fire prompts sometimes followed with spoofed calls from "Apple support."

  1. Thousands of phones and routers swept into proxy service, unbeknownst to users

    Two new reports show criminals may be using your device to cover their online tracks.

  2. Justice Department indicts 7 accused in 14-year hack campaign by Chinese gov

    Hacks allegedly targeted US officials and politicians, their spouses and dozens of companies.

  3. Hackers can unlock over 3 million hotel doors in seconds

    Saflok has a fix for the vulnerability, but patching may take a long time.

  4. Never-before-seen data wiper may have been used by Russia against Ukraine

    AcidRain, discovered in 2022, is tied to AcidPour. Both are attributed to Russia.

  5. Unpatchable vulnerability in Apple chip leaks secret encryption keys

    Fixing newly discovered side channel will likely take a major toll on performance.

  6. “Disabling cyberattacks” are hitting critical US water systems, White House warns

    Biden administration rallies nation's governors to secure their facilities.

  7. Fujitsu says it found malware on its corporate network, warns of possible data breach

    Company apologizes for the presence of malware on company computers.

  8. ASCII art elicits harmful responses from 5 major AI chatbots

    LLMs are trained to block harmful responses. Old-school images can override those rules.

  9. Member of LockBit ransomware group sentenced to 4 years in prison

    33-year-old Canadian-Russian national pleaded guilty last month.

  10. Hackers can read private AI-assistant chats even though they’re encrypted

    All non-Google chat GPTs affected by side channel that leaks responses sent to users.

  11. Never-before-seen Linux malware gets installed using 1-day exploits

    Discovery means that NerbianRAT is cross-platform used by for-profit threat group.

  12. Microsoft says Kremlin-backed hackers accessed its source and internal systems

    Midnight Blizzard is now using stolen secrets in follow-on attacks against customers.

Load more stories...