Wallbleed vulnerability unearths secrets of China's Great Firewall 125 bytes at a time
Boffins poked around inside censorship engines – here's what they found
Networks27 Feb 2025 | 39
Data Breach
Rather than add a backdoor, Apple decides to kill iCloud encryption for UK peeps
Infosec in brief Plus: SEC launches new crypto crime unit; Phishing toolkit upgraded; and more
Security24 Feb 2025 | 86
Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps
Infosec In Brief PLUS: DOGE web design disappoints; FBI stops crypto scams; Zacks attacked again; and more!
Security17 Feb 2025 | 12
2 charged over alleged New IRA terrorism activity linked to cops' spilled data
Officer says mistakenly published police details were shared 'a considerable amount of times'
Security14 Feb 2025 | 21
Have I Been Pwned likely to ban resellers from buying subs, citing 'sh*tty behavior' and onerous support requests
'What are customers actually getting from resellers other than massive price markups?' asks Troy Hunt
Channel13 Feb 2025 | 33
DeepSeek's iOS app is a security nightmare, and that's before you consider its TikTok links
Infosec In Brief PLUS: Spanish cops think they've bagged NATO hacker; HPE warns staff of data breach; Lazy Facebook phishing, and more!
Security10 Feb 2025 | 23
BROADER TOPICS
Grubhub serves up security incident with a side of needing to change your password
Contact info and partial payment details may be compromised
Cyber-crime04 Feb 2025 |
Medical monitoring machines spotted stealing patient data, users warned to pull the plug ASAP
Infosec in brief PLUS: MGM settles breach suits; AWS doesn't trust you with security defaults; A new .NET backdoor; and more
Security03 Feb 2025 | 9
CDNs: Great for speeding up the internet, bad for location privacy
Infosec in brief Also, Subaru web portal spills user deets, Tornado Cash sanctions overturned, a Stark ransomware attack, and more
Security27 Jan 2025 | 5
Datacus extractus: Harry Potter publisher breached without resorting to magic
Infosec in brief PLUS: Allstate sued for allegedly tracking drivers; Dutch DDoS; More fake jobs from Pyongyang; and more
Security20 Jan 2025 | 7
Infoseccer: Private security biz let guard down, exposed 120K+ files
Assist Security’s client list includes fashion icons, critical infrastructure orgs
Security16 Jan 2025 | 14
GoDaddy slapped with wet lettuce for years of lax security and 'several major breaches'
Watchdog alleged it had no SIEM or MFA, orders rapid adoption of basic infosec tools
CSO15 Jan 2025 | 13
Europe coughs up €400 to punter after breaking its own GDPR data protection rules
Infosec in brief PLUS: Data broker leak reveals extent of info trading; Hot new ransomware gang might be all AI, no bark; and more
Security13 Jan 2025 | 15
Turbulence at UN aviation agency as probe into potential data theft begins
Crime forum-dweller claims to have leaked 42,000 documents packed with personal info
Cyber-crime07 Jan 2025 |
Telemetry data from 800K VW Group EVs exposed online
Infosec in Brief PLUS: DoJ bans data sale to enemy nations; Do Kwon extradited to US; Tenable CEO passes away; and more
Security06 Jan 2025 | 45
Ireland fines Meta for 2018 'View As' breach that exposed 30M accounts
€251 million? Zuck can find that in his couch cushions, but Meta still vows to appeal
Security17 Dec 2024 | 13
Deloitte says cyberattack on Rhode Island benefits portal carries 'major security threat'
Personal and financial data probably stolen
Cyber-crime16 Dec 2024 | 2
RansomHub claims to net data hat-trick against Bologna FC
Crooks say they have stolen sensitive files on managers and players
Cyber-crime30 Nov 2024 | 2
Ransom gang claims attack on NHS Alder Hey Children's Hospital
Second alleged intrusion on English NHS org systems this week
Cyber-crime29 Nov 2024 | 21
Helpline for Yakuza victims fears it leaked their personal info
Organized crime types tend not to be kind to those who go against them, so this is nasty
Security22 Nov 2024 | 21
Keyboard robbers steal 171K customers' data from AnnieMac mortgage house
Names and social security numbers of folks looking for the biggest loan of their lives exposed
Cyber-crime15 Nov 2024 | 6
Cybercriminal devoid of boundaries gets 10-year prison sentence
Serial extortionist of medical facilities stooped to cavernous lows in search of small payouts
Cyber-crime14 Nov 2024 | 6
Kids' shoemaker Start-Rite trips over security again, spilling customer card info
Updated Full details exposed, putting shoppers at serious risk of fraud
Cyber-crime14 Nov 2024 | 14
Amazon confirms employee data exposed in leak linked to MOVEit vulnerability
Over 5 million records from 25 organizations posted to black hat forum
Cyber-crime12 Nov 2024 | 2
FBI issues warning as crooks ramp up emergency data request scams
Just because it's .gov doesn't mean that email is trustworthy
Cyber-crime11 Nov 2024 | 12
Cyberattackers stole Microlise staff data following DHL, Serco disruption
Experts say incident has 'all the hallmarks of ransomware'
Cyber-crime06 Nov 2024 | 5
Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack
Victims were placed in serious danger following highly sensitive data dump
Cyber-crime04 Nov 2024 | 5
Healthcare Services Group discloses 'cybersecurity incident' in SEC filing
Laundry and dining provider still investigating cause and scope
Cybersecurity Month18 Oct 2024 | 5
Troubled US insurance giant hit by extortion after data leak
Globe Life claims blackmailers shared stolen into with short sellers
Security17 Oct 2024 |
Brazilian police claim they've cuffed serial cybercrook behind FBI and Airbus attacks
Early stage opsec failures lead to landmark arrest of suspected serial data thief
Cybersecurity Month17 Oct 2024 | 3
US contractor pays $300K to settle accusation it didn't properly look after Medicare users' data
Resolves allegations it improperly stored screenshots containing PII that were later snaffled
Cybersecurity Month16 Oct 2024 | 7
US healthcare org admits up to 400,000 people's personal info was snatched
It waited till just before Columbus Day weekend to make mandated filing, but don't worry, we saw it
Cybersecurity Month14 Oct 2024 | 3
Healthcare attacks spread beyond US – just ask India's Star Health
Updated Acknowledges bulk customer data leak weeks after Telegram channels dangled it online
Cyber-crime11 Oct 2024 | 1
Internet Archive user info stolen in cyberattack, succumbs to DDoS
31M folks' usernames, email addresses, salted-encrypted passwords now out there
Cybersecurity Month10 Oct 2024 | 22
About a quarter million Comcast subscribers had their data stolen from debt collector
Cable giant says ransomware involved, FBCS keeps schtum
Cybersecurity Month04 Oct 2024 | 6
Sensitive data on 61K+ patients accessed in Alabama hospital cyberattack
Intruder pored over medical records, insurance details, Social Security numbers in some cases
Cybersecurity Month03 Oct 2024 |
Northern Ireland cops whose info was leaked in 2023 may get £240M+ damages
Officers put in danger when republican dissidents grabbed hold of their names and details
Legal25 Sep 2024 | 2
Apple's latest macOS release is breaking security software, network connections
Infosec In Brief PLUS: Payer of $75M ransom reportedly identified; Craigslist founder becomes security philanthropist, and more
Security23 Sep 2024 | 22
Cybercrooks strut away with haute couture Harvey Nichols data
Nothing high-end about the sparsely detailed, poorly publicized breach
Cyber-crime20 Sep 2024 | 10
Thousands of orgs at risk of knowledge base data leaks via ServiceNow misconfigurations
Updated Better check your widgets, people
Research19 Sep 2024 | 7
Rhysida ransomware gang ships off Port of Seattle data for $6M
Auction acts as payback after authority publicly refuses to pay up
Cyber-crime17 Sep 2024 | 2
Down and out: Aegon's pension pothole and TfL's mystery 'maintenance'
When is maintenance maintenance, and when is it 'we've been pwned'?
On-Prem10 Sep 2024 | 15
1.7M potentially pwned after payment services provider takes a year to notice break-in
Criminals with plenty of time on their hands may now have credit card details
Cyber-crime09 Sep 2024 | 17
Kremlin-linked COLDRIVER crooks take pro-democracy NGOs for phishy ride
The latest of many attempts to stifle perceived threats to Putin's regime
Security09 Sep 2024 | 10
Check your IP cameras: There's a new Mirai botnet on the rise
Infosec in brief Also, US offering $2.5M for Belarusian hacker, Backpage kingpins jailed, additional MOVEit victims, and more
Security31 Aug 2024 | 22
Plane tracker app FlightAware admits user data exposed for years
Updated Privacy blunder alert omits number of key details
Security20 Aug 2024 | 42
National Public Data tells officials 'only' 1.3M people affected by intrusion
Investigators previously said the number was much, much higher
Cyber-crime19 Aug 2024 | 6
RansomHub-linked EDR-killing malware spotted in the wild
Infosec in brief Also: Your external-facing NetSuite sites need a review; five popular malware varieties for Q2, and more
Security19 Aug 2024 | 1
After nearly 3B personal records leak online, Florida data broker confirms it was ransacked by cyber-thieves
Names, addresses, Social Security numbers, more all out there
Cyber-crime16 Aug 2024 | 43
Enzo Biochem ordered to cough up $4.5 million over lousy security that led to ransomware disaster
Three state attorneys general probed the company and found plenty to chastise
Cyber-crime14 Aug 2024 | 3
Attacker steals personal data of 200K+ people with links to Arizona tech school
Nearly 50 different data points were accessed by cybercrim
Cyber-crime12 Aug 2024 | 7
UK Electoral Commission slapped for basic cybersecurity fails
It took 13 months to notice 40 million voters' data was compromised
CSO31 Jul 2024 | 25
Intruders at HealthEquity rifled through storage, stole 4.3M people's data
No mention of malware or ransomware – somewhat of a rarity these days
Cyber-crime29 Jul 2024 | 5
China ponders creating a national 'cyberspace ID'
Because clearly it's better for Beijing to know who you are than for every ISP and social service to keep its own records
Public Sector29 Jul 2024 | 19
Secure Boot useless on hundreds of PCs from major vendors after key leak
Infosec in brief Plus: More stalkerware exposure; a $16M TracFone fine; Ransomware victims don't use MFA, and more
Security29 Jul 2024 | 36
Data pilfered from Pentagon IT supplier Leidos
Updated With numerous US government agency customers, any leak could be serious
Cyber-crime24 Jul 2024 | 2
Cellebrite got into Trump shooter's Samsung device in just 40 minutes
Infosec in brief Also: Second-string Russian hackers sanctioned; Senators demand answers from Snowflake, and more
Security22 Jul 2024 | 63
London council accuses watchdog of 'exaggerating' danger of 2020 raid on residents' data
You escaped a big fat fine! Take the win and run, won’t you?
Malware Month17 Jul 2024 | 26
Rite Aid admits 2.2 million people’s data stolen by criminals
RansomHub allegedly strikes again as its star continues to rise in the cybercrime scene
Malware Month16 Jul 2024 | 6
Call, text logs for 110M AT&T customers stolen from compromised cloud storage
Snowflake? Snowflake
Cyber-crime12 Jul 2024 | 22
Snowflake lets admins make MFA mandatory across all user accounts
Company announces intent following Ticketmaster, Santander break-ins
Security10 Jul 2024 | 4
Malware that is 'not ransomware' wormed its way through Fujitsu Japan's systems
IT giant says data exfiltration was extremely difficult to detect
Malware Month10 Jul 2024 | 8
Biting the hand that feeds IT
