Europe once again leads the way by passing meaningful AI regulation. Banned unacceptable-risk uses of AI include facial recognition, social scoring, and emotion recognition at schools and workplaces. "The use of real-time facial recognition systems by law enforcement is permitted … | Continue reading
Several of the world’s leading semiconductor companies faced ransomware attacks, extortion attempts and other malicious activity in 2022. | Continue reading
The West African nation of Sierra Leone experienced a near-total internet blackout on Wednesday, in the midst of anti-government protests sparked by the rising cost of living. | Continue reading
Twitter officially confirmed that a January breach led to the leak of information connected to 5.4 million accounts. | Continue reading
Private equity firm Thoma Bravo announced Wednesday a $2.8 billion all-cash deal to buy Denver-based authentication software company Ping Identity and take it private. | Continue reading
Twitter said it is investigating the authenticity of a batch of information connected to 5.4 million accounts that is being sold on Breach Forums. | Continue reading
We're going to play two stories for you today. First is a story that comes from the podcast Click Here, hosted by Dina Temple Raston. It's about Lapsus$. Then after that Jack Rhysider tells a story about a sewage plant in Australia that had a big problem. You can find more episod … | Continue reading
Twitter published an apology on Wednesday after it was caught covertly using account security data for targeted advertising. | Continue reading
The shutdown has had "high impact" on service in major Pakistani cities such as Islamabad, Karachi and Lahore, experts said. | Continue reading
Cybersecurity agencies from the Five Eyes alliance warned of attacks targeting MSPs, which are a key part of the IT supply chain. | Continue reading
National Security Memorandum 10 (NSM-10) calls for "a whole-of-government and whole‑of‑society strategy" for quantum information systems. | Continue reading
Was a recently-thwarted cyberattack on a Hawaii underwater cable the work of financially-motivated cybercriminals, government-sponsored hackers, or someone else? Hawaii officials are working with federal agents to determine exactly that, according to Frank Pace, the administrator … | Continue reading
Coca-Cola said it is investigating reports of a data breach after a ransomware group claimed to have stolen documents. | Continue reading
Over the last two weeks, as the Kremlin has increasingly tightened its control on independent media and censored news about its invasion of Ukraine, people around the world have used a new tool to send messages to random Russian citizens about the reality of the ongoing war. | Continue reading
Google announced on Tuesday that it was increasing security measures to help protect Ukrainian civilians and websites, following similar moves by other technology giants in recent days. | Continue reading
The Russian government appears to be geofencing its military website following attempts to knock it offline. | Continue reading
The operators of the TrickBot malware botnet have shut down their server infrastructure today after months of inactivity, bringing to an end one of the most dangerous and persistent malware operations seen in recent years. | Continue reading
The European Union Data Protection Supervisor (EDPS) has urged EU officials to ban the use and deployment of the Pegasus commercial spyware across Europe, citing unprecedented risks and damages to personal freedoms and the rule of law across Europe. | Continue reading
An academic research project found that thousands of JavaScript developers are using an email address with an expired domain for their npm accounts, leaving their projects exposed to easy hijacks. | Continue reading
The San Francisco 49ers NFL team has fallen victim to a ransomware attack that encrypted files on its corporate IT network, a spokesperson for the team has told The Record. | Continue reading
Vodafone Portugal said today that a large chunk of its customer data services went offline overnight following "a deliberate and malicious cyberattack intended to cause damage and disruption." | Continue reading
A threat actor has abused a vulnerability in the Wormhole cryptocurrency platform to steal an estimated $322 million worth of Ether currency. | Continue reading
The administrators of the Node Package Manager (npm), the largest package repository of the JavaScript ecosystem, said they enrolled the maintainers of the Top 100 most popular libraries (based on the number of dependencies) into their mandatory two-factor authentication (2FA) pr … | Continue reading
The Record spoke with Christian Grobmeier, a member of the Apache Logging team and one of the developers who maintain the Log4j library. | Continue reading
Security researchers have discovered this week the first professional ransomware strain that was coded in the Rust programming language and was deployed against companies in real-world attacks. | Continue reading
The UK government's cyber-security agency plans to release Nmap scripts in order to help system administrators in scanning their networks for unpatched or vulnerable devices. | Continue reading
The Conti ransomware gang has been linked to an attack on Delta Electronics, a Taiwanese electronics manufacturing company and a major supplier of power components to companies like Apple and Tesla. | Continue reading
The Russian Federal Security Service (FSB) said today that it has raided and shut down the operations of the REvil ransomware gang. | Continue reading
Microsoft has notified earlier this month a select group of Azure customers impacted by a recently discovered bug that exposed the source code of their Azure web apps since at least September 2017. | Continue reading
The US Cybersecurity and Infrastructure Security Agency has told federal civilian agencies to patch systems affected by the Log4Shell vulnerability by Christmas Eve. | Continue reading
The Apache Software Foundation has released an emergency security update today to patch a zero-day vulnerability in Log4j, a Java library that provides logging capabilities. | Continue reading
Nobelium, the Russian cyber-espionage group that has orchestrated the SolarWinds 2020 supply chain attack, has continued to carry out new attacks throughout 2021, and according to security firm Mandiant, has been using a clever trick to bypass two-factor authentication in order t … | Continue reading
Microsoft said today that its legal team has successfully obtained a court warrant that allowed it to seize 42 domains used by a Chinese cyber-espionage group in recent operations that targeted organizations in the US and 28 other countries. | Continue reading
Since at least 2017, a mysterious threat actor has run thousands of malicious servers in entry, middle, and exit positions of the Tor network in what a security researcher has described as an attempt to deanonymize Tor users. | Continue reading
A threat actor has hacked the website of the Principality of Sealand, a micronation in the North Sea, and planted malicious code on its web store, which the government is using to sell baron, count, duke, and other nobility titles. | Continue reading
The Israeli government has restricted the list of countries to which local security firms are allowed to sell surveillance and offensive hacking tools by almost two-thirds, cutting the official cyber export list from 102 to 37 entries. | Continue reading
“I needed to do something. I needed to survive,” said one student who began committing cyber fraud in lockdown. | Continue reading
Throughout 2020 and 2021, the Tor anonymity network has gone through a major change as the Tor software team has released a new version of its software that updated how .onion domains look and work. | Continue reading
Google has released on Monday its monthly Android security bulletin, and the company's engineers said they patched a zero-day vulnerability that was being exploited in the wild in what they described as "limited, targeted exploitation." | Continue reading
Europol has announced today the arrests of seven suspects who worked as "affiliates" (partners) for a major ransomware cartel and have helped carry out more than 7,000 attacks since early 2019. | Continue reading
A hacker has stolen an estimated $55 million worth of cryptocurrency assets from bZx, a decentralized finance (DeFi) platform that allows users to borrow, loan, and speculate on cryptocurrency price variations. | Continue reading
A Hungarian government official has confirmed this week that the small central European country has bought and deployed Pegasus, a commercial spyware program developed by Israeli company NSO Group. | Continue reading
The security team of the npm JavaScript package manager has warned users that two of its most popular packages had been hijacked by a threat actor who released new versions laced with what appeared to be password-stealing malware. | Continue reading
The European Commission has ordered an update to the Radio Equipment Directive in order to introduce new cybersecurity guidelines for radio and wireless equipment sold on the EU market, such as mobile phones, tablets, fitness trackers, and other smart IoT devices. | Continue reading
Threat actors are exploiting a security flaw in GitLab self-hosted servers to assemble botnets and launch gigantic distributed denial of service (DDoS) attacks, with some in excess of 1 terabit per second (Tbps). | Continue reading
China’s Ministry of Industry and Information Technology (MIIT) notified the operators of 38 popular apps that they have five days to change the way they collect user data or face fines and penalties. | Continue reading
The US Cybersecurity and Infrastructure Security Agency has established today a public catalog of vulnerabilities known to be exploited in the wild and has issued a binding operational directive ordering US federal agencies to patch affected systems within specific timeframes and … | Continue reading
The US Department of Justice has filed charges today against a Minnesota man who hacked MLB, NBA, NFL, and NHL user accounts in order to supply content to a pirate streaming website that he operated. | Continue reading