A Moscow court has fined WhatsApp, Facebook, and Twitter for not storing the data of Russian users inside Russia's borders, Roskomnadzor, the country's telecoms regulator, announced today. | Continue reading
Following weeks of protests against its decades-long communist leadership, the Cuban government passed a series of new laws that limit freedom of expression on the internet and force local service providers to create censorship mechanisms on their networks in order to prevent the … | Continue reading
Mozilla developers are putting the finishing touches on a new feature that will block insecure file downloads in Firefox. | Continue reading
Internet infrastructure company Cloudflare disclosed today that it mitigated the largest volumetric distributed denial of service (DDoS) attack that was recorded to date. | Continue reading
In an award-winning paper today, academics said they discovered a way to abuse the TCP protocol, firewalls, and other network middleboxes to launch giant distributed denial of service (DDoS) attacks against any target on the internet. | Continue reading
A security researcher has discovered a web attack framework developed by a suspected Chinese government hacking group and used to exploit vulnerabilities in 58 popular websites to collect data on possible Chinese dissidents. | Continue reading
Scripps Health, a California-based nonprofit healthcare provider that runs five hospitals and 19 outpatient facilities, said it expects to lose an estimated $106.8 million following a ransomware attack that hit the organization in May 2021. | Continue reading
Fortune 500 company Accenture has fell victim to a ransomware attack but said today the incident did not impact its operations and has already restored affected systems from backups. | Continue reading
Routers and modems running a version of the Arcadyan firmware, including devices from ASUS, Orange, Vodafone, and Verizon, are currently under attack from a threat actor attempting to ensnare the devices into their DDoS botnet. | Continue reading
At the Black Hat security conference today, two security researchers have disclosed a security issue impacting hosted DNS service providers that can be abused to hijack the platform's nodes, intercept some of the incoming DNS traffic, and then map customers' internal networks. | Continue reading
Spyware-like features have been discovered inside an app named "Beijing One Pass" that foreign companies operating in China are forced to install on their systems in order to access a digital platform to manage employee state benefits. | Continue reading
Details have been published today about a collection of nine vulnerabilities known as PwnedPiper that impact common a type of medical equipment that's installed in roughly 80% of all major hospitals in North America. | Continue reading
A representative of the BlackMatter group talked to Recorded Future expert threat intelligence analyst Dmitry Smilyanets. | Continue reading
The hackers who breached Electronic Arts last month have released the entire cache of stolen data after failing to extort the company and later sell the stolen files to a third-party buyer. | Continue reading
Officials from multiple Israeli government agencies have raided today the offices of surveillance software vendor NSO Group, the Israeli Ministry of Defense announced today. | Continue reading
The NSA has found no evidence to support Tucker Carlson’s accusations that the agency had been spying on him in an effort to knock his show off the air, two people familiar with the matter told The Record. | Continue reading
A Japanese security firm said it discovered an Olympics-themed malware sample that contains functionality to wipe files on infected systems and appears to be targeted at Japanese PCs. | Continue reading
An innocuous iPhone bug that could crash the WiFi service has turned out to be far worse than initially thought after mobile security firm ZecOps showed on Friday how the bug could be abused for remote code execution attacks. | Continue reading
Researchers from security firm CyberArk bypassed Windows Hello, the biometrics authentication system included with all Windows 10 versions, using just an infrared image of the device's owner. | Continue reading
The Chinese government has published new regulation on Tuesday laying out stricter rules for vulnerability disclosure procedures inside the country's borders. | Continue reading
The Wikimedia Foundation has banned the administrator of the Croatian version of Wikipedia after an investigation revealed that together with other admins, they edited and distorted content on the site with radical right views. | Continue reading
Google has rolled out today support for the new Brand Indicators for Message Identification (BIMI) standard to all Gmail users as part of an effort to improve email-sender authenticity. | Continue reading
The European Union has allocated €4 million in funding to upgrade Cerberus, a platform used by EU law enforcement agencies to crack passwords and access encrypted devices. | Continue reading
The REvil ransomware gang is asking for a $70 million ransom payment to publish a universal decryptor that can unlock all computers locked during the Kaseya incident that took place this past Friday, The Record has learned. | Continue reading
Coop, one of Sweden's largest supermarket store chains, has shut down nearly 800 stores across the country after one of its contractors was hit by ransomware in the aftermath of the Kaseya security incident on Friday. | Continue reading
The REvil ransomware gang appears to have gained access to the infrastructure of Kaseya, a provider of remote management solutions, and is using a malicious update for the VSA software to deploy ransomware to companies across the world. | Continue reading
The US Department of Homeland Security on Thursday announced that it is onboarding nearly 300 cybersecurity professionals and has extended job offers to 500 others in what it refers to as "the most successful cybersecurity hiring initiative in DHS history." | Continue reading
South Korean authorities have filed charges today against nine employees of a local computer repair company for creating and installing ransomware on their customers' computers. | Continue reading
In light of the recent wave of high-profile ransomware attacks that have caused havoc in the US and Europe, the member states of the G7 group have called on Russia and other countries to crack down on ransomware gangs operating within their borders. | Continue reading
Over the course of the last few months, some crypto-mining gangs have switched their modus operandi from attacking and hijacking unpatched servers to abusing the free tiers of cloud computing platforms. | Continue reading
Google's experiment to hide parts of a site's URL in the Chrome address bar (the Omnibox) has failed and has been removed from the browser earlier this week. | Continue reading
The FBI and Australian Federal Police ran an encrypted chat platform and intercepted secret messages between criminal gang members from all over the world for more than three years. | Continue reading
Live streams for radio and TV stations owned by the Cox Media Group, one of the largest media conglomerates in the US, have gone down earlier today in what multiple sources have described as a ransomware attack. | Continue reading
The United States Supreme Court has ruled today in a 6-3 vote to overturn a hacking-related conviction for a Georgia police officer, and by doing so, it also narrowed down the scope of the US' primary hacking law, the Computer Fraud and Abuse Act. | Continue reading
Exploit broker Zerodium announced plans today to pay up to $100,000 for zero-days in Pidgin, a multi-protocol instant messaging desktop client and a popular IM tool used in cybercriminal circles. | Continue reading
A cyber-espionage hacking group is believed to have hacked the website of the Myanmar president's office and planted a backdoor trojan inside a localized Myanmar font package available for download on the site's front page. | Continue reading
A team of Google security researchers said they discovered a new way to perform Rowhammer attacks against computer memory (RAM) cards that broaden the attack's initial impact. | Continue reading
Thousands of Google Chrome extensions available on the official Chrome Web Store are tampering with security headers on popular websites, putting users at risk of a wide range of web-based attacks. | Continue reading
Microsoft has open-sourced today a tool that can be used to build lab environments where security teams can simulate attacks and verify the detection effectiveness of Microsoft security products. | Continue reading
The European Union has extended today the legal framework that allows it to sanction foreign hackers, effectively extending its existing sanctions on Chinese, Russian, and North Korean hackers for another year, until May 18, 2022. | Continue reading
US authorities have charged a gang of Brazilian nationals for a scheme that defrauded the customers of services like Uber, Lyft, DoorDash, and two other unidentified food delivery services. | Continue reading
Ireland's national health service, the Health Service Executive (HSE), temporarily shut down its IT systems today after suffering a ransomware attack overnight. | Continue reading
Hundreds of millions of Dell desktops, laptops, notebooks, and tablets will need to update their Dell DBUtil driver to fix a 12-year-old vulnerability that exposes systems to attacks. | Continue reading
The operators of the DopplePaymer ransomware have leaked a large collection of files from the Illinois Office of the Attorney General after negotiations have broken down and officials refused to pay a ransom demand, The Record has learned. | Continue reading
Cybersecurity firm Kaspersky said today it discovered new malware that appears to have been developed by the US Central Intelligence Agency. | Continue reading
A ransomware gang is threatening to leak sensitive police files that may expose police investigations and informants unless the Metropolitan Police Department of the District of Columbia agrees to pay a ransom demand. | Continue reading
A mysterious threat actor has compromised the update mechanism of enterprise password manager application Passwordstate and deployed malware on its users' devices, most of which are enterprise customers. | Continue reading