UK starts prosecution days after FBI vowed to clamp down on the crime Three young Brits are accused of stateside swatting offences and will appear in a UK court today to face their charges after a joint investigation by the…
Category: EN
Large-Scale Data Breach at Frederick Health Exposes Patient Records
Two separate ransomware incidents have recently affected healthcare providers in Maryland and California and exposed sensitive information belonging to more than 1.1 million patients as a result, according to disclosures filed with federal regulators that recently broke the story.…
Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
Attackers have been using two previously known vulnerabilities (CVE-2024-38475, CVE-2023-44221) to compromise SonicWall secure mobile access devices, the vendor has confirmed by updating the associated advisories. CISA has added the two flaws to its Known Exploited Vulnerabilities catalog, and Watchtowr…
Microsoft sets all new accounts passwordless by default
Microsoft announced that all new accounts will be “passwordless by default” to increase their level of security. Microsoft now makes all new accounts “passwordless by default,” enhancing protection against social engineering attacks, phishing, brute-force, and credential stuffing attacks. “As part…
New Stealthy NodeJS Backdoor Infects Users via CAPTCHA Verifications
A sophisticated malware campaign has emerged that deploys stealthy NodeJS backdoors through deceptive CAPTCHA verification screens, security researchers revealed today. This campaign represents a growing trend of threat actors exploiting seemingly legitimate security measures to distribute malicious code, targeting users…
Microsoft Exchange Online Flagging Gmail Emails as Spam – Fixes Issued
Microsoft has resolved a widespread issue with its Exchange Online service that caused legitimate emails from Gmail accounts to be incorrectly identified as spam and quarantined. The problem, which began on April 25, affected numerous organizations using Microsoft 365 and…
Hackers Weaponizing Go Modules to Deliver Disk-Wiping Malware Leads to Data Loss
A devastating new supply-chain attack has emerged in the Go ecosystem, with attackers deploying highly destructive disk-wiping malware through seemingly legitimate modules. This sophisticated attack exploits the inherent openness of Go’s package ecosystem, where developers routinely source modules directly from…
ANY.RUN Unveils Q1 2025 Malware Trends Report, Highlighting Evolving Cyber Threats
ANY.RUN, a leading cybersecurity firm, has released its Q1 2025 Malware Trends Report, offering critical insights into the dynamic cyber threat landscape. Drawing from data analyzed by 15,000 companies and 500,000 analysts within ANY.RUN’s Interactive Sandbox delivers actionable intelligence to…
Raytheon, Nightwing to Pay $8.4 Million in Settlement Over Cybersecurity Failures
The US government says defense contractor Raytheon and Nightwing agreed to pay $8.4 million to settle False Claims Act allegations. The post Raytheon, Nightwing to Pay $8.4 Million in Settlement Over Cybersecurity Failures appeared first on SecurityWeek. This article has…
TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China
Ireland’s Data Protection Commission (DPC) on Tuesday fined popular video-sharing platform TikTok €530 million ($601 million) for infringing data protection regulations in the region by transferring European users’ data to China. “TikTok infringed the GDPR regarding its transfers of EEA…
White House Warns China of Cyber Retaliation Over Infrastructure Hacks
NSC’s Alexei Bulazel said that failing to robustly respond to constant Chinese intrusions into critical infrastructure is in itself “escalatory” This article has been indexed from www.infosecurity-magazine.com Read the original article: White House Warns China of Cyber Retaliation Over Infrastructure…
Apple Warns Trump’s Tariffs Will Raise Costs By $900m
Apple says iPhones sold in US will no longer come from China, as Q2 results show it has so far mostly avoided Trump’s tariff impact This article has been indexed from Silicon UK Read the original article: Apple Warns Trump’s…
In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down
Noteworthy stories that might have slipped under the radar: NullPoint Stealer source code leaked, researcher earns $17,500 from Apple for vulnerability, BreachForums down after zero-day exploitation by police. The post In Other News: NullPoint Source Code Leak, $17,500 for iPhone…
macOS Sandbox Escape Vulnerability Allows Keychain Deletion and Replacement
A security vulnerability in macOS has been discovered. It allows malicious actors to escape the App Sandbox protection by manipulating security-scoped bookmarks. Tracked as CVE-2025-31191, this vulnerability enables a threat actor to delete and replace a keychain entry critical for authenticating file…
Unmasking AI in Cybersecurity – From Dark-Web Tactics to Next-Gen Defenses
Artificial intelligence is fundamentally reshaping the cybersecurity landscape, introducing both unprecedented defensive capabilities and alarming new attack vectors. The rapid evolution of generative AI and large language models (LLMs) has created a technological inflection point where digital identity verification mechanisms-including…
State-Sponsored Hacktivism Attacks on The Rise, Rewrites Cyber Threat Landscape
The global cybersecurity landscape is witnessing an alarming paradigm shift as state-sponsored hacktivism attacks have surged dramatically in recent months, blurring the traditional boundaries between politically motivated activism and sophisticated nation-state operations. These hybrid threats combine the ideological zeal of…
NCSC Guidance on “Advanced Cryptography”
The UK’s National Cyber Security Centre just released its white paper on “Advanced Cryptography,” which it defines as “cryptographic techniques for processing encrypted data, providing enhanced functionality over and above that provided by traditional cryptography.” It includes things like homomorphic…
New Microsoft accounts will be “passwordless by default”
Microsoft is making new Microsoft accounts passwordless by default, the company has announced on Thursday, which marked this year’s World Password Day. “As part of [a recently simplified sign-in user experience], we’re changing the default behavior for new accounts,” Vasu…
MIWIC25: Marine Ruhamanya, Cybersecurity Senior Manager
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Top 20 women selected…
15 Billion User Gain Passwordless Access to Microsoft Account Using Passkeys
As the first-ever World Passkey Day replaces the traditional World Password Day, Microsoft joins the FIDO Alliance in celebrating a milestone achievement: over 15 billion online accounts now have access to passwordless authentication through passkeys. This significant shift marks a…