Tag: Security News | TechCrunch

In 2019, Apple announced it would start sending some security researchers a “special” version of the iPhone designed to be used to find vulnerabilities, which could then be reported to Apple so the company could fix them. In 2020, the…

Read more →

U.S. cybersecurity agency CISA has ordered federal agencies to urgently disconnect Ivanti VPN appliances given the risk of malicious exploitation due to multiple software flaws. In an update to an emergency directive first published last week, CISA is now mandating…

Read more →

U.S. access and identity management giant Okta has said it is laying off approximately 400 employees, or 7% of its global workforce. The layoffs come almost exactly a year to the day after Okta announced plans to reduce its workforce…

Read more →

On Sunday, a user in a well-known hacking forum advertised what they claimed was a cache of stolen data from the rental car giant Europcar. The user claimed to have stolen the personal information of more than 48 million Europcar…

Read more →

A day after reporters published their first hands-on review of Apple’s Vision Pro, the technology giant released its first security patch for the mixed reality headset to fix a vulnerability that “may have been exploited” by hackers in the wild.…

Read more →

The U.S. government announced Wednesday it had disrupted a China-backed hacking operation targeting U.S. critical infrastructure, amid warnings that Beijing is preparing to cause “real-world harm” to Americans in the event of a future conflict. Speaking during a U.S. House…

Read more →

On Tuesday, hackers stole around $112 million of the Ripple-focused cryptocurrency XRP from a crypto wallet, Ripple’s co-founder and executive chairman has disclosed. Ripple’s Chris Larsen said on Wednesday that the stolen crypto was his. Larsen wrote on X (previously…

Read more →

Proofpoint is laying off about 6% of its global workforce, or 280 employees, the company confirmed to TechCrunch. “This decision was not taken lightly, and it is deeply rooted in our forward-looking company strategy of aligning our investments and hiring…

Read more →

Ivanti warned on Wednesday that hackers are exploiting another previously undisclosed zero-day vulnerability affecting its widely used corporate VPN appliance. Since early December, ​​Chinese state-backed hackers have been exploiting Ivanti Connect Secure’s flaws — tracked as CVE-2023-46805 and CVE-2024-21887 —…

Read more →

When people hear the term “identity management” in an enterprise context, they typically think of apps that help users authenticate who they are on a network in order to access certain services. In a security context, however, human users are…

Read more →

An Indian state government has fixed security issues impacting its website that exposed the sensitive documents and personal information of millions of residents. The bugs existed on the Rajasthan government website related to Jan Aadhaar, a state program to provide…

Read more →

Three local councils in the United Kingdom continue to experience disruption to their online services, a week after confirming a cyberattack had knocked some systems offline. The councils for Canterbury, Dover, and Thanet — all of which are based in…

Read more →

The U.S. National Security Agency is buying vast amounts of commercially available web browsing data on Americans without a warrant, according to the agency’s outgoing director. NSA director Gen. Paul Nakasone disclosed the practice in a letter to Sen. Ron…

Read more →

On Friday, Microsoft revealed that it had been the victim of a hack carried out by Russian government spies. Now, a week later, the technology giant said that it was not the only target of the espionage operation. In a…

Read more →

Mercedes-Benz accidentally exposed a trove of internal data after leaving a private key online that gave “unrestricted access” to the company’s source code, according to the security research firm that discovered it. Shubham Mittal, co-founder and chief technology officer of…

Read more →

In a data breach notification letter filed with regulators this weekend, 23andMe revealed that hackers started breaking into customers’ accounts in April 2023 and continued through most of September. In other words, for around five months, 23andMe did not detect…

Read more →

The software supply chain, which comprises the components, libraries and processes companies use to develop and publish software, is under threat. According to one recent survey, 88% of companies believe that software supply chain security presents an “enterprise-wide risk” to…

Read more →

Hewlett Packard Enterprise said on Wednesday that its cloud-based email system was compromised by Midnight Blizzard, a Russia-linked hacking group that recently broke into Microsoft’s corporate network. In a filing with the U.S. Securities and Exchange Commission, the enterprise tech…

Read more →

Businesses are moving faster than ever to use generative AI and bring it to both their employees and users. Moving fast and security don’t always go hand-in-hand, though, so it’s only now that many businesses are waking up to the…

Read more →

The U.S. government sanctioned a Russian national for allegedly playing a “pivotal role” in the ransomware attack against Australian health insurance giant Medibank that exposed the sensitive information of almost 10 million patients. 33-year-old Alexander Ermakov, who has also been…

Read more →