Chinese hackers are switching to new malware for government attacks
New attacks from the Chinese based Mustang Panda group reveal a change in tactics.....»»
Yearlong supply-chain attack targeting security pros steals 390K credentials
Multifaceted, high-precision campaign targets malicious and benevolent hackers alike. A sophisticated and ongoing supply-chain attack operating for the past year has been stealing.....»»
F-Secure Total review: affordable antivirus solution lets you build custom plan
I went hands-on with F-Secure Total, a low-cost customizable antivirus solution to find out how well it protects your computer from malware......»»
Rocket Report: Chinese national flies drone near Falcon 9, Trouble down under
"I am convinced that a collaboration between Avio and MaiaSpace could be established." Welcome to Edition 7.23 of the Rocket Report! We're closing in on the end of the year, with.....»»
New infosec products of the week: December 13, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Cato Networks, Horizon3.ai, SecureAuth, Stamus Networks, Trellix, and Versa Networks. Trellix Drive Encryption enhances security against insider attacks Trel.....»»
Report: AT&T, Verizon aren’t notifying most victims of Chinese call-records hack
Telcos reportedly aren't telling users about call metadata taken in Chinese hack. AT&T and Verizon reportedly are not notifying most customers whose call records were stolen in th.....»»
27 DDoS-for hire platforms seized by law enforcement
As part of an ongoing international crackdown known as Operation PowerOFF, international law enforcement has seized over two dozen platforms used to carry out Distributed Denial-of-Service (DDoS) attacks. These “booter” (aka “stress.....»»
"A virtual seat at the family table": why older people are among the biggest users of social media
The Australian government's recent decision to ban under 16s from social media has focused attention on the harms it can cause—especially for young people......»»
Russia takes unusual route to hack Starlink-connected devices in Ukraine
Secret Blizzard has used the resources of at least 6 other groups in the past 7 years. Russian nation-state hackers have followed an unusual path to gather intel in the country's.....»»
Government says DOJ subpoenaed Apple without authorization
DOJ demands for message and call data from Apple during the Trump administration, failed to obtain authorization, says the Office of the Inspector General in the current Biden administration.United States Department of Justice — image credit: DOJIt.....»»
Microsoft enforces defenses preventing NTLM relay attacks
Since making Kerberos the default Windows authentication protocol in 2000, Microsoft has been working on eventually retiring NTLM, its less secure and obsolete counterpart. Until NTLM gets disabled by default, Microsoft is working on shoring up defen.....»»
DOJ forced Apple to hand over customer call and message data without the required authorization
An official government report has concluded that the Trump-era Department of Justice (DOJ) did not obtain the required authorizations before demanding customer call and message data from Apple and others. It also failed to obtain authorization fro.....»»
Open source malware up 200% since 2023
Sonatype’s 2024 Open Source Malware Threat Report reveals that the number of malicious packages has surpassed 778,500 since tracking began in 2019. In 2024, researchers examined how threat actors leverage malicious open-source packages to targe.....»»
CyTwist’s detection engine combats AI-generated malware
CyTwist launches its patented detection engine to combat the insidious rise of AI-generated malware. Enhancing an organization’s existing security stack, CyTwist’s solution profiles threat actors using field-proven counterintelligence met.....»»
Trellix Drive Encryption enhances security against insider attacks
Trellix announced Trellix Drive Encryption upgrades for on-premises and SaaS management. Customers benefit from the flexibility needed for encryption protection deployment to safeguard their data and devices from unauthorized access. “The major.....»»
US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks
The Department of the Treasury is sanctioning Chinese cybersecurity company Sichuan Silence, and one of its employees, Guan Tianfeng, for their roles in the April 2020 compromise of tens of thousands of firewalls worldwide. Many of the victims were U.....»»
Microsoft challenges you to hack its LLM email service
AI hackers have the chance to earn a little extra cash this Christmas by identifying vulnerabilities......»»
RSA expands phishing-resistant, passwordless capabilities
RSA announced expanded phishing-resistant, passwordless capabilities. Built to secure financial services organizations, government agencies, healthcare, and other highly-regulated industries from the most frequent and highest-impact attacks, these ne.....»»
Microsoft: “Hack” this LLM-powered service and get paid
Microsoft, in collaboration with the Institute of Science and Technology Australia and ETH Zurich, has announced the LLMail-Inject Challenge, a competition to test and improve defenses against prompt injection attacks. The setup and the challenge LLM.....»»
US Appeals Court upholds law requiring TikTok sale
China-based Bytedance has one last avenue to avoid the sale of its TikTok social media service after losing a court appeal to invalidate a US law that requires the service be sold by January 19, 2025.TikTok's issues with the US government and courts.....»»
Climate patterns from cave mineral deposits linked to Chinese dynasty collapses
China's dynastic history spans 13 periods of rule from 2070 BC until the last emperor abdicated in 1912. While factors leading to the transitions between dynasties are a complex mixture of environmental, social and economic issues, the role of climat.....»»