News
Ex-White House election threat hunter weighs in on what to expect in November
Interview Mick Baccio, global security advisor at Splunk, has watched the evolution of election security threats in real time.…
US faith-based healthcare org Ascension says 'cybersecurity event' disrupted clinical ops
Healthcare organization Ascension is the latest of its kind in the US to say its network has been affected by what it believes to be a "cybersecurity event."…
Dell customer order database of '49M records' stolen, now up for sale on dark web
Dell has confirmed information about its customers and their orders has been stolen from one of its portals. Though the thief claimed to have swiped 49 million records, which are now up for sale on the dark web, the IT giant declined to say how many people may be affected.…
America's enemies targeting US critical infrastructure should be 'wake-up call'
RSAC Digital intruders from China, Russia, and Iran breaking into US water systems this year should be a "wake-up call," according to former National Security Agency cyber boss Rob Joyce.…
What do Europeans, Americans and Australians have in common? Scammed $50M by fake e-stores
A crime ring dubbed BogusBazaar has scammed 850,000 people out of tens of millions of dollars via a network of dodgy shopping websites.…
Undersea cables are high-priority targets – it's high time to make these global pathways more resilient
Interview As undersea cables carry ever-increasing amounts of data, they become even higher priority targets for both cyber and physical attacks.…
CISA boss: Secure code is the 'only way to make ransomware a shocking anomaly'
RSAC There's a way to vastly reduce the scale and scope of ransomware attacks plaguing critical infrastructure, according to CISA director Jen Easterly: Make software secure by design.…
One year on, universities org admits MOVEit attack hit data of 800k people
Just short of a year after the initial incident, the state of Georgia's higher education government agency has confirmed that it was the victim of an attack on its systems affecting the data of 800,000 people.…
UK opens investigation of MoD payroll contractor after confirming attack
UK Government has confirmed a cyberattack on the payroll system used by the Ministry of Defence (MoD) led to "malign" forces accessing data on current and a limited number of former armed forces personnel.…
Ten years since the first corp ransomware, Mikko Hyppönen sees no end in sight
Interview This year is an unfortunate anniversary for information security: We're told it's a decade since ransomware started infecting corporations.…
From infosec to skunks, RSA Conference SVP spills the tea
Interview The 33rd RSA Conference is underway this week, and no one feels that more acutely than the cybersecurity event's SVP Linda Gray Martin.…
UnitedHealth's 'egregious negligence' led to Change Healthcare ransomware infection
Interview The cybersecurity practices that led up to the stunning Change Healthcare ransomware infection indicate "egregious negligence" on the part of parent company UnitedHealth, according to Tom Kellermann, SVP of cyber strategy at Contrast Security.…
America's War on Drugs and Crime will be AI powered, says Homeland Security boss
RSAC AI is a double-edged sword in that the government can see ways in which the tech can protect and also be used to attack Americans, says US Homeland Security Secretary Alejandro Mayorkas.…
Watch out for rogue DHCP servers decloaking your VPN connections
A newly discovered vulnerability undermines countless VPN clients in that their traffic can be quietly routed away from their encrypted tunnels and intercepted by snoops on the network.…
CISA's early-warning system helped critical orgs close 852 ransomware holes
RSAC As ransomware gangs step up their attacks against healthcare, schools, and other US critical infrastructure, CISA is ramping up a program to help these organizations fix flaws exploited by extortionists in the first place.…
TikTok sues America to undo divest-or-die law
TikTok and its China-based parent ByteDance sued the US government today to prevent the forced sale or shutdown of the video-sharing giant.…
Cops finally unmask 'LockBit kingpin' after two-month tease
Updated Police have finally named who they firmly believe is the kingpin of the LockBit ransomware ring: Dmitry Yuryevich Khoroshev.…
The truth about KEV: CISA’s vuln deadlines good influence on private-sector patching
The deadlines associated with CISA's Known Exploited Vulnerabilities (KEV) catalog only apply to federal agencies, but fresh research shows they're having a positive impact on private organizations too.…
Physical security biz exposes 1.2M files via unprotected database
Exclusive A UK-based physical security business let its guard down, exposing nearly 1.3 million documents via a public-facing database, according to an infosec researcher.…
Ransomware evolves from mere extortion to 'psychological attacks'
RSAC Ransomware infections and extortion attacks have become "a psychological attack against the victim organization," as criminals use increasingly personal and aggressive tactics to force victims to pay up, according to Google-owned Mandiant.…