Latest
US Commerce Department Probes China Mobile, China Telecom and China Unicom for Security Risks
CISA confirms hackers exploited Ivanti flaw to access its chemical security tool, LockBit 3.0 claims attack on US Federal Reserve, EU adds six Russian hackers to sanctions list, Hackers infiltrated Ethereum's email to send malicious messages. much more
Auto Software Maker CDK Global Agreed to Pay Tens of Millions to Ransomware Attackers, BlackSuit Gang Is Responsible, Sources
CISA confirms hackers exploited Ivanti flaw to access its chemical security tool, LockBit 3.0 claims attack on US Federal Reserve, EU adds six Russian hackers to sanctions list, Hackers infiltrated Ethereum's email to send malicious messages, much more
Best Infosec-Related Long Reads for the Week of 6/15/24
The world of people who take spreadsheets seriously, The distortions of a leading disinformation researcher, How the EU leads the way in securing software, Protecting prompt privacy in LLM models
US Government Bans the Sale of Kaspersky Lab Software Citing National Security Threat
Qilin threat group releases 400GB of data stolen in London hospital attacks, Auto software provider suffers second cyberattack as dealerships head into extended service shutdown, much more
IntelBroker Claims Breach of Apple, Leaks Purported Source Code for Several Internal Tools
T-Mobile denies IntelBroker's hack claims, Cryptosecurity firm accused of stealing $3m during "white hat" hack of Kraken exchange, much more
Ransomware Attack Shuts Down US Defense Contractor and Major Forklift Maker Crown Equipment Corp., Company Asks Workers to File for Unemployment
Qilin demands $50m ransom to end London hospitals' paralysis, AMD probes ransomware attack claimed by IntelBroker, much more
Snowflake Hackers Demand Up to $5 Million as Hacking Scheme Enters Extortion Stage
Signal president says EU CSAM scanning threatens web security, DragonForce hit Oahu transit services with ransomware attack, Cleveland still coping with ransomware attack, Law enforcement portal hackers plead guilty, Cryptoscammers target Trump supporters, New malware campaign uses fake browsers, Suspected Chinese actors targeting F5 BIG-IP appliances for espionage, much more
Ringleader of Scattered Spider Allegedly Arrested in Spain
Empire Market operators charged, Identities of MuddyWater and Darkbit leaders allegedly exposed, Hacker claims Snowflake accounts were accessed through third-party, LA county public health attack exposed personal data for more than 200K, Thousands of UK train riders were subject to Amazon facial recognition, Amazon planned to circumvent GitHub's
Best Infosec-Related Long Reads for the Week of 6/8/24
Immoral Pentagon disinformation campaign threatened Filipino lives, Volt Typhoon could lead to wartime disruption, Internet privacy's shifting baseline syndrome, LLM agent teams can exploit zero days more than half the time, LLM agents are capable of deception Metacurity is pleased to offer our free and premium subscribers this
Microsoft Postpones Widely Lambasted Recall Feature to Test Security Improvements
Microsoft CEO grilled by House Committee on security fails, More suspects arrested related to Desjardins breach, Republicans drum Stanford Internet Observatory out of existence, Nakasone to join OpenAI board, Snowflake ends internal investigation, UwU offers $5m bounty following second breach, DPRK is targeting Brazilian crypto exchanges, Clearview AI offers novel
To Protect Federal Contracts, Microsoft Ignored Security Expert's Warnings About Flaw That Led to Solar Winds Breach, Report
Hacker gained access to tracking company Tile's internal tools, Ukraine busts Conti and LockBit hacker as part of Operation Endgame, Canadian cops bust four men for Desjardins breach, Mozilla is blocking anti-censorship extensions, Google issues 50 patches including one for zero-day exploited in the wild, Toronto school system