Blood-donation not-for-profit OneBlood confirms that donors’ personal information was stolen in a ransomware attack last summer. […]
Category: Security
Artificial Intelligence, Asia Pacific, Cybersecurity, generative ai, Global Security News, GPUS, Hardware, nvidia, Security, sustainability, Tech Industry, us government
US Chip Export Rule Proposes Limits to Thwart Chinese GPUs
The Biden administration states the rule will prevent U.S. chips from passing to China through countries loosely allied or not politically allied with the U.S.
Exploits, Global Security News, Security
CISA orders agencies to patch BeyondTrust bug exploited in attacks
CISA tagged a vulnerability in BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks, ordering agencies to secure their systems within three weeks. […]
Gaming, Global Security News, Security
Stolen Path of Exile 2 admin account used to hack player accounts
Path of Exile 2 developers confirmed that a hacked admin account allowed a threat actor to change the password and access at least 66 accounts, finally explaining how PoE 2 accounts have been breached since November. […]
Apple, Global Security News, Microsoft, Security
Microsoft: macOS bug lets hackers install malicious kernel drivers
Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. […]
Cloud, Exploits, Global Security News, Security
Hackers exploit critical Aviatrix Controller RCE flaw in attacks
Threat actors are exploiting a critical remote command execution vulnerability, tracked as CVE-2024-50603, in Aviatrix Controller instances to install backdoors and crypto miners. […]
Global Security News, Security
UK domain registry Nominet confirms breach via Ivanti zero-day
Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability. […]
Cloud, Global Security News, Security
Ransomware abuses Amazon AWS feature to encrypt S3 buckets
A new ransomware campaign encrypts Amazon S3 buckets using AWS’s Server-Side Encryption with Customer Provided Keys (SSE-C) known only to the threat actor, demanding ransoms to receive the decryption key. […]
1Password, Bitwarden, Cloud Security, Global Security News, password manager, Security
Bitwarden vs 1Password: Battle of the Best – Who Wins?
Bitwarden and 1Password are two of the top password managers. Find out which password manager is the best for you using this comprehensive comparison.
cyberattack, Cybersecurity, data broker, Data Privacy, Global IT News, Global Security News, mobile location data, privacy, Security, us government
A breach of a data broker’s trove of location data threatens the privacy of millions
The company confirmed the breach after a hacker posted millions of location data records online. © 2024 TechCrunch. All rights reserved. For personal use only.
Cybersecurity, Global IT News, Global Security News, hacking, ivanti, nominet, Security, zero day
UK domain giant Nominet confirms cybersecurity incident linked to Ivanti VPN hacks
Nominet, the U.K. domain registry that maintains .co.uk domains, has experienced a cybersecurity incident that it confirmed is linked to the recent exploitation of a new Ivanti VPN vulnerability. In an email to customers, seen by TechCrunch, Nominet warned of an “ongoing security incident” under investigation. Nominet said hackers accessed its systems via “third-party VPN…
AI, AI Concerns, AI privacy, AI Regulation, AI Trends, Anthropic, ChatGPT, Claude, cyber security, cyber threat, Cybersecurity, Data Privacy, data protection, Data Security, Digital Privacy, Episodes, gemini, generative ai, Global Security News, Information Security, infosec, Podcast, Podcasts, privacy, Privacy Policies, Safety in AI, Security, Security Bloggers Network, Tech Ethics, Tech Podcast, Technology, Weekly Edition
AI Privacy Policies: Unveiling the Secrets Behind ChatGPT, Gemini, and Claude
Do you ever read the privacy policy of your favorite AI tools like ChatGPT, Gemini, or Claude? In this episode, Scott Wright and Tom Eston discuss the critical aspects of these policies, comparing how each AI engine handles your personal data. They explore the implications of data usage, security, and privacy in AI, with insights…
Apple, Exploits, Global Security News, Security
Phishing texts trick Apple iMessage users into disabling protection
Cybercriminals are exploiting a trick to turn off Apple iMessage’s built-in phishing protection for a text and trick users into re-enabling disabled phishing links. […]
Global Security News, Government, Security
Scammers file first — Get your IRS Identity Protection PIN now
The IRS relaunched its Identity Protection Personal Identification Number (IP PIN) program this week and all US taxpayers are encouraged to enroll for added security against identity theft and fraudulent returns. […]
Exploits, Global Security News, Security
Fake LDAPNightmware exploit on GitHub spreads infostealer malware
A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka “LDAPNightmare”) on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. […]
AI, Azure OpenAI Service, dall-e, Global IT News, Global Security News, lawsuit, Microsoft, Security
Microsoft accuses group of developing tool to abuse its AI service in new lawsuit
Microsoft has taken legal action against a group the company claims intentionally developed and used tools to bypass the safety guardrails of its cloud AI products. According to a complaint filed by the company in December in the U.S. District Court for the Eastern District of Virginia, a group of unnamed 10 defendants allegedly used…
drones, Global IT News, Global Security News, la, Security, Transportation, wildfires
A drone punched a hole into an LA firefighting plane
A drone collided with a ‘Super Scooper’ firefighting plane. © 2024 TechCrunch. All rights reserved. For personal use only.
Exploits, Global Security News, Security
2025 Cybersecurity and AI Predictions
The cybersecurity and AI landscape continues to evolve at a breathtaking pace, and with it, the associated risks. Snowballing cybercrime costs are compounded by a cybersecurity workforce gap of nearly 4.8 million professionals, as reported by ISC2. Meanwhile, ISACA’s end-2024 State of Cybersecurity Report shows that nearly half of those surveyed claim no involvement in…
Global Security News, Security
Telefónica confirms internal ticketing system breach after data leak
Spanish telecommunications company Telefónica confirms its internal ticketing system was breached after stolen data was leaked on a hacking forum. […]
china, Cybersecurity, Evergreen, Global Security News, hacking, North America, Security, state-sponsored hacking, us government
Meet the Chinese ‘Typhoon’ hackers preparing for war
U.S. intelligence say these China-backed hackers among laying the groundwork for future conflict with the United States. © 2024 TechCrunch. All rights reserved. For personal use only.
CryptoCurrency, Global Security News, Security
New Web3 attack exploits transaction simulations to steal crypto
Threat actors are employing a new tactic called “transaction simulation spoofing” to steal crypto, with one attack successfully stealing 143.45 Ethereum, worth approximately $460,000. […]
Global Security News, Security
US charges operators of cryptomixers linked to ransomware gangs
The U.S. Department of Justice indicted three operators of sanctioned Blender.io and Sinbad.io crypto mixer services used by ransomware gangs and North Korean hackers to launder ransoms and stolen cryptocurrency. […]
Global Security News, North America, Security
Treasury hackers also breached US foreign investments review office
Chinese hackers, part of the state-backed Silk Typhoon threat group, have reportedly breached the Committee on Foreign Investment in the United States (CFIUS), which reviews foreign investments to determine national security risks. […]
Crypto, CryptoCurrency, Department of Justice, fbi, Global IT News, Global Security News, money laundering, North Korea, Ransomware, sanctions, Security
US government charges operators of crypto mixing service used by North Korea and ransomware gangs
Three Russian citizens were charged with money laundering for their role in operating Blender.io and Sinbad.io crypto mixing services. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
Docker Desktop blocked on Macs due to false malware alert
Docker is warning that Docker Desktop is not starting on macOS due to malware warnings after some files were signed with an incorrect code-signing certificate. […]
Australia, Global Security News, HR Policy, International, it hiring australia 2025, it jobs australia 2025, Security, Tech & Work
Australian IT Sector Maintains Strong Employment Outlook for 2025
IT hiring intentions remain strong, though competition for jobs could be fierce.
Global Security News, Security
STIIIZY data breach exposes cannabis buyers’ IDs and purchases
Popular cannabis brand STIIIZY disclosed a data breach this week after hackers breached its point-of-sale (POS) vendor to steal customer information, including government IDs and purchase information. […]
CFIUS, china, cyberattack, Global IT News, Global Security News, Security, treasury, us government
China hacked US Treasury’s CFIUS, which reviews foreign investments for national security risks
The hackers targeting the Treasury are dubbed Silk Typhoon, and previously mass-hacked thousands of corporate email servers. © 2024 TechCrunch. All rights reserved. For personal use only.
cannabis, Cybersecurity, data breach, Global IT News, Global Security News, Ransomware, Security
Cannabis company Stiiizy says hackers accessed customers’ ID documents
A ransomware gang took credit for the breach, claiming to have stolen over 400,000 government-issued identity documents from customers. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
Fake CrowdStrike job offer emails target devs with crypto miners
CrowdStrike is warning that a phishing campaign is impersonating the cybersecurity company in fake job offer emails to trick targets into infecting themselves with a Monero cryptocurrency miner (XMRig). […]
Global Security News, Healthcare, North America, Security
Largest US addiction treatment provider notifies patients of data breach
BayMark Health Services, North America’s largest provider of substance use disorder (SUD) treatment and recovery services, is notifying an undisclosed number of patients that attackers stole their personal and health information in a September 2024 breach. […]
Artificial Intelligence, Developer, endor labs, Global Security News, open source, Security, Software
What’s Next for Open Source Software Security in 2025?
Hidden dependencies, social engineering attacks, and the complexity of foundation models can all contribute tothe insecure use of open-source software in 2025.
Global Security News, Security
Banshee stealer evades detection using Apple XProtect encryption algo
A new version of the Banshee info-stealing malware for macOS has been evading detection over the past two months by adopting string encryption from Apple’s XProtect. […]
CES, Gadgets, Global IT News, Global Security News, Hardware, Security, Startups
DoorBox debuts its new and improved smart delivery box at CES 2025
Millions of packages stolen each year. DoorBox aims to change how packages are delivered with its smart package box that features a theft-proof design with live camera feeds and an alarm that activates automatically if the box is tampered with. After selling 2,000 units of its initial version, which offered manual functionality, the startup unveiled…
Ads, bug bounty, bugs, Cybersecurity, Facebook, Global IT News, Global Security News, hacking, infosec, Meta, Security, security vulnerability, vulnerability
Facebook awards researcher $100,000 for finding bug that granted internal access
A security researcher found a bug in a Facebook ad platform, which gave him access to the company’s internal infrastructure. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
MirrorFace hackers targeting Japanese govt, politicians since 2019
The National Police Agency (NPA) and the Cabinet Cyber Security Center in Japan have linked a cyber-espionage campaign targeting the country to the Chinese state-backed “MirrorFace” hacking group. […]
Global Security News, Security
US Treasury hack linked to Silk Typhoon Chinese state hackers
Chinese state-backed hackers, tracked as Silk Typhoon, have been linked to the U.S. Office of Foreign Assets Control (OFAC) hack in early December. […]
Cybersecurity, data breach, Exclusive, Global IT News, Global Security News, powerschool, Security
PowerSchool says hackers stole students’ sensitive data, including Social Security numbers, in data breach
In an FAQ obtained by TechCrunch, PowerSchool confirms it negotiated with the threat actors responsible for the breach. © 2024 TechCrunch. All rights reserved. For personal use only.
Exploits, Global Security News, Security
Google: Chinese hackers likely behind Ivanti VPN zero-day attacks
Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called ‘Dryhook’ and ‘Phasejam’ that is not currently associated with any threat group. […]
Access control, cyberattacks, Digital Identity, Global Security News, Identity & Access, Security, Security Bloggers Network, small business, startup
The Hidden Costs of Poor Access Management: Why Small Businesses Can’t Afford to Ignore It
When a former employee retains access to sensitive systems months after leaving, it’s more than a security oversight—it’s a serious business risk. Learn true costs of poor access management, from immediate impacts to long-term reputation damage, and discover practical steps to protect your business. The post The Hidden Costs of Poor Access Management: Why Small…
Global Security News, Security
Criminal IP: Bringing Real-Time Phishing Detection to Microsoft Outlook
AI SPERA announced today that it launched its Criminal IP Malicious Link Detector add-in on the Microsoft Marketplace. Learn more about how this tool provides real-time phishing email detection and URL blocking for Microsoft Outlook. […]
Cloud Security, Global Security News, IPVanish VPN, ipvanish vpn review, Security, VPN
IPVanish VPN Review: Is It Really as Secure as Claimed?
Read our comprehensive review of IPVanish VPN. Discover its features, pricing, and more to determine if it meets your online security and privacy needs.
Cybersecurity, Exploits, Global Security News, hack, ivanti, Security, VPN, vulnerability
Hackers are exploiting a new Ivanti VPN security bug to hack into company networks
Mandiant says a Chinese cyberespionage group has been exploiting the critical-rated vulnerability since at least mid-December. © 2024 TechCrunch. All rights reserved. For personal use only.
connected devices, Cybersecurity, Global IT News, Global Security News, Government, Hardware, In Brief, IoT, Security, smart devices, u.s., U.S. government, White House
The U.S. has a new cybersecurity safety label for smart devices
The White House this week announced a new label for internet-connected devices, the U.S. Cyber Trust Mark, intended to help consumers make more-informed decisions about the cybersecurity of products they bring into their homes. To earn the U.S. Cyber Trust Mark, which is being administered by the Federal Communications Commission, companies have to test their…
Global Security News, Security
Unpatched critical flaws impact Fancy Product Designer WordPress plugin
Premium WordPress plugin Fancy Product Designer from Radykal is vulnerable to two critical severity flaws that remain unfixed in the current latest version. […]
Exploits, Global Security News, Security
Ivanti warns of new Connect Secure flaw used in zero-day attacks
Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in zero-day attacks to install malware on appliances. […]
Amazon, amazon alexa, bestbuy, Cybersecurity, Global Security News, Hardware, internet of things, IoT, Security, united states
US to Launch Cyber Trust Mark to Label Secure Smart Devices
The Cyber Trust Mark is designed to help consumers make more informed decisions about the cybersecurity of devices they may purchase.
Global Security News, Security
Russian ISP confirms Ukrainian hackers “destroyed” its network
Russian internet service provider Nodex confirmed on Tuesday that its network was “destroyed” in a cyberattack claimed by Ukrainian hacktivists part of the Ukrainian Cyber Alliance […]
Exploits, Global Security News, Security
SonicWall urges admins to patch exploitable SSLVPN bug immediately
SonicWall is emailing customers urging them to upgrade their firewall’s SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is “susceptible to actual exploitation.” […]
Exploits, Global Security News, Security
Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens
Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in GFI KerioControl firewall product. […]
cyberattack, data breach, Global IT News, Global Security News, russia-ukraine war, Security
Ukrainian hackers take credit for hacking Russian ISP that wiped out servers and caused internet outages
The Russian ISP blamed the Ukrainian hackers for causing a “complete failure” across its internet infrastructure. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Government, Security
Over 4,000 backdoors hijacked by registering expired domains
Over 4,000 abandoned but still active web backdoors were hijacked and their communication infrastructure sinkholed after researchers registered expired domains used for commanding them. […]
Global Security News, Healthcare, Security
Medical billing firm Medusind discloses breach affecting 360,000 people
Medusind, a leading billing provider for healthcare organizations, is notifying hundreds of thousands of individuals of a data breach that exposed their personal and health information more than a year ago, in December 2023. […]
china, cyberattacks, Cybersecurity, Global IT News, Global Security News, Japan, Security
Japan says Chinese hackers targeted its government and tech companies for years
The years-long hacking spree targeted government organizations as well as companies across Japan. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
Thousands of credit cards stolen in Green Bay Packers store breach
American football team Green Bay Packers says cybercriminals stole the credit card data of over 8,500 customers after hacking its official Pro Shop online retail store in a September breach. […]
Global Security News, Security
How initial access brokers (IABs) sell your users’ credentials
Initial Access Brokers (IABs) are specialized cybercriminals that break into corporate networks and sell stolen access to other attackers. Learn from Specops Software about how IABs operate and how businesses can protect themselves. […]
Bain Capital, Cybersecurity, data breach, Global IT News, Global Security News, powerschool, Security
Edtech giant PowerSchool says hackers accessed personal data of students and teachers
The Bain Capital-owned edtech giant says hackers accessed its customer support portal using a “compromised credential.” © 2024 TechCrunch. All rights reserved. For personal use only.
Cybersecurity, Data Privacy, european commission, GDPR, Global IT News, Global Security News, Security
EU court fines European Commission for breaching its own data privacy laws
The EU court said the bloc’s executive authority violated a citizen’s rights by transferring some of his personal data to the U.S. without proper safeguards. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
UN aviation agency confirms recruitment database security breach
The United Nations’ International Civil Aviation Organization (ICAO) has confirmed that a threat actor has stolen approximately 42,000 records after hacking into its recruitment database. […]
Casio, Cybersecurity, data breach, Global IT News, Global Security News, Ransomware, Security
Casio says hackers stole personal data of 8,500 people during October ransomware attack
The Japanese electronics giant says it did not negotiate with the hackers responsible for the attack. © 2024 TechCrunch. All rights reserved. For personal use only.
Cybersecurity, data breach, Global IT News, Global Security News, hacking, icao, Security
UN aviation agency confirms hacker breached recruitment database to access thousands of records
ICAO says compromised data includes job applicants’ names, email addresses and employment history © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
PowerSchool hack exposes student, teacher data from K-12 districts
Education software giant PowerSchool has confirmed it suffered a cybersecurity incident that allowed a threat actor to steal the personal information of students and teachers from school districts using its PowerSchool SIS platform. […]
Exclusive, Global IT News, Global Security News, India, Indian government, Security
Indian government websites are still redirecting users to scam sites
Some Indian government websites are still redirecting to links planted by scammers. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security, Security Bloggers Network
Reemployment Project: Meet Alex Ryan
The numbers are staggering—2024 has seen over 200,000 layoffs across 1,200 companies, with 82% coming from the tech industry. Welcome to the Top Tech Talent Reemployment Project! I’m Peter, and this initiative is all about supporting those affected by layoffs and helping them find fulfilling roles. In our first episode, I’m joined by my friend…
Global Security News, Security, Security Bloggers Network
Top Tech Talent Reemployment Project: Helping Job Seekers Shine!
After being let go from F5 in May 2023, I started thinking about how to support job seekers during tough times. That’s when I came up with the Top Tech Talent Reemployment Project—a video series featuring professionals who have been impacted by layoffs. The idea is simple: I host 5-7 minute interviews where we discuss…
Global Security News, Security
Casio says data of 8,500 people exposed in October ransomware attack
Japanese electronics manufacturer Casio says that the October 2024 ransomware incident exposed the personal data of approximately 8,500 people. […]
Exploits, Global Security News, Security
New Mirai botnet targets industrial routers with zero-day exploits
A relatively new Mirai-based botnet has been growing in sophistication and is now leveraging zero-day exploits for security flaws in industrial routers and smart home devices. […]
Global Security News, Security
US govt launches cybersecurity safety label for smart devices
Today, the White House announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for internet-connected consumer devices. […]
Cybersecurity, Global IT News, Global Security News, Security, Telegram, transparency report
Telegram reports spike in sharing user data with law enforcement
The messaging app handed over user data on thousands of Telegram users to U.S. authorities over 2024, the data reveals. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
BIOS flaws expose iSeq DNA sequencers to bootkit attacks
BIOS/UEFI vulnerabilities in the iSeq 100 DNA sequencer from U.S. biotechnology company Illumina could let attackers disable devices used for detecting illnesses and developing vaccines. […]
Exploits, Global Security News, Security
CISA warns of critical Oracle, Mitel flaws exploited in attacks
CISA has warned U.S. federal agencies to secure their systems against critical vulnerabilities in Oracle WebLogic Server and Mitel MiCollab systems that are actively exploited in attacks. […]
Global Security News, Legal, Security
Washington state sues T-Mobile over 2021 data breach security failures
Washington state has sued T-Mobile over failing to secure the sensitive personal information of over 2 million Washington residents in a 2021 data breach. […]
business, channel, channel business model, Cybersecurity, Global Security News, MSPs, MSSPs, Partners, Security
Managed Patch Management: An Opportunity for MSPs
There are various methods to protect against unauthorized access to your company’s networks, and patch management is a simple way to address security vulnerabilities or bugs in the system. Maintaining network security through updates and patches can improve your customers’ experience with their technology, and ensure your services remain valuable to the businesses that you…
Cybersecurity, Global IT News, Global Security News, internet of things, IoT, Security
US government set to launch its Cyber Trust Mark cybersecurity labeling program for internet-connected devices in 2025
The cybersecurity consumer labeling program will launch in 2025, the Biden administration confirmed, after initially slated for last year. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
UN aviation agency investigating ‘potential’ security breach
On Monday, the United Nations’ International Civil Aviation Organization (ICAO) announced it was investigating what it described as a “reported security incident.” […]
Global Security News, Security
Malicious Browser Extensions are the Next Frontier for Identity Attacks
A recent campaign targeting browser extensions illustrates that they are the next frontier in identity attacks. Learn more about these attacks from LayerX Security and how to receive a free extension audit. […]
Global Security News, Security
Green Bay Packers’ online store hacked to steal credit cards
The Green Bay Packers American football team is notifying fans that a threat actor hacked its official online retail store in October and injected a card skimmer script to steal customers’ personal and payment information. […]
Cybersecurity, data breach, Global IT News, Global Security News, Security
UN aviation agency ‘investigating’ security breach after hacker claims theft of personal data
ICAO says the incident was allegedly linked to a hacker ‘known for targeting international organizations’ © 2024 TechCrunch. All rights reserved. For personal use only.
Cloud Security, Global Security News, Ivpn vpn, Security, VPN
IVPN Review: Pricing, Features, Pros, and Cons
Read our IVPN review to uncover its strong security features and privacy-first approach. Discover what sets it apart — but are there hidden drawbacks?
Cybersecurity, dark web, Global Security News, Security, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Threat Intelligence
Dark Web Dangers Aren’t as Hidden as You Think
While it occupies only a sliver of the internet, the dark web has become a growing threat to businesses everywhere. The post Dark Web Dangers Aren’t as Hidden as You Think appeared first on Security Boulevard.
cyberattack, Cybersecurity, data breach, Global Security News, North America, Security, T-Mobile
Washington sues T-Mobile over 2021 data breach that spilled 79 million customer records
The 2021 breach affected at least 2 million Washington state residents, and tens of millions more customers around the United States. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
CISA says recent government hack limited to US Treasury
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today that the Treasury Department breach disclosed last week did not impact other federal agencies. […]
CISA, cyberattack, Cybersecurity, Global IT News, Global Security News, Security, us treasury
CISA says ‘no indication’ of wider government hack beyond Treasury
U.S. Treasury officials confirmed a cyberattack on its systems in early December 2024. © 2024 TechCrunch. All rights reserved. For personal use only.
Asia Pacific, china, Cybersecurity, Evergreen, Global Security News, hacking, Security, state-sponsored hacking, us government
Meet the Chinese ‘Typhoon’ hackers preparing for war
Dubbed Volt, Flax and Salt Typhoon, U.S. intelligence says these China-backed hackers are laying the groundwork for future conflict. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Hardware, Security
Vulnerable Moxa devices expose industrial networks to attacks
Industrial networking and communications provider Moxa is warning of a high-severity and a critical vulnerability that impact various models of its cellular routers, secure routers, and network security appliances. […]
Global Security News, Security
Chinese hackers also breached Charter and Windstream networks
More U.S. companies have been added to the list of telecommunications firms hacked in a wave of breaches by a Chinese state-backed threat group tracked as Salt Typhoon. […]
Global Security News, Security
Eagerbee backdoor deployed against Middle Eastern govt orgs, ISPs
New variants of the Eagerbee malware framework are being deployed against government organizations and internet service providers (ISPs) in the Middle East. […]
Cloud Security, expressvpn, Fastest vpns, Global Security News, Hotspot Shield, nordvpn, proton vpn, Security, surfshark, Top Products, VPN
The 5 Fastest VPNs for 2025
Looking for a VPN that delivers speed and security? We’ve rounded up the best of the best — take a look and see which one’s perfect for you!
Global Security News, Microsoft, Security
Windows 10 users urged to upgrade to avoid “security fiasco”
Cybersecurity firm ESET is urging Windows 10 users to upgrade to Windows 11 or Linux to avoid a “security fiasco” as the 10-year-old operating system nears the end of support in October 2025. […]
CryptoCurrency, Global Security News, Security
Cryptocurrency wallet drainers stole $494 million in 2024
Scammers stole $494 million worth of cryptocurrency in wallet drainer attacks last year that targeted more than 300,000 wallet addresses. […]
Global Security News, Security
Nuclei flaw bypasses template signature checks to execute code
A new vulnerability in the open-source vulnerability scanner Nuclei could potentially allow attackers to bypass signature verification while sneaking malicious code into templates that execute on local systems. […]
Global Security News, Security
Nuclei flaw bypasses template signature checks to execute commands
A now-fixed vulnerability in the open-source vulnerability scanner Nuclei could potentially allow attackers to bypass signature verification while sneaking malicious code into templates that execute on local systems. […]
Global Security News, Security
Nuclei flaw lets malicious templates bypass signature verification
A now-fixed vulnerability in the open-source vulnerability scanner Nuclei could potentially allow attackers to bypass signature verification while sneaking malicious code into templates that execute on local systems. […]
Amit Yoran, Global IT News, Global Security News, Security, Tenable
Tenable CEO Amit Yoran dies
Longtime entrepreneur and cybersecurity executive Amit Yoran passed away Friday after a battle with cancer. Cybersecurity company Tenable, where Yoran was CEO and chairman, announced his death in a press release. Before becoming Tenable’s CEO in 2016, he held a number of roles including president of RSA, founding CEO of NetWitness, and CEO of In-Q-Tel.…
Global Security News, Mobile, Security
New FireScam Android malware poses as RuStore app to steal data
A new Android malware named ‘FireScam’ is being distributed as a premium version of the Telegram app via phishing websites on GitHub that mimick the RuStore, Russia’s app market for mobile devices. […]
Global Security News, Security
Bad Tenable plugin updates take down Nessus agents worldwide
Tenable says customers must manually upgrade their software to revive Nessus vulnerability scanner agents taken offline on December 31st due to buggy differential plugin updates. […]
Global Security News, Networking, open source, secure copy, Security, ssh key
How To Use SCP (Secure Copy) With SSH Key Authentication
Here’s how to use the secure copy command, in conjunction with ssh key authentication, for an even more secure means of copying files to your remote Linux servers.
Asia Pacific, china, Cybersecurity, Flax Typhoon, Global Security News, hacking, Security, us government
US sanctions Chinese cyber firm linked to Flax Typhoon hacks
U.S. officials say the sanctioned Chinese firm provided botnet infrastructure for the China-backed hacking group Flax Typhoon © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
US sanctions Chinese company linked to Flax Typhoon hackers
The U.S. Treasury Department has sanctioned Beijing-based cybersecurity company Integrity Tech for its involvement in cyberattacks attributed to the Chinese state-sponsored Flax Typhoon hacking group. […]
Global Security News, Security
Malicious npm packages target Ethereum developers’ private keys
Twenty malicious packages impersonating the Hardhat development environment used by Ethereum developers are targeting private keys and other sensitive data. […]