The phishing-as-a-service kit from Sneaky Log creates fake authentication pages to farm account information, including two-factor security codes.
Category: Security
Global Security News, Security
Cloudflare mitigated a record-breaking 5.6 Tbps DDoS attack
The largest distributed denial-of-service (DDoS) attack to date peaked at 5.6 terabits per second and came from a Mirai-based botnet with 13,000 compromised devices. […]
Conduent, Cybersecurity, Global IT News, Global Security News, government contracts, Security, United States government
Govtech giant Conduent won’t rule out cyberattack as outage drags on
At least four states reported being affected by the outage, which Conduent says is ongoing. © 2024 TechCrunch. All rights reserved. For personal use only.
Apple, Global Security News, Google, Security
Fake Homebrew Google ads target Mac users with malware
Hackers are once again abusing Google ads to spread malware, using a fake Homebrew website to infect Macs and Linux devices with an infostealer that steals credentials, browser data, and cryptocurrency wallets. […]
Global Security News, Security
7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now
A high-severity vulnerability in the 7-Zip file archiver allows attackers to bypass the Mark of the Web (MotW) Windows security feature and execute code on users’ computers when extracting malicious files from nested archives. […]
Global Security News, Security
Ransomware gangs pose as IT support in Microsoft Teams phishing attacks
Ransomware gangs are increasingly adopting email bombing followed by posing as tech support in Microsoft Teams calls to trick employees into allowing remote control and install malware that provides access to the company network. […]
Global Security News, Security
Criminal IP Teams Up with OnTheHub for Digital Education Cybersecurity
AI SPERA announced today that it has partnered with education platform OnTheHub to provide its integrated cybersecurity solution, Criminal IP, to students and educational institutions. […]
Cybersecurity, data breach, Global IT News, Global Security News, powerschool, Security
Toronto school district says 40 years of student data stolen in PowerSchool breach
Canada’s largest school board says hackers may have accessed some 40 years’ worth of student data during the recent PowerSchool breach. In a letter sent to parents this week, the Toronto District School Board (TDSB) said that the data breach affected all students enrolled in the district between September 1985 and December 2024. The school…
best edr software, Cloud Security, edr software, Global Security News, Security, Top Products
5 Best Endpoint Detection & Response Solutions for 2025
Endpoint detection and response (EDR) software is the best way to detect, investigate, and respond to advanced attacks. Endpoint detection and response software is a security solution that protects against malware and other threats.
Cybersecurity, data breach, Enterprise, Global IT News, Global Security News, hacking, HPE, Security
HPE investigating security breach after hacker claims theft of sensitive data
A well-known hacker claims to have stolen source code and user data from the enterprise IT giant © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
HPE investigates breach as hacker claims to steal source code
Hewlett Packard Enterprise (HPE) is investigating claims of a new breach after a threat actor said they stole documents from the company’s developer environments. […]
Cloud Security, Global Security News, pia vpn, Private Internet Access vpn review, Security, VPN
Private Internet Access VPN Review: How Good Is PIA VPN?
When it comes to privacy and security, PIA VPN is among the best. Discover its features, performance, pricing, and more with this in-depth review.
Global Security News, Security, Software, Technology
TikTok shuts down in the US as Trump throws the company a lifeline
TikTok shut down in the U.S. late Saturday night following the Supreme Court’s decision to uphold the law that banned the company over national security concerns. […]
Global IT News, Global Security News, Google, OAuth, Security, Startups
Employees of failed startups are at special risk of stolen personal data through old Google logins
As if losing your job when the startup you work for collapses isn’t bad enough, now a security researcher has found that employees at failed startups are at particular risk of having their data stolen. This ranges from their private Slack messages to Social Security numbers and, potentially, bank accounts. The researcher who discovered the…
Global Security News, Security
Star Blizzard hackers abuse WhatsApp to target high-value diplomats
Russian nation-state actor Star Blizzard has been running a new spear-phishing campaign to compromise WhatsApp accounts of targets in government, diplomacy, defense policy, international relations, and Ukraine aid organizations. […]
2024, boys-basketball, Global Security News, music, rock, SBN News, Security, Security Bloggers Network
Legends of Music: Celebrating the Greatest Artists Across Generations Compilation
Adam Ant, AD Rock, Alan Parsons, Aldo Nova, Alex Lifeson, Andrew Gold, Angus Young, Barbra Streisand, Barry Gibb, Barry White, Benjamin Orr, Barry Goudreau, Beyoncé Knowles-Carter, Bill Wyman, Billy Gibbons, Billy Preston, Billy Squire, Björn Ulvaeus, Bob Casale, Bob Dylan, Bobby Kimball, Boy George, Brad Delp, Brian May, Bruce Dickenson, Carmine Appice, Carol Kaye, Charlie…
AT&T, cyberattacks, Cybersecurity, data breach, Global IT News, Global Security News, Government & Policy, Security, Snowflake, us government, Verizon
DOJ confirms arrested US Army soldier is linked to AT&T and Verizon hacks
The alleged hacker claimed to have access to huge amounts of call records, including VP Kamala Harris and President Trump. © 2024 TechCrunch. All rights reserved. For personal use only.
Cybersecurity, data breach, EdTech, Global IT News, Global Security News, Hackers, hacking, infosec, K-12, powerschool, Security
How victims of PowerSchool’s data breach helped each other investigate ‘massive’ hack
School workers say they resorted to crowdsourcing help among each other following PowerSchool’s breach, fueled by solidarity and the slow response from PowerSchool. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
Otelier data breach exposes info, hotel reservations of millions
Hotel management platform Otelier suffered a data breach after threat actors breached its Amazon S3 cloud storage to steal millions of guests’ personal information and reservations for well-known hotel brands like Marriott, Hilton, and Hyatt. […]
AI (Artificial Intelligence), architecture, Global Security News, Grok, Innovation, privacy, Security, Security Bloggers Network
The Comprehensive Guide to Understanding Grok AI: Architecture, Applications, and Implications
Explore the revolutionary Grok AI system in this comprehensive guide. From its sophisticated architecture to real-world applications, discover how this advanced AI assistant integrates with the X platform while maintaining robust privacy and security measures. The post The Comprehensive Guide to Understanding Grok AI: Architecture, Applications, and Implications appeared first on Security Boulevard.
Global Security News, Security
Malicious PyPi package steals Discord auth tokens from devs
A malicious package named ‘pycord-self’ on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system. […]
Cybersecurity, Global IT News, Global Security News, hacking, Salt Typhoon, Security, silk typhoon, us treasury
Treasury sanctions Salt Typhoon hacking group behind breaches of major US telecom firms
The US government has also sanctioned the hacker responsible for December’s US Treasury hack © 2024 TechCrunch. All rights reserved. For personal use only.
cyberattack, Cybersecurity, data breach, education, Exclusive, Global IT News, Global Security News, powerschool, Security, TC
Malware stole internal PowerSchool passwords from engineer’s hacked computer
The theft of a PowerSchool engineer’s passwords prior to the breach raises further doubts about the company’s security practices. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Legal, Security
US sanctions Chinese firm, hacker behind telecom and Treasury hacks
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Yin Kecheng, a Shanghai-based hacker for his role in the recent Treasury breach and a company associated with the Salt Typhoon threat group. […]
Global Security News, Security
FCC orders telecoms to secure their networks after Salt Tyhpoon hacks
The Federal Communications Commission (FCC) has ordered U.S. telecommunications carriers to secure their networks following last year’s Salt Typhoon security breaches. […]
Cybersecurity, dark web, Data Privacy, Data Security, Global Security News, Security, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Threats & Breaches, vulnerabilities
How Much of Your Business is Exposed on the Dark Web?
The dark web is a thriving underground market where stolen data and corporate vulnerabilities are openly traded. This hidden economy poses a direct and growing threat to businesses worldwide. Recent breaches highlight the danger. The post How Much of Your Business is Exposed on the Dark Web? appeared first on Security Boulevard.
Europe, Global Security News, Legal, Security
GDPR complaints filed against TikTok, Temu for sending user data to China
Non-profit privacy advocacy group “None of Your Business” (noyb) has filed six complaints against TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi, for unlawfully transferring European user’s data to China and infringing European Union’s general data protection regulation (GDPR). […]
Global Security News, Security
W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks
A severe flaw in the W3 Total Cache plugin installed on more than one million WordPress sites could give attackers access to various information, including metadata on cloud-based apps. […]
Global Security News, Security
Microsoft expands testing of Windows 11 admin protection feature
Microsoft has expanded its Windows 11 administrator protection tests, allowing Insiders to enable the security feature from the Windows Security settings. […]
Global Security News, Security
How do you unlock automation within IT security and IT operations?
The proliferation of endpoints in today’s enterprises is outpacing the ability of IT operations and security teams to cost-effectively manage increasingly complex environments. Already stretched thin, teams face the daunting task of securing vast IT estates with siloed tools, stale data, and other hindrances that create the perfect “imperfect” environment for vulnerabilities. And simply adding…
Global Security News, Security
US cracks down on North Korean IT worker army with more sanctions
The U.S. Treasury Department has sanctioned a network of individuals and front companies linked to North Korea’s Ministry of National Defense that have generated revenue via illegal remote IT work schemes. […]
Global Security News, North America, Security
Biden signs executive order to bolster national cybersecurity
Days before leaving office, President Joe Biden signed an executive order to shore up the United States’ cybersecurity by making it easier to sanction hacking groups targeting federal agencies and the nation’s critical infrastructure. […]
Global Security News, Legal, Security
Wolf Haldenstein law firm says 3.5 million impacted by data breach
Wolf Haldenstein Adler Freeman & Herz LLP (“Wolf Haldenstein”) reports it has suffered a data breach that exposed the personal information of nearly 3.5 million individuals to hackers. […]
Global Security News, Security
FTC sues GoDaddy for years of poor hosting security practices
The FTC will require web hosting giant GoDaddy to implement basic security protections, such as multi-factor authentication and HTTPS APIs, to settle charges that it failed to secure its hosting services against attacks since 2018. […]
Exploits, Global Security News, Microsoft, Security
New UEFI Secure Boot flaw exposes systems to bootkits, patch now
A new UEFI Secure Boot bypass vulnerability tracked as CVE-2024-7344 that affects a Microsoft-signed application could be exploited to deploy bootkits even if Secure Boot protection is active. […]
Exploits, Global Security News, Security
MFA Failures – The Worst is Yet to Come
This article delves into the rising tide of MFA failures, the alarming role of generative AI in amplifying these attacks, the growing user discontent weakening our defenses, and the glaring vulnerabilities being frequently exploited. The storm is building, and the worst is yet to come. […]
Cleo, Clop, Cybersecurity, data breach, Global IT News, Global Security News, Ransomware, Security
Clop ransomware gang names dozens of victims hit by Cleo mass-hack, but several firms dispute breaches
The Russia-linked ransomware group is threatening to leak data stolen from almost 60 Cleo Software customers if ransoms aren’t paid © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
Hackers leak configs and VPN credentials for 15,000 FortiGate devices
A new hacking group has leaked the configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices for free on the dark web, exposing a great deal of sensitive technical information to other cybercriminals. […]
Citizen Lab, Cybersecurity, Global IT News, Global Security News, Greece, infosec, poland, Russia, Security, Spyware, UN, United Nations, united states
Governments call for spyware regulations in UN Security Council meeting
Several governments participated in a meeting on the proliferation of commercial spyware at the United Nations Security Council. © 2024 TechCrunch. All rights reserved. For personal use only.
Exploits, Global Security News, Security
SAP fixes critical vulnerabilities in NetWeaver application servers
SAP has fixed two critical vulnerabilities affecting NetWeaver web application server that could be exploited to escalate privileges and access restricted information. […]
Global Security News, Microsoft, Security
CISA shares guidance for Microsoft expanded logging capabilities
CISA shared guidance for government agencies and enterprises on using expanded cloud logs in their Microsoft 365 tenants as part of their forensic and compliance investigations. […]
Global Security News, Security
MikroTik botnet uses misconfigured SPF DNS records to spread malware
A newly discovered botnet of 13,000 MikroTik devices uses a misconfiguration in domain name server records to bypass email protections and deliver malware by spoofing roughly 20,000 web domains. […]
Global Security News, Security
Label giant Avery says website hacked to steal credit cards
Avery Products Corporation is warning it suffered a data breach after its website was hacked to steal customers’ credit cards and personal information. […]
Global Security News, Security
Hackers use Google Search ads to steal Google Ads accounts
Ironically, cybercriminals now use Google search advertisements to promote phishing sites that steal advertisers’ credentials for the Google Ads platform. […]
Global Security News, linux, Security
Over 660,000 Rsync servers exposed to code execution attacks
Over 660,000 exposed Rsync servers are potentially vulnerable new to six new vulnerabilities, including a critical-severity heap-buffer overflow flaw that could lead to remote code execution. […]
ai cyber threats, AI Cybersecurity, ai cybersecurity risks, ai cybersecurity toos, APAC, Australia, Global Security News, Security
5 Emerging AI Threats Australian Cyber Pros Must Watch in 2025
AI cloning and deepfakes rank among the top challenges for Australian cybersecurity professionals in 2025.
cyber security, Cybersecurity, emea, Europe, Global Security News, legislation, Ransomware, regulation, Security, Tech Industry, uk, United Kingdom
UK Considers Banning Ransomware Payments
The proposed mandate intends to discourage criminals from targeting critical national infrastructure and public services, as there will be no financial motivation.
citrix, git, GitHub, Global Security News, Microsoft, microsoft powerpoint, microsoft visual studio, microsoft windows, Patch Tuesday, Security, Software, vulnerabilities
Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks
Microsoft’s monthly patches cover Hyper-V NT Kernel Integration VSPs, Git in Visual Studio, and more.
Cybersecurity, data breach, Exclusive, extortion, Global IT News, Global Security News, powerschool, Security
PowerSchool data breach victims say hackers stole ‘all’ historical student and teacher data
A trove of information on current and former students and teachers was accessed during the December cyberattack, sources say © 2024 TechCrunch. All rights reserved. For personal use only.
Artificial Intelligence, Data Management, Global Security News, Health Care Security, health insurance portability and accountability act, healthcare security, HIPAA, Security
Enhancing Health Care Cybersecurity: Bridging HIPAA Gaps with Innovation
The proposed HIPAA Security Rule introduces mandatory measures to prevent malicious cyberattacks in health care.
Cybersecurity, data breach, Exclusive, Global IT News, Global Security News, HIPAA, Security, UnitedHealth Group, UnitedHealthcare
UnitedHealth hid its Change Healthcare data breach notice for months
The ransomware attack on Change Healthcare affected over 100 million Americans, the health giant told regulators. © 2024 TechCrunch. All rights reserved. For personal use only.
Cloud Security, cyberghost vpn, CyberGhost vpn review, Global Security News, Security, VPN
CyberGhost VPN Review (2025): Features, Pricing, and Security
In this comprehensive review of CyberGhost VPN, we cover its features, pricing, security, and overall performance. Find out if this is the right VPN for you.
asd, Australia, australian signals directorate, cyber security australia, essential eight, Global Security News, government cyber security australia, International, Security
Australian Government Agencies Failing to Keep Up With Cyber Security Change
Cyber security maturity declines among Australian government agencies in 2024, as legacy IT systems hinder progress under the Essential Eight framework.
cyberattacks, Cybersecurity, Fortinet, Global IT News, Global Security News, Security
Hackers are exploiting a new Fortinet firewall bug to breach company networks
Security researchers say “tens” of Fortinet devices have been compromised so far as part of the weeks-long hacking campaign. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites
A new malware campaign has compromised more than 5,000 WordPress sites to create admin accounts, install a malicious plugin, and steal data. […]
CryptoCurrency, Global Security News, North America, Security
US govt says North Korea stole over $659 million in crypto last year
North Korean state-backed hacking groups have stolen over $659 million worth of cryptocurrency in multiple crypto-heists, according to a joint statement issued by the United States, South Korea, and Japan on Tuesday. […]
business, channel, Exploits, Global Security News, Security, services
Flashpoint Releases Guide for Surviving Ransomware Activities
Cyber threat intelligence organization Flashpoint recently released its 2025 Ransomware Survival Guide. The ebook outlines the steps enterprises can take to manage and de-escalate ransomware activities. According to Flashpoint, the guide was aimed at equipping Cyber Threat Intelligence (CTI) professionals, threat hunters, and security leaders with actionable knowledge and insights to more effectively anticipate, prevent,…
Exploits, Global Security News, Microsoft, Security
Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws
Today is Microsoft’s January 2025 Patch Tuesday, which includes security updates for 159 flaws, including eight zero-day vulnerabilities, with three actively exploited in attacks. […]
Global Security News, Google, Security
Google OAuth flaw lets attackers gain access to abandoned accounts
A weakness in Google’s OAuth “Sign in with Google” feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to various software-as-a-service (SaaS) platforms. […]
china, cyberespionage, Global Security News, malware, North America, Security, us government
DOJ confirms FBI operation that mass-deleted Chinese malware from thousands of US computers
The FBI says it was authorized to mass-remove “PlugX” malware from more than 4,000 compromised machines in the United States © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, North America, Security
FBI wipes Chinese PlugX malware from over 4,000 US computers
The U.S. Department of Justice announced today that the FBI has deleted Chinese PlugX malware from over 4,200 computers in networks across the United States. […]
Global Security News, Security
Hackers use FastHTTP in new high-speed Microsoft 365 password attacks
Threat actors are utilizing the FastHTTP Go library to launch high-speed brute-force password attacks targeting Microsoft 365 accounts globally. […]
Exploits, Global Security News, Security
Fortinet warns of auth bypass zero-day exploited to hijack firewalls
Attackers are exploiting a new authentication bypass zero-day vulnerability in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. […]
Crypto, Global IT News, Global Security News, North Korea, Security, TC, WazirX
North Korea stole over $659M in crypto heists during 2024, deploys fake job seekers
A joint international statement provides the first official confirmation that North Korea was behind the $235M hack of WazirX, India’s largest cryptocurrency exchange. © 2024 TechCrunch. All rights reserved. For personal use only.
Cybersecurity, Global IT News, Global Security News, hacking, Ransomware, Security, UK government
UK plans to ban public sector organizations from paying ransomware hackers
The Home Office has proposed a ‘targeted ban’ on ransom payments following a wave a cyberattacks targeting the UK © 2024 TechCrunch. All rights reserved. For personal use only.
Cloud Security, Global Security News, Security, VPN, windscribe review, windscribe VPN
Windscribe VPN Review (2025): Features, Pricing, and Security
We evaluate the features, performance, security, and pricing of Windscribe VPN to help you determine if it’s a reliable VPN service for your needs.
c-suite, cyber spending, Cybersecurity, Global Security News, Security, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, strategy
Conveying Your Security Needs to the Board in Six Minutes or Less
CISOs must take advantage by making the most of their limited time with effective and informative messaging. The post Conveying Your Security Needs to the Board in Six Minutes or Less appeared first on Security Boulevard.
Barcelona, Cybersecurity, Defense Prime, Epsilon, Exclusive, Global IT News, Global Security News, Hackers, Head and Tail, Palm Beach Networks, Security, Spyware, Startups, variston, zero days
How Barcelona became an unlikely hub for spyware startups
Barcelona’s mix of affordable cost of living and quality of life has helped create a vibrant startup community — and become a hotbed for the creation of surveillance technologies. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Healthcare, Security
OneBlood confirms personal data stolen in July ransomware attack
Blood-donation not-for-profit OneBlood confirms that donors’ personal information was stolen in a ransomware attack last summer. […]
Artificial Intelligence, Asia Pacific, Cybersecurity, generative ai, Global Security News, GPUS, Hardware, nvidia, Security, sustainability, Tech Industry, us government
US Chip Export Rule Proposes Limits to Thwart Chinese GPUs
The Biden administration states the rule will prevent U.S. chips from passing to China through countries loosely allied or not politically allied with the U.S.
Exploits, Global Security News, Security
CISA orders agencies to patch BeyondTrust bug exploited in attacks
CISA tagged a vulnerability in BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks, ordering agencies to secure their systems within three weeks. […]
Gaming, Global Security News, Security
Stolen Path of Exile 2 admin account used to hack player accounts
Path of Exile 2 developers confirmed that a hacked admin account allowed a threat actor to change the password and access at least 66 accounts, finally explaining how PoE 2 accounts have been breached since November. […]
Apple, Global Security News, Microsoft, Security
Microsoft: macOS bug lets hackers install malicious kernel drivers
Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. […]
Cloud, Exploits, Global Security News, Security
Hackers exploit critical Aviatrix Controller RCE flaw in attacks
Threat actors are exploiting a critical remote command execution vulnerability, tracked as CVE-2024-50603, in Aviatrix Controller instances to install backdoors and crypto miners. […]
Global Security News, Security
UK domain registry Nominet confirms breach via Ivanti zero-day
Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability. […]
Cloud, Global Security News, Security
Ransomware abuses Amazon AWS feature to encrypt S3 buckets
A new ransomware campaign encrypts Amazon S3 buckets using AWS’s Server-Side Encryption with Customer Provided Keys (SSE-C) known only to the threat actor, demanding ransoms to receive the decryption key. […]
1Password, Bitwarden, Cloud Security, Global Security News, password manager, Security
Bitwarden vs 1Password: Battle of the Best – Who Wins?
Bitwarden and 1Password are two of the top password managers. Find out which password manager is the best for you using this comprehensive comparison.
cyberattack, Cybersecurity, data broker, Data Privacy, Global IT News, Global Security News, mobile location data, privacy, Security, us government
A breach of a data broker’s trove of location data threatens the privacy of millions
The company confirmed the breach after a hacker posted millions of location data records online. © 2024 TechCrunch. All rights reserved. For personal use only.
Cybersecurity, Global IT News, Global Security News, hacking, ivanti, nominet, Security, zero day
UK domain giant Nominet confirms cybersecurity incident linked to Ivanti VPN hacks
Nominet, the U.K. domain registry that maintains .co.uk domains, has experienced a cybersecurity incident that it confirmed is linked to the recent exploitation of a new Ivanti VPN vulnerability. In an email to customers, seen by TechCrunch, Nominet warned of an “ongoing security incident” under investigation. Nominet said hackers accessed its systems via “third-party VPN…
AI, AI Concerns, AI privacy, AI Regulation, AI Trends, Anthropic, ChatGPT, Claude, cyber security, cyber threat, Cybersecurity, Data Privacy, data protection, Data Security, Digital Privacy, Episodes, gemini, generative ai, Global Security News, Information Security, infosec, Podcast, Podcasts, privacy, Privacy Policies, Safety in AI, Security, Security Bloggers Network, Tech Ethics, Tech Podcast, Technology, Weekly Edition
AI Privacy Policies: Unveiling the Secrets Behind ChatGPT, Gemini, and Claude
Do you ever read the privacy policy of your favorite AI tools like ChatGPT, Gemini, or Claude? In this episode, Scott Wright and Tom Eston discuss the critical aspects of these policies, comparing how each AI engine handles your personal data. They explore the implications of data usage, security, and privacy in AI, with insights…
Apple, Exploits, Global Security News, Security
Phishing texts trick Apple iMessage users into disabling protection
Cybercriminals are exploiting a trick to turn off Apple iMessage’s built-in phishing protection for a text and trick users into re-enabling disabled phishing links. […]
Global Security News, Government, Security
Scammers file first — Get your IRS Identity Protection PIN now
The IRS relaunched its Identity Protection Personal Identification Number (IP PIN) program this week and all US taxpayers are encouraged to enroll for added security against identity theft and fraudulent returns. […]
Exploits, Global Security News, Security
Fake LDAPNightmware exploit on GitHub spreads infostealer malware
A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka “LDAPNightmare”) on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. […]
AI, Azure OpenAI Service, dall-e, Global IT News, Global Security News, lawsuit, Microsoft, Security
Microsoft accuses group of developing tool to abuse its AI service in new lawsuit
Microsoft has taken legal action against a group the company claims intentionally developed and used tools to bypass the safety guardrails of its cloud AI products. According to a complaint filed by the company in December in the U.S. District Court for the Eastern District of Virginia, a group of unnamed 10 defendants allegedly used…
drones, Global IT News, Global Security News, la, Security, Transportation, wildfires
A drone punched a hole into an LA firefighting plane
A drone collided with a ‘Super Scooper’ firefighting plane. © 2024 TechCrunch. All rights reserved. For personal use only.
Exploits, Global Security News, Security
2025 Cybersecurity and AI Predictions
The cybersecurity and AI landscape continues to evolve at a breathtaking pace, and with it, the associated risks. Snowballing cybercrime costs are compounded by a cybersecurity workforce gap of nearly 4.8 million professionals, as reported by ISC2. Meanwhile, ISACA’s end-2024 State of Cybersecurity Report shows that nearly half of those surveyed claim no involvement in…
Global Security News, Security
Telefónica confirms internal ticketing system breach after data leak
Spanish telecommunications company Telefónica confirms its internal ticketing system was breached after stolen data was leaked on a hacking forum. […]
china, Cybersecurity, Evergreen, Global Security News, hacking, North America, Security, state-sponsored hacking, us government
Meet the Chinese ‘Typhoon’ hackers preparing for war
U.S. intelligence say these China-backed hackers among laying the groundwork for future conflict with the United States. © 2024 TechCrunch. All rights reserved. For personal use only.
CryptoCurrency, Global Security News, Security
New Web3 attack exploits transaction simulations to steal crypto
Threat actors are employing a new tactic called “transaction simulation spoofing” to steal crypto, with one attack successfully stealing 143.45 Ethereum, worth approximately $460,000. […]
Global Security News, Security
US charges operators of cryptomixers linked to ransomware gangs
The U.S. Department of Justice indicted three operators of sanctioned Blender.io and Sinbad.io crypto mixer services used by ransomware gangs and North Korean hackers to launder ransoms and stolen cryptocurrency. […]
Global Security News, North America, Security
Treasury hackers also breached US foreign investments review office
Chinese hackers, part of the state-backed Silk Typhoon threat group, have reportedly breached the Committee on Foreign Investment in the United States (CFIUS), which reviews foreign investments to determine national security risks. […]
Crypto, CryptoCurrency, Department of Justice, fbi, Global IT News, Global Security News, money laundering, North Korea, Ransomware, sanctions, Security
US government charges operators of crypto mixing service used by North Korea and ransomware gangs
Three Russian citizens were charged with money laundering for their role in operating Blender.io and Sinbad.io crypto mixing services. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
Docker Desktop blocked on Macs due to false malware alert
Docker is warning that Docker Desktop is not starting on macOS due to malware warnings after some files were signed with an incorrect code-signing certificate. […]
Australia, Global Security News, HR Policy, International, it hiring australia 2025, it jobs australia 2025, Security, Tech & Work
Australian IT Sector Maintains Strong Employment Outlook for 2025
IT hiring intentions remain strong, though competition for jobs could be fierce.
Global Security News, Security
STIIIZY data breach exposes cannabis buyers’ IDs and purchases
Popular cannabis brand STIIIZY disclosed a data breach this week after hackers breached its point-of-sale (POS) vendor to steal customer information, including government IDs and purchase information. […]
CFIUS, china, cyberattack, Global IT News, Global Security News, Security, treasury, us government
China hacked US Treasury’s CFIUS, which reviews foreign investments for national security risks
The hackers targeting the Treasury are dubbed Silk Typhoon, and previously mass-hacked thousands of corporate email servers. © 2024 TechCrunch. All rights reserved. For personal use only.
cannabis, Cybersecurity, data breach, Global IT News, Global Security News, Ransomware, Security
Cannabis company Stiiizy says hackers accessed customers’ ID documents
A ransomware gang took credit for the breach, claiming to have stolen over 400,000 government-issued identity documents from customers. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
Fake CrowdStrike job offer emails target devs with crypto miners
CrowdStrike is warning that a phishing campaign is impersonating the cybersecurity company in fake job offer emails to trick targets into infecting themselves with a Monero cryptocurrency miner (XMRig). […]
Global Security News, Healthcare, North America, Security
Largest US addiction treatment provider notifies patients of data breach
BayMark Health Services, North America’s largest provider of substance use disorder (SUD) treatment and recovery services, is notifying an undisclosed number of patients that attackers stole their personal and health information in a September 2024 breach. […]
Artificial Intelligence, Developer, endor labs, Global Security News, open source, Security, Software
What’s Next for Open Source Software Security in 2025?
Hidden dependencies, social engineering attacks, and the complexity of foundation models can all contribute tothe insecure use of open-source software in 2025.