Organizations must frequently work with third parties to repair laptops, desktops, tablets, smartphones, servers, and other IT equipment. This customizable policy, written by Erik Eckel and Mark W. Kaelin for TechRepublic Premium, ensures an organization maintains regulatory and best business practice security compliance while tracking systems when they are being repaired. Featured text from the…
Category: Security
Global Security News, Security
FBI spots HiatusRAT malware attacks targeting web cameras, DVRs
The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. […]
Global Security News, Security
Texas Tech University System data breach impacts 1.4 million patients
The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data of 1.4 million patients. […]
APAC, Artificial Intelligence, Australia, Cybersecurity apac, cybersecurity threats apac 2025, cybersecurity vulnerabilities apac 2025, Exploits, Global Security News, Rapid7, Security
APAC: Ransomware to Cause ‘Bumpy’ Security Ride in 2025
Cashed-up ransomware criminals may exploit more zero days while potential blanket ransomware payment bans hang over defenders like a shadow.
Global Security News, linux, Security
Kali Linux 2024.4 released with 14 new tools, deprecates some features
Kali Linux has released version 2024.4, the fourth and final version of 2024, and it is now available with fourteen new tools, numerous improvements, and deprecates some features. […]
Global IT News, Global Security News, Security
Called your doctor after-hours? ConnectOnCall hackers may have stolen your medical data
The hackers stole names, phone numbers, dates of birth and information related to health conditions, treatments and prescriptions. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
Windows kernel bug now exploited in attacks to gain SYSTEM privileges
CISA has warned U.S. federal agencies to secure their systems against ongoing attacks targeting a high-severity Windows kernel vulnerability. […]
Global Security News, Security
Malicious ads push Lumma infostealer via fake CAPTCHA pages
A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not a bot. […]
Global Security News, Healthcare, Security
ConnectOnCall breach exposes health data of over 910,000 patients
Healthcare software as a service (SaaS) company Phreesia is notifying over 910,000 people that their personal and health data was exposed in a May breach of its subsidiary ConnectOnCall. […]
Global Security News, Security
Rhode Island confirms data breach after Brain Cipher ransomware attack
Rhode Island is warning that its RIBridges system, managed by Deloitte, suffered a data breach exposing residents’ personal information after the Brain Cipher ransomware gang hacked its systems. […]
AE Industrial, Cybersecurity, Francisco Partners, Global IT News, Global Security News, Israel, NSO, NSO Group, paragon, Security, Spyware, surveillance
Israeli spyware maker Paragon bought by U.S. private equity giant
The company’s spyware, dubbed Graphite, is capable of hacking phones and stealing private communications. © 2024 TechCrunch. All rights reserved. For personal use only.
acquisition, Arctic Wolf, BlackBerry, cyber, Cybersecurity, cylance, Enterprise, Funding, Global IT News, Global Security News, Security
BlackBerry sells Cylance for $160M, a fraction of the $1.4B it paid in 2018
Arctic Wolf has acquired Cylance, BlackBerry’s beleaguered cybersecurity business, for $160 million — a significant write-down from the $1.4 billion BlackBerry paid to acquire the company in 2018. Under the terms of the deal, which is expected to close in BlackBerry’s fiscal Q4, BlackBerry will sell its Cylance assets to Arctic Wolf for $160 million…
Exploits, Global Security News, Mobile, Security
New Android NoviSpy spyware linked to Qualcomm zero-day bugs
The Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named ‘NoviSpy,’ used to spy on activists, journalists, and protestors. […]
Global Security News, Hardware, Security, Software, Tech & Work
Remote Access Checklist
This Remote Access Checklist, created by Scott Matteson for TechRepublic Premium, should be used to ensure all employees have the requisite items, accounts, access, and instructions needed for remote work. It should be filled out by the IT department and signed off on by the employee and their supervisor/manager. This checklist can be customized to…
Amnesty, Amnesty International, Cellebrite, Cybersecurity, Global IT News, Global Security News, hacking, infosec, malware, Security, Serbia, Spyware
Serbian police used Cellebrite to unlock, then plant spyware, on a journalist’s phone
Amnesty said it found NoviSpy, an Android spyware linked to Serbian intelligence, on the phones of several members of Serbian civil society following police stops. © 2024 TechCrunch. All rights reserved. For personal use only.
Exploits, Global Security News, Security
Clop ransomware claims responsibility for Cleo data theft attacks
The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo data-theft attacks, utilizing zero-day exploits to breach corporate networks and steal data. […]
Asia Pacific, Global Security News, Security
Winnti hackers target other threat actors with new Glutton PHP backdoor
The Chinese Winnti hacking group is using a new PHP backdoor named ‘Glutton’ in attacks on organizations in China and the U.S., and also in attacks on other cybercriminals. […]
deloitte, Global IT News, Global Security News, rhode island, Security
Rhode Island says personal data likely breached in social services cyberattack
State officials said hundreds of thousands of Rhode Island residents could be affected by a cyberattack on the state’s online portal for social services, with a “high probability” that personally identifiable information was breached. According to an update from Governor Dan McKee’s office, the attack targeted RIBridges, which Rhode Island residents use to apply for…
Global Security News, Security
390,000 WordPress accounts stolen from hackers in supply chain attack
A threat actor tracked as MUT-1244 has stolen over 390,000 WordPress credentials in a large-scale, year-long campaign targeting other threat actors using a trojanized WordPress credentials checker. […]
Global Security News, Security
Auto parts giant LKQ says cyberattack disrupted Canadian business unit
Automobile parts giant LKQ Corporation disclosed that one of its business units in Canada was hacked, allowing threat actors to steal data from the company. […]
APAC, Australia, china threat actor, Cloud, cyber security, Global Security News, Salt Typhoon, salt typhoon australia, Security
Australian IT Pros Urged to Guard Against Chinese Cybersecurity Threats
Australian IT pros are urged to strengthen defenses as Chinese cyber threats target critical infrastructure and sensitive data.
Global Security News, Security
Citrix shares mitigations for ongoing Netscaler password spray attacks
Citrix Netscaler is the latest target in widespread password spray attacks targeting edge networking devices and cloud platforms this year to breach corporate networks. […]
Exploits, Global Security News, Security
CISA confirms critical Cleo bug exploitation in ransomware attacks
CISA confirmed today that a critical remote code execution bug in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited in ransomware attacks. […]
AI chatbot, Cybersecurity, Exclusive, Global IT News, Global Security News, Optum, Security, UnitedHealthcare
UnitedHealthcare’s Optum left an AI chatbot, used by employees to ask questions about claims, exposed to the internet
Optum’s AI chatbot was found exposed online at a time when the healthcare giant faces scrutiny for its use of AI to allegedly deny patient claims. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
FTC warns of online task job scams hooking victims like gambling
The Federal Trade Commission (FTC) warns about a significant rise in gambling-like online job scams, known as “task scams,” that draw people into earning cash through repetitive tasks, with the promises of earning more if they deposit their own money. […]
Global Security News, Security
CISA warns water facilities to secure HMI systems exposed online
CISA and the Environmental Protection Agency (EPA) warned water facilities today to secure Internet-exposed Human Machine Interfaces (HMIs) from cyberattacks. […]
blue yonder, cyber attack, cyber security, Cybersecurity, E-Commerce, EU, Global Security News, Ransomware, retail, sainsburys, Security, Software, starbucks, supply chain, TR, uk, United Kingdom
Starbucks, Supermarkets Targeted in Ransomware Attack
In December, ransomware group Termite claimed responsibility for the attacks.
Global Security News, Security
Russia blocks Viber in latest attempt to censor communications
Russian telecommunications watchdog Roskomnadzor has blocked the Viber encrypted messaging app, used by hundreds of millions worldwide, for violating the country’s legislation. […]
Global Security News, Mobile, Security
Russian cyberspies target Android users with new spyware
Russian cyberspies Gamaredon has been discovered using two Android spyware families named ‘BoneSpy’ and ‘PlainGnome’ to spy on and steal data from mobile devices. […]
Global Security News, Mobile, Security
Russian cyberspies target Android users with new spyware
Russian cyberspies Gamaredon has been discovered using two Android spyware families named ‘BoneSpy’ and ‘PlainGnome’ to spy on and steal data from mobile devices. […]
Global Security News, Hardware, Security
Germany sinkholes BadBox malware pre-loaded on Android devices
Germany’s Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. […]
Global Security News, Hardware, Security
Germany blocks BadBox malware loaded on 30,000 Android devices
Germany’s Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. […]
Global Security News, linux, Security
New stealthy Pumakit Linux rootkit malware spotted in the wild
A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems. […]
Global Security News, Security
Police shuts down Rydox cybercrime market, arrests 3 admins
International law enforcement operation seizes the Rydox cybercrime marketplace and arrests three administrators. […]
Global Security News, North America, Security
New IOCONTROL malware used in critical infrastructure attacks
Iranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used by critical infrastructure in Israel and the United States. […]
agentic ai, Amazon, Artificial Intelligence, coding assistant, Developer, developer tools, gemini 2.0 flash, generative ai, Global Security News, Google, google gemini, Microsoft, openai, Security
Google Launches Gemini 2.0 with Autonomous Tool Linking
Gemini 2.0 Flash is available now, with other model sizes coming in January. It adds multilingual voice output, image output, and some trendy “agentic” capabilities.
Global Security News, Security
US offers $5 million for info on North Korean IT worker farms
The U.S. State Department is offering a reward of up to $5 million for information that could help disrupt the activities of North Korean front companies and employees generating millions via illegal remote IT work schemes. […]
Exploits, Global Security News, Security
Cleo patches critical zero-day exploited in data theft attacks
Cleo has released security updates for a zero-day flaw in its LexiCom, VLTransfer, and Harmony software, currently exploited in data theft attacks. […]
Global Security News, Security
Spain busts voice phishing ring for defrauding 10,000 bank customers
The Spanish police, working with colleagues in Peru, conducted a simultaneous crackdown on a large-scale voice phishing (vishing) scam ring in the two countries, arresting 83 individuals. […]
CryptoCurrency, Global Security News, Security
Bitcoin ATM firm Byte Federal hacked via GitLab flaw, 58K users exposed
US Bitcoin ATM operator Byte Federal has disclosed a data breach that exposed the data of 58,000 customers after its systems were breached using a GitLab vulnerability. […]
Exploits, Global Security News, Security
Hunk Companion WordPress plugin exploited to install vulnerable plugins
Hackers are exploiting a critical vulnerability in the “Hunk Companion” plugin to install and activate other plugins with exploitable flaws directly from the WordPress.org repository. […]
Global Security News, Security
Cynet Delivers 100% Protection and 100% Detection Visibility in the 2024 MITRE ATT&CK Evaluation
The 2024 MITRE ATT&CK Evaluation results are now available with Cynet achieving 100% Visibility and 100% Protection in the 2024 evaluation. Learn more from Cynet about what these results mean. […]
Asia Pacific, Global Security News, Mobile, Security
New EagleMsgSpy Android spyware used by Chinese police, researchers say
A previously undocumented Android spyware called ‘EagleMsgSpy’ has been discovered and is believed to be used by law enforcement agencies in China to monitor mobile devices. […]
Apple, CXO, Global Security News, Google, linux, Microsoft, mozilla, Security, Software, vulnerabilities
Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others
December marked a quiet month with 70 vulnerabilities patched, plus updates from outside of Microsoft.
china, data exfiltration, firewalls, Global Security News, hacking, International, Ransomware, Security, sichuan silence, Software, sophos, usa, vulnerabilities
US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack
Chinese cybersecurity firm Sichuan Silence has been sanctioned for exploiting a vulnerability in Sophos firewalls used at critical infrastructure organizations in the U.S.
Global Security News, Security
Russian Turla hackers hit Starlink-connected devices in Ukraine
Russian cyber-espionage group Turla, aka “Secret Blizzard,” is utilizing other threat actors’ infrastructure to target Ukrainian military devices connected via Starlink. […]
Global Security News, Legal, Security
Operation PowerOFF shuts down 27 DDoS-for-hire platforms
Law enforcement agencies from 15 countries have taken 27 DDoS-for-hire services offline, also known as “booters” or “stressers,” arrested three administrators, and identified 300 customers of the platforms. […]
Global Security News, Security
Lynx ransomware behind Electrica energy supplier cyberattack
The Romanian National Cybersecurity Directorate (DNSC) says the Lynx ransomware gang breached Electrica Group, one of the largest electricity suppliers in the country. […]
Apple, Australia, Big Data, Cloud Security, CXO, Global Security News, Google, Innovation, International, Microsoft, Security, tech conferences, tech events, United Kingdom
Top Tech Conferences & Events to Add to Your Calendar in 2025
A great way to stay current with the latest technology trends and innovations is by attending conferences. Read and bookmark our tech events guide.
Global Security News, Security
Krispy Kreme cyberattack impacts online orders and operations
US doughnut chain Krispy Kreme suffered a cyberattack in November that impacted portions of its business operations, including placing online orders. […]
Cloud Security, crowdstrike, crowdstrike vs wiz, Global Security News, Security, wiz
CrowdStrike vs Wiz: Which Offers Better Cloud Security and Value?
Compare CrowdStrike and Wiz on cloud security, features, pricing, and performance to find the best cybersecurity solution for your business needs.
best siem tools, Cloud Security, crowdstrike, Global Security News, Security, SIEM tools, Top Products
Best SIEM Tools of 2024: Top Solutions for Enhanced Security
Looking for the best SIEM tool? Check out our list and find the security information and event management solution that fits your business needs.
Cloud Security, Global Security News, keeper password manager, keeper review, password manager, Security
Keeper Password Manager Review (2024): Features, Pros, & Cons
Keeper’s extensive authentication options and generous discounts make it an alluring password manager to try this year. Read more about it in our full review.
best cspm, Cloud Security, Cloud security posture management, crowdstrike, CSPM, Global Security News, Security, Top Products
Best CSPM Tools 2024: Top Cloud Security Solutions Compared
What is the best CSPM tool for your business? Use our guide to review our picks for the best cloud security posture management (CSPM) tools.
Cloud Security, cortex xdr, crowdstrike, crowdstrike falcon, Global Security News, palo, Security
CrowdStrike vs Palo Alto 2024: Features, Pricing, and Insights
Compare CrowdStrike and Palo Alto Networks in this in-depth article, exploring features, pricing, usability, and performance to find the right solution for your business.
Global Security News, Security
Rumänien kommt digital weiterhin nicht zur Ruhe
Nehmen die Russen Rache an Rumänien für die gescheiterte Wahl „ihres“ Kandidaten? structuresxx – shutterstock.com Zuerst wurde die rumänischen Präsidentschaftswahlen annulliert, nachdem sie durch eine mutmaßlich russisch gesteuerte TikTok-Kampagne beeinflusst wurden. Jetzt wurde die Electrica-Gruppe, ein wichtiger Stromanbieter mit 3,8 Millionen Kunden in Rumänien, Opfer eines Ransomware-Angriffs. Der Angriff dauert an Wie das Unternehmen am…
Global Security News, Government, Security
Wyden proposes bill to secure US telecoms after Salt Typhoon hacks
U.S. Senator Ron Wyden of Oregon announced a new bill to secure the networks of American telecommunications companies breached by Salt Typhoon Chinese state hackers earlier this year. […]
Global Security News, Security
WPForms bug allows Stripe refunds on millions of WordPress sites
A vulnerability in WPForms, a WordPress plugin used in over 6 million websites, could allow subscriber-level users to issue arbitrary Stripe refunds or cancel subscriptions. […]