Items tagged with cybersecurity

Power management and industrial automation company Schneider Electric (SE) was hit by a ransomware attack this month. With disclosures about the incident becoming available, it would indicate that while this was an isolated attack on SE, it could have repercussions for several companies whose data may have been... Read more...
When it comes to security breaches, traditionally we expect that it is a company with poor security practices or simply struggling to keep up in the never-ending onslaught of threats online. However, the latest breach suffered by Microsoft changes that narrative significantly, indicating that, realistically, anyone... Read more...
Botnet activities are usually sniffed out and found fairly routinely, but it seems that a previously unknown cybercrime gang named Bigpanzi has been laying low and getting away with it. New reports suggest that this gang has amassed a 170,000-device-strong botnet since 2015, developing along with it an admittedly... Read more...
This week, researchers have publicly disclosed nine security vulnerabilities affecting devices that use TianoCore’s EDK II, an open-source reference UEFI implementation. While this may sound like super technical speak, these vulnerabilities, known as PixieFAIL, can be simplified to their effects, including but not... Read more...
Simply put, the Internet of Things is cool, but it's cooler still when configured correctly and built with security in mind. Unfortunately, that almost never happens. A much more likely story is something like what happened to Johnie on Xwitter, who discovered a rogue IoT device living on their network and sending... Read more...
In 2021 the Framework laptop hit the market, revolutionizing the standard laptop model from being a one-and-done sort of deal to an upgradable and modular experience. Since then, the brand has expanded quite a bit. With several releases and reiterations, like the recent AMD Ryzen upgrade across the 13” and 16” models... Read more...
Early in January, Bitcoin saw a healthy spike up to $45,000 following some excitement surrounding Bitcoin exchange-traded-funds. This trend has continued with some ups and downs in the middle, but regardless, people have been rather excited about the prospects. So much so that one person elected to hack the SEC X... Read more...
In December of last year, genetic testing company 23andMe suffered a significant data breach. Since then, the company has been dealing with the fallout, which includes several class action lawsuits from customers whose data was compromised. However, 23andMe is shifting some blame onto its customers, blaming them for... Read more...
Password managers are not perfect. Recently, LastPass was blamed for millions in stolen neing crypto and KeePass is downplaying password database theft. Bitwarden may ne next to catch some flak. It turns out a penetration test discovered that unlocking a password vault with Windows Hello biometrics could be bypassed... Read more...
As we closed out 2023, the world of cybersecurity settled just a touch as threat actors and defenders went off to celebrate the holiday in a seemingly unspoken Christmas truce. Nothing good can last forever, though, as the Cybersecurity and Infrastructure Security Agency (CISA) makes clear with an update to the Known... Read more...
Earlier in the year, Apple fixed several vulnerabilities, which, when exploited, allowed Operation Triangulation spyware to make its way onto devices with zero interaction required. Since then, researchers have been uncovering all the components that made up the attack chain for the spyware campaign, and what they... Read more...
Through 2022, the LAPSUS$ threat actor group went on a tear, breaching companies like NVIDIA, Samsung, Microsoft, and Rockstar. The latter of these breaches resulted in quite a bit of game leaks related to GTA IV, revealing details that would later be confirmed in the official GTA IV trailer. Some, if not all, of the... Read more...
In the threat intelligence and cybersecurity space, an interesting development has unfolded over the past few days regarding BlackCat or ALPHV, the group behind the Reddit security breach and the more recent 23AndMe data breach. It initially appeared as though the FBI had seized the group’s website, though BlackCat... Read more...
Earlier this month, ransomware group Rhysida announced that it had breached Sony’s Insomniac Games, taken files, and was purportedly demanding a ransom of $2 million. It has been a week since then, and thus the deadline has passed to pay the ransom, so Rhysida has elected to publish the 1.67 terabytes of data it... Read more...
It would seem that Toyota cannot catch a break. Just weeks after discovering the company ran out of server disk space, shutting down production lines, and that Toyota vehicles could be compromised through the headlights, the company is telling German customers that some of their personal data may have been compromised... Read more...
General Electric is primarily known for its spinning things, like washing machines, supersonic engines, or the GAU-8/A Avenger 30mm seven-barrel cannon mounted on the A-10 Warthog and CIWS weapon system. All goofs aside, GE is quite a broad company with connections in nearly every sector of the economy. Therefore, it... Read more...
The Russian espionage machine is both vast and prolific, as shown by a recent Russian code outbreak making its way into U.S. government systems. With the war in Ukraine in full swing, this behemoth of a program is not only throwing tools and resources at Ukraine, but is also driving its efforts into other countries... Read more...
Ransomware gang BlackCat, otherwise known as ALPHV, is after the public spotlight following the Reddit data breach debacle earlier this year. Now, the group has breached another organization with MeridianLink and is causing a stir by filing a complaint with the Securities and Exchange Commission (SEC) to try and spur... Read more...
Software vulnerabilities come and go, but vulnerabilities found in hardware are significantly harder to deal with and lead to more problems, such as with Hertzbleed and that family of security issues that sprung up from simple clock management techniques. Now, researchers have found a new problem with AMD EPYC... Read more...
The Lockbit ransomware group has breached a number of high-profile organizations and companies, such as TSMC in Taiwan, which is effectively the global leader in silicon production. Most recently, though, the international aeronautic and telecommunications company Boeing seemingly fell victim to the group, and... Read more...
Generative AI ChatGPT has seen exponential growth in the past few months, recently crossing the 100 million weekly active users. However, with all this popularity, a target was perhaps painted on the back of OpenAI and ChatGPT by threat actors looking to make a quick buck or cause mayhem. It seems the latter is what... Read more...
Threat actors have gotten increasingly more creative with their methods, embedding them in devices while evading defensive blue teams along the way. The situation is akin to over-prescription of antibiotics, which could eventually lead to a superbug, but with criminal hackers devising creative and innovative ways to... Read more...
Prev 1 2 3 4 5 Next