Skip to content
Justice Department officials urge Congress to pass ransomware notification lawU.S. Justice Department officials came out in strong support of legislation requiring companies to report ransomware attacks and other severe data breaches to federal authorities. “Without prompt reporting, investigative opportunities are lost, our ability to assist other victims facing the same attacks is degraded and the government and Congress does not have a full picture…
Cyber job listings excluded Colorado workers after salary transparency law went into effectDozens of technology companies, including several cybersecurity firms, have excluded remote workers in Colorado from searches for job candidates since a state law requiring pay transparency in job listings went into effect. CyberScoop identified at least five cybersecurity firms or tech companies with active security-related job listings excluding Colorado workers from remote work. The companies…
Apple patches zero-day flaw that hackers may have exploitedApple has released updates for its mobile, iPad and computer operating systems, fixing a zero-day flaw that appears to be the subject of active exploitation. The patch comes mere days after another update that tackled 40 vulnerabilities. The latest software update comes in the wake of reports that the Israeli spyware firm NSO Group had…
Accused CIA leaker Joshua Schulte allowed to represent himself at next Vault 7 trialA U.S. judge ruled Monday that a former CIA software engineer accused of providing classified information to WikiLeaks will be allowed to represent himself at his next trial. Judge Paul Crotty, of the Southern District of New York, said in a July 26 decision that Joshua Schulte, a former employee at the Central Intelligence Agency,…
Kaseya says it didn't pay ransomware gang for decryption key after hacks affected hundredsKaseya, the company at the center of a ransomware outbreak that claimed perhaps thousands of victims, said on Monday that it didn’t pay off the attackers to obtain the decryption tool it announced last week. The Florida IT firm, breached just before the July 4 holiday, did not elaborate on how it obtained the working…
Scammers are using fake Microsoft 11 installers to spread malwareWindows 11 won’t hit the street until later this year, but that hasn’t stopped hackers from trying to use it to infect victims with malware. Security firm Kaspersky warned on Friday that crooks were exploiting people overeager to get their hands on the Microsoft operating system update, due for fall release, with fake installers. “Although…
CreativeMinds WordPress Plugin Curated RSS Aggregator
Zimbra Server Bugs Could Lead to Email PlunderingTwo bugs, now patched except in older versions, could be chained to allow attackers to hijack Zimbra server by simply sending a malicious email.
Three Zero-Day Bugs Plague Kaseya Unitrends Backup ServersThe unpatched flaws include RCE and authenticated privilege escalation on the client-side: Just the latest woe for the ransomware-walloped MSP.
Apple Patches Actively Exploited Zero-Day in iOS, MacOSCompany urges iPhone, iPad and Mac users to install updates to fix a critical memory corruption flaw that can allow for attackers to take over a system.
Podcast: IoT Piranhas Are Swarming Industrial ControlsEnormous botnets of IoT devices are going after decades-old legacy systems that are rife in systems that control crucial infrastructure.
Babuk Ransomware Gang Ransomed, New Forum Stuffed With PornA comment spammer flooded Babuk’s new ransomware forum with gay orgy porn GIFs and demanded $5K in bitcoin.
Microsoft Rushes Fix for ‘PetitPotam’ Attack PoCMicrosoft releases mitigations for a Windows NT LAN Manager exploit that forces remote Windows systems to reveal password hashes that can be easily cracked.
Malware Makers Using ‘Exotic’ Programming LanguagesSprechen Sie Rust? Polyglot malware authors are increasingly using obscure programming languages to evade detection.
The True Impact of Ransomware AttacksKeeper’s research reveals that in addition to knocking systems offline, ransomware attacks degrade productivity, cause organizations to incur significant indirect costs, and mar their reputations.