computer security
A look at how the CHIPS Act and Executive Order 14028 relate, what they mean for semiconductor firms and why the highs and lows of American semiconductor manufacturing boil down…
Microsoft has released security fixes for a zero-day vulnerability affecting all supported versions of Windows that has been exploited in real-world attacks. The zero-day bug, tracked as CVE-2022-37969, is described…
San Francisco-based cybersecurity startup Dope Security has launched from stealth with $4 million in funding to modernize the secure web gateway market. A secure web gateway, or SWG, is a…
The cloud, and the growing number of assets that are held and used within cloud services, have become a major focus in cybersecurity over the years. Today, a startup that’s…
Featured Article
What we learned when Twitter whistleblower Mudge testified to Congress
A ticking bomb of security vulnerabilities. Covering up security failures. Duping regulators and misleading lawmakers. These are just some of the allegations when Twitter’s ex-security lead turned whistleblower, Peiter Zatko, testified to the Senate Judiciary Committee on Tuesday, less than a month after the release of his explosive whistleblower complaint…
Apple has released another round of security updates to address vulnerabilities in iOS and macOS, including a new zero-day flaw that is being actively exploited by attackers. The zero-day flaw, tracked…
Security researchers have linked a new cyber espionage campaign targeting U.S., Canadian and Japanese energy providers to the North Korean state-sponsored Lazarus hacking group. Threat intelligence company Cisco Talos said…
Cymulate snaps up $70M to help cybersecurity teams stress test their networks with attack simulations
The cost of cybercrime has been growing at an alarming rate of 15% per year, projected to reach $10.5 trillion by 2025. To cope with the challenges that this poses,…
Electronics giant Samsung has confirmed a data breach affecting customers’ personal information. In a brief notice, Samsung said it discovered the security incident in late-July and that an “unauthorized third…
The U.S. Embassy in Montenegro has warned Americans that an ongoing ransomware attack in the country could cause widespread disruption to key public services and government services. The ransomware attack,…
UK mobile and broadband carriers face fines of $117K/day, or 10% of sales, if they fail to follow new cybersecurity rules
More than three years in the making, the U.K. government today announced a new, sweeping set of rules it will be imposing on broadband and mobile carriers to tighten up…
U.S. messaging giant Twilio has confirmed hackers also compromised the accounts of some Authy users as part of a wider breach of Twilio’s systems. Authy is Twilio’s two-factor authentication (2FA)…
The hackers that breached Twilio earlier this month also compromised more than 130 organizations during their hacking spree that netted the credentials of close to 10,000 employees. Twilio’s recent network…
The explosive Twitter whistleblower complaint that was made public yesterday — detailing a raft of damning allegations across security, privacy and data protection issues (among others) by Twitter’s former former…
Streaming media platform Plex has confirmed a data breach and is warning users to change their passwords. Plex said it discovered the compromise on Tuesday and found the intruder had…
Among the many damning allegations in the newly released Twitter whistleblower complaint, is the disquieting revelation that Twitter was unable to seal its production environment to guard against any potential…
Ex-security chief accuses Twitter of cybersecurity mismanagement in an explosive whistleblower complaint
Twitter’s former head of security, Peiter “Mudge” Zatko, has accused his former employer of cybersecurity negligence in an explosive whistleblower complaint first obtained by CNN and The Washington Post. Zatko,…
The LockBit ransomware gang is claiming responsibility for the July cyberattack against cybersecurity giant Entrust, but with a twist — the group is also accusing its latest victim of a…
Featured Article
What you might have missed at Black Hat and Def Con 2022
Hackers, researchers, cybersecurity companies and government officials descended on Las Vegas last week for Black Hat and Def Con, a cybersecurity double-bill that’s collectively referred to as “hacker summer camp.” This year’s cyber gathering was particularly exciting: Not only did it mark Black Hat’s 25th anniversary, but also the first…
The U.S. government said it will offer up to $10 million for information related to five people believed to be high-ranking members of the notorious Russia-backed Conti ransomware gang. The…
Ransomware is an exponentially growing global threat. Here are just a few examples from 2022: Costa Rica declared a national emergency after a $20 million ransomware attack; ransomware caused one…
Semikron, a German manufacturer that produces semiconductors for electric vehicles and industrial automation systems, has confirmed it has fallen victim to a cyberattack that has resulted in data encryption. “Semikron…
Minneapolis-based cybersecurity giant Entrust has confirmed it was hit by a cyberattack last month. Entrust, which describes itself as a global leader in identities, payments and data protection, told TechCrunch…
An ongoing cybercriminal operation is targeting digital marketing and human resources professionals in an effort to hijack Facebook Business accounts using a newly discovered data-stealing malware. Researchers at WithSecure, the…
Security vulnerabilities in a popular Chinese-built GPS vehicle tracker can be easily exploited to track and remotely cut the engines of at least a million vehicles around the world, according…
Researchers at cybersecurity company Proofpoint said they have observed the China-backed advanced persistent threat group, TA412, also known as Zirconium, engaging in several reconnaissance phishing campaigns since early last year.…
A ransomware attack on a debt collection firm is one of 2022’s biggest health data breaches
A ransomware attack on a little-known debt collection firm that serves hundreds of hospitals and medical facilities across the U.S. could be one of the biggest data breaches of personal…
Hotel group Marriott International has confirmed another data breach, with hackers claiming to have stolen 20 gigabytes of sensitive data, including guests’ credit card information. The incident, first reported by…
Macmillan, one of the largest book publishers in the U.S., said it has been hit by a cyberattack that forced it to shut down its IT systems. Macmillan spokesperson Erin…
On the face of it, the cybersecurity sector is doing just fine. Demand for cybersecurity products remains high as cyberattacks continue to blight both public and private-sector businesses, and investor…