Cybersecurity researchers have disclosed three security flaws in Planet Technology's WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on...
As the US faces “the worst telecommunications hack in our nation’s history,” by China’s Salt Typhoon hackers, the outgoing FCC chair is determined to bolster network security if it’s the last...
She said at her confirmation hearing that CISA needs to be “smaller, more nimble” and it has gone “far off-mission.” The post Noem: No anti-disinformation, misinformation action under her as DHS...
Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia. "Over the past two months, a significant...
It’s the first formal attribution for the campaign that has swept up data from at least nine telecoms and the Treasury Department. The post Treasury sanctions Chinese cybersecurity company,...
A recent ransomware attack on RECOPE, Costa Rica's state-run energy company, was the first real-world test for FALCON, a new State Department program for foreign incident response, a top diplomat...
Genshin Impact developer Cognosphere (aka Hoyoverse) has agreed to a $20 million settlement with the U.S. Federal Trade Commission (FTC) over its gacha loot box monetization and is now banned from...
In a joint report with DARPA and others, the cyber agency said that knowledge gap “exacerbates” risks posed by threat actors in U.S. critical infrastructure. The post Closing...
The US government has also sanctioned the hacker responsible for December's US Treasury hack © 2024 TechCrunch. All rights reserved. For personal use only.
The theft of a PowerSchool engineer's passwords prior to the breach raises further doubts about the company's security practices. © 2024 TechCrunch. All rights reserved. For personal use only.
The Supreme Court has upheld a law that could potentially ban TikTok in the US
Hot on the heels of the release of the first PoC exploit for a critical RCE vulnerability in the Windows LDAP, known as CVE-2024-49112, another vulnerability in the same software protocol in...
Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their...
Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that's capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication...
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and four entities for their alleged involvement in illicit revenue generation schemes for the...
SecurityScorecard identified a new campaign in which the North Korean Lazarus group aims to steal source code, secrets and cryptocurrency wallet keys from developer environments
Hotel management platform Otelier suffered a data breach after threat actors breached its Amazon S3 cloud storage to steal millions of guests' personal information and reservations for well-known...
Security for the Internet of Things (IoT) is any process used to protect a network of over 18 billion interconnected devices worldwide that collect and share data. These smart devices can be found...
As the incoming Trump administration prepares to take office, it confronts a critical juncture for cybersecurity. The escalating digital threats from state-sponsored adversaries like China, Iran,...
A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system. [...]
Outgoing U.S. President Joe Biden issued an Executive Order aimed at enhancing the nation’s cybersecurity, focused on defending... The post Biden issues executive order to further strengthen...
Explore how AI tools like OpenAI’s Sora face restrictions in Europe due to GDPR, with insights on bypassing…
Microsoft highlighted a new Star Blizzard campaign targeting WhatsApp accounts, as the group adapts its TTPs following the takedown of its infrastructure by law enforcement
Microsoft has fixed a known issue that caused Microsoft 365 applications and Classic Outlook to crash on Windows Server 2016 or Windows Server 2019 systems. [...]
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned Yin Kecheng, a Shanghai-based hacker for his role in the recent Treasury breach and a company...
The Federal Communications Commission (FCC) has ordered U.S. telecommunications carriers to secure their networks following last year's Salt Typhoon security breaches. [...]
The agency has embraced performance goals, provided resources to small systems and improved coordination, its deputy secretary writes. The post How HHS has strengthened cybersecurity of hospitals...
AliExpress, Shein, Temu, TikTok, WeChat and Xiaomi are accused of operating unlawful data transfers to China
Kaspersky experts analyzed the Mercedes-Benz head unit, its IPC protocols and firmware, and found new vulnerabilities via physical access.
Microsoft has started the forced rollout of Windows 11 24H2 to eligible, non-managed systems running the Home and Pro editions of Windows 11 22H2 and 23H2. [...]