-
Malicious Spam Campaign Downs npm Registry
PRIVACY PRIVACY SEO poisoning drives surge in traffic Read More
-
FBI Seizes Bot Shop ‘Genesis Market’ Amid Arrests Targeting Operators, Suppliers
PRIVACY PRIVACY Several domain names tied to Genesis Market, a bustling cybercrime store that sold access to passwords and other data stolen from millions of computers infected with malicious software, were seized by the Federal Bureau of Investigation (FBI) today. Sources tell KrebsOnsecurity the domain seizures coincided with “dozens” of arrests in the United States…
-
Hackers steal crypto assets by defeating 2FA with rogue browser extension
PRIVACY PRIVACY Multiple attacker groups are using a malicious browser extension for Chromium-based browsers such as Google Chrome, Microsoft Edge, Brave, and Opera that’s aimed at stealing cryptocurrency assets from multiple websites and online wallets. The extension works by injecting rogue code into websites locally in the browser to defeat two-factor authentication and delete automated…
-
UK fines TikTok $15.8 million for GDPR violation of children’s privacy
PRIVACY PRIVACY The UK’s Information Commissioner’s Office announced today that it has levied a nearly $16 million fine against TikTok for “a number of breaches” of the country’s data protection law. Central to the ICO’s decision to fine TikTok are the estimated 1.4 million UK children under 13 years of age, who were allowed to…
-
Snyk bolsters developer security with fresh devsecop, cloud capabilities
PRIVACY PRIVACY Cybersecurity application provider Snyk has added fresh capabilities to its flagship developer security platform to improve programming productivity and help secure software supply chains. The series of enhancements to Snyk’s namesake platform includes security support for C/C++ applications, new capabilities for infrastructure as code (IaC), automated security for container supply chains, and new…
-
New Rorschach ransomware hits with unique features and very fast encryption
PRIVACY PRIVACY Researchers warn of a new strain of ransomware dubbed Rorschach that doesn’t appear to be related to previously known threats and uses several unique features in its implementation, including one of the fastest file encryption routines observed so far. “A behavioral analysis of the new ransomware suggests it is partly autonomous, spreading itself…
-
UK data regulator issues warning over generative AI data protection concerns
PRIVACY PRIVACY The UK’s data regulator has issued a warning to tech companies about protecting personal information when developing and deploying large language, generative AI models. Less than a week after Italy’s data privacy regulator banned ChatGPT over alleged privacy violations, the Information Commission’s Office (ICO) published a blog post reminding organizations that data protection…
-
New “Rorschach” Ransomware Spread Via Commercial Product
PRIVACY PRIVACY The ransomware strain uses a signed component of the Palo Alto Cortex XDR Dump Service Tool Read More
-
Western Digital Hit By Network Security Breach
PRIVACY PRIVACY The incident involved an unauthorized third party gaining access to several systems Read More
-
North Korea Hacking Cryptocurrency Sites with 3CX Exploit
PRIVACY PRIVACY News: Researchers at Russian cybersecurity firm Kaspersky today revealed that they identified a small number of cryptocurrency-focused firms as at least some of the victims of the 3CX software supply-chain attack that’s unfolded over the past week. Kaspersky declined to name any of those victim companies, but it notes that they’re based in…