-
Threat Actor Claims to Leak 270GB of New York Times Data
An anonymous 4Chan user is claiming to have shared a trove of source code stolen from the New York Times Read More
-
NHS Appeals For Blood and Volunteers After Cyber-Attack
London hospitals continue to suffer the after-effects of a major ransomware attack last week Read More
-
Friday Squid Blogging: Squid Catch Quotas in Peru
Peru has set a lower squid quota for 2024. The article says “giant squid,” but that seems wrong. We don’t eat those. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Read More
-
Security and Human Behavior (SHB) 2024
This week, I hosted the seventeenth Workshop on Security and Human Behavior at the Harvard Kennedy School. This is the first workshop since our co-founder, Ross Anderson, died unexpectedly. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of security. The fifty or so attendees include psychologists, economists,…
-
16-year-old arrested in France in connection with high-profile Epsilon hacking group attacks
A 16-year-old youth has been arrested in France on suspicion of having run a malware-for-rent business. The unnamed Frenchman, who goes by online handles including “ChatNoir” and “Casquette”, is said to be a key member of the Epsilon hacking group, which has in the recent past stolen millions of records from hackd firms. Read more…
-
EmailGPT Exposed to Prompt Injection Attacks
The flaw enables attackers to gain control over the AI service by submitting harmful prompts Read More
-
The Justice Department Took Down the 911 S5 Botnet
The US Justice Department has dismantled an enormous botnet: According to an indictment unsealed on May 24, from 2014 through July 2022, Wang and others are alleged to have created and disseminated malware to compromise and amass a network of millions of residential Windows computers worldwide. These devices were associated with more than 19 million…
-
#Infosec2024: Cyber Resilience Means Being Willing to Learn From a Crisis
Experts advised that crisis management and recovery is as much about communications and testing as it is about technical defense measures Read More
-
Security Flaws Found in Popular WooCommerce Plugin
Despite reported attempts from Patchstack to contact the vendor, no response has been received Read More
-
#Infosec2024: Collaboration is Key to an Effective Security Culture
Organizations need a culture that goes beyond reporting incidents, where the business wants to collaborate with the security team Read More