Security
Security news coverage encompasses investigative cybersecurity reporting and analysis on the latest security breaches, hacks and cyberattacks around the globe.
CyberArk — one of the army of larger security companies founded out of Israel — is acquiring Venafi, a specialist in machine identity, for $1.54 billion.
Featured Article
Two Santa Cruz students uncover security bug that could let millions do their laundry for free
CSC ServiceWorks provides laundry machines to thousands of residential homes and universities, but the company ignored requests to fix a security bug.
A Texas-based company that provides health insurance and benefit plans disclosed a data breach affecting almost 2.5 million people, some of whom had their Social Security number stolen. WebTPA said…
A hacker listed the data allegedly breached from Samco on a known cybercrime forum.
A top European privacy watchdog is investigating following the recent breaches of Dell customers’ personal information, TechCrunch has learned. Ireland’s Data Protection Commission (DPC) deputy commissioner Graham Doyle confirmed to…
Flock Safety is a multibillion-dollar startup that’s got eyes everywhere. As of Wednesday, with the company’s new Solar Condor cameras, those eyes are solar-powered and use wireless 5G networks to…
Private equity giant Thoma Bravo has announced that its security information and event management (SIEM) company LogRhythm will be merging with Exabeam, a rival cybersecurity company backed by the likes…
The FBI along with a coalition of international law enforcement agencies seized the notorious cybercrime forum BreachForums on Wednesday. For years, BreachForums has been a popular English-language forum for hackers…
Google’s call-scanning AI could dial up censorship by default, privacy experts warn
A feature Google demoed at its I/O confab yesterday, using its generative AI technology to scan voice calls in real time for conversational patterns associated with financial scams, has sent…
Google adds live threat detection and screen-sharing protection to Android
The company said it is increasing the on-device capability of its Google Play Protect system to detect fraudulent apps trying to breach sensitive permissions.
Apple touts stopping $1.8B in App Store fraud last year in latest pitch to developers
Apple released new data about anti-fraud measures related to its operation of the iOS App Store on Tuesday morning, trumpeting a claim that it stopped over $7 billion in “potentially…
Threat actor scraped Dell support tickets, including customer phone numbers
The person who claimed to have stolen the physical addresses of 49 million Dell customers appears to have taken more data from a different Dell portal, TechCrunch has learned. The…
Featured Article
‘Got that boomer!’: How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts
Estate is an invite-only website that has helped hundreds of attackers make thousands of phone calls aimed at stealing account passcodes, according to its leaked database.
Scammers found planting online betting ads on Indian government websites
Some Indian government websites have allowed scammers to plant advertisements capable of redirecting visitors to online betting platforms. TechCrunch discovered around four dozen “gov.in” website links associated with Indian states,…
Threat actor says he scraped 49M Dell customer addresses before the company found out
The person who claims to have 49 million Dell customer records told TechCrunch that he brute-forced an online company portal and scraped customer data, including physical addresses, directly from Dell’s…
Technology giant Dell notified customers on Thursday that it experienced a data breach involving customers’ names and physical addresses. In an email seen by TechCrunch and shared by several people…
US Patent and Trademark Office confirms another leak of filers’ address data
The federal government agency responsible for granting patents and trademarks is alerting thousands of filers whose private addresses were exposed following a second data spill in as many years. The…
Encrypted services Apple, Proton and Wire helped Spanish police identify activist
As part of an investigation into people involved in the pro-independence movement in Catalonia, the Spanish police obtained information from the encrypted services Wire and Proton, which helped the authorities…
U.S. realty trust giant Brandywine Realty Trust has confirmed a cyberattack that resulted in the theft of data from its network. In a filing with regulators on Tuesday, the Philadelphia-based…
What we learned from the indictment of LockBit’s mastermind
Five takeaways from the indictment of Dmitry Yuryevich Khoroshev, the hacker who U.S. and U.K. authorities accuse of being the mastermind of the LockBit ransomware gang.
US, UK police identify and charge Russian leader of LockBit ransomware gang
The identity of the leader of one of the most infamous ransomware groups in history has finally been revealed. On Tuesday, a coalition of law enforcement led by the U.K.’s…
Wiz raises $1B at a $12B valuation to expand its cloud security platform through acquisitions
Wiz, the buzzy startup building an all-in-one cloud security platform, is on an acquisition march to expand its business quickly en route to an IPO. Now, it has closed a…
A couple of weeks ago, TechCrunch broke the news that Akamai was in discussions to acquire Noname Security, a specialist in API security, for around $500 million. Today, the deal…
An international coalition of police agencies have resurrected the dark web site of the notorious LockBit ransomware gang, which they had seized earlier this year, teasing new revelations about the…
Featured Article
UnitedHealth data breach should be a wake-up call for the UK and NHS
The ransomware attack that has engulfed U.S. health insurance giant UnitedHealth Group and its tech subsidiary Change Healthcare is a data privacy nightmare for millions of U.S. patients, with CEO Andrew Witty confirming this week that it may impact as much as one-third of the country. But it should also serve as a wake-up call…
EU plan to force messaging apps to scan for CSAM risks millions of false positives, experts warn
A controversial push by European Union lawmakers to legally require messaging platforms to scan citizens’ private communications for child sexual abuse material (CSAM) could lead to millions of false positives…
Google expands passkey support to its Advanced Protection Program ahead of the US presidential election
Ahead of the U.S. presidential election, Google is bringing passkey support to its Advanced Protection Program (APP), which is used by people who are at high risk of targeted attacks,…
Digital fraud detection startup BioCatch hits $1.3B valuation as Permira buys majority stake
Digital fraud detection company BioCatch has a new majority shareholder in the form of U.K private equity firm Permira.
UnitedHealthcare CEO says ‘maybe a third’ of US citizens were affected by recent hack
Two months after hackers broke into Change Healthcare systems stealing and then encrypting company data, it’s still unclear how many Americans were impacted by the cyberattack. Last month, Andrew Witty,…
UnitedHealth CEO tells Senate all systems now have multi-factor authentication after hack
UnitedHealth Group Chief Executive Officer Andrew Witty told senators on Wednesday that the company has now enabled multi-factor authentication on all the company’s systems exposed to the internet in response…