computer security
What the CHIPS and Science Act means for the future of the semiconductor industry
A look at how the CHIPS Act and Executive Order 14028 relate, what they mean for semiconductor firms and why the highs and lows of American semiconductor manufacturing boil down…
Microsoft patches a new zero-day affecting all versions of Windows
Microsoft has released security fixes for a zero-day vulnerability affecting all supported versions of Windows that has been exploited in real-world attacks. The zero-day bug, tracked as CVE-2022-37969, is described…
Dope Security emerges from stealth to shake up the SWG market
San Francisco-based cybersecurity startup Dope Security has launched from stealth with $4 million in funding to modernize the secure web gateway market. A secure web gateway, or SWG, is a…
Cyrebro, a specialist in cloud-based security ops centers, locks down $40M
The cloud, and the growing number of assets that are held and used within cloud services, have become a major focus in cybersecurity over the years. Today, a startup that’s…
Featured Article
What we learned when Twitter whistleblower Mudge testified to Congress
A ticking bomb of security vulnerabilities. Covering up security failures. Duping regulators and misleading lawmakers. These are just some of the allegations when Twitter’s ex-security lead turned whistleblower, Peiter Zatko, testified to the Senate Judiciary Committee on Tuesday, less than a month after the release of his explosive whistleblower complaint filed with federal regulators. Zatko,…
Apple releases iOS and macOS fixes to patch a new zero-day under attack
Apple has released another round of security updates to address vulnerabilities in iOS and macOS, including a new zero-day flaw that is being actively exploited by attackers. The zero-day flaw, tracked…
North Korea’s Lazarus hackers are exploiting Log4j flaw to hack US energy companies
Security researchers have linked a new cyber espionage campaign targeting U.S., Canadian and Japanese energy providers to the North Korean state-sponsored Lazarus hacking group. Threat intelligence company Cisco Talos said…
Cymulate snaps up $70M to help cybersecurity teams stress test their networks with attack simulations
The cost of cybercrime has been growing at an alarming rate of 15% per year, projected to reach $10.5 trillion by 2025. To cope with the challenges that this poses,…
Electronics giant Samsung has confirmed a data breach affecting customers’ personal information. In a brief notice, Samsung said it discovered the security incident in late-July and that an “unauthorized third…
US issues rare security alert as Montenegro battles ongoing ransomware attack
The U.S. Embassy in Montenegro has warned Americans that an ongoing ransomware attack in the country could cause widespread disruption to key public services and government services. The ransomware attack,…
UK mobile and broadband carriers face fines of $117K/day, or 10% of sales, if they fail to follow new cybersecurity rules
More than three years in the making, the U.K. government today announced a new, sweeping set of rules it will be imposing on broadband and mobile carriers to tighten up…
Twilio says breach also compromised Authy two-factor app users
U.S. messaging giant Twilio has confirmed hackers also compromised the accounts of some Authy users as part of a wider breach of Twilio’s systems. Authy is Twilio’s two-factor authentication (2FA)…
Twilio hackers breached over 130 organizations during months-long hacking spree
The hackers that breached Twilio earlier this month also compromised more than 130 organizations during their hacking spree that netted the credentials of close to 10,000 employees. Twilio’s recent network…
Twitter faces privacy scrutiny from EU watchdogs after Mudge report
The explosive Twitter whistleblower complaint that was made public yesterday — detailing a raft of damning allegations across security, privacy and data protection issues (among others) by Twitter’s former former…
Streaming media platform Plex has confirmed a data breach and is warning users to change their passwords. Plex said it discovered the compromise on Tuesday and found the intruder had…
Twitter whistleblower says platform was unable to guard against insider threats on January 6
Among the many damning allegations in the newly released Twitter whistleblower complaint, is the disquieting revelation that Twitter was unable to seal its production environment to guard against any potential…
Ex-security chief accuses Twitter of cybersecurity mismanagement in an explosive whistleblower complaint
Twitter’s former head of security, Peiter “Mudge” Zatko, has accused his former employer of cybersecurity negligence in an explosive whistleblower complaint first obtained by CNN and The Washington Post. Zatko,…
LockBit ransomware group downed by DDoS after claiming Entrust breach
The LockBit ransomware gang is claiming responsibility for the July cyberattack against cybersecurity giant Entrust, but with a twist — the group is also accusing its latest victim of a…
Featured Article
What you might have missed at Black Hat and Def Con 2022
Hackers, researchers, cybersecurity companies and government officials descended on Las Vegas last week for Black Hat and Def Con, a cybersecurity double-bill that’s collectively referred to as “hacker summer camp.” This year’s cyber gathering was particularly exciting: Not only did it mark Black Hat’s 25th anniversary, but also the first time since the start of…
US unmasks alleged Conti ransomware operative, offers $10M for intel
The U.S. government said it will offer up to $10 million for information related to five people believed to be high-ranking members of the notorious Russia-backed Conti ransomware gang. The…
Luta Security and Emsisoft discuss how to fight ransomware at Disrupt
Ransomware is an exponentially growing global threat. Here are just a few examples from 2022: Costa Rica declared a national emergency after a $20 million ransomware attack; ransomware caused one…
German semiconductor giant Semikron says hackers encrypted its network
Semikron, a German manufacturer that produces semiconductors for electric vehicles and industrial automation systems, has confirmed it has fallen victim to a cyberattack that has resulted in data encryption. “Semikron…
Cybersecurity vendor Entrust tells customers data was stolen during June cyberattack
Minneapolis-based cybersecurity giant Entrust has confirmed it was hit by a cyberattack last month. Entrust, which describes itself as a global leader in identities, payments and data protection, told TechCrunch…
A newly discovered malware hijacks Facebook Business accounts
An ongoing cybercriminal operation is targeting digital marketing and human resources professionals in an effort to hijack Facebook Business accounts using a newly discovered data-stealing malware. Researchers at WithSecure, the…
Security flaws in a popular GPS tracker are exposing a million vehicle locations
Security vulnerabilities in a popular Chinese-built GPS vehicle tracker can be easily exploited to track and remotely cut the engines of at least a million vehicles around the world, according…
China-backed hackers targeted White House journalists before January 6
Researchers at cybersecurity company Proofpoint said they have observed the China-backed advanced persistent threat group, TA412, also known as Zirconium, engaging in several reconnaissance phishing campaigns since early last year.…
A ransomware attack on a debt collection firm is one of 2022’s biggest health data breaches
A ransomware attack on a little-known debt collection firm that serves hundreds of hospitals and medical facilities across the U.S. could be one of the biggest data breaches of personal…
Hotel group Marriott International has confirmed another data breach, with hackers claiming to have stolen 20 gigabytes of sensitive data, including guests’ credit card information. The incident, first reported by…
US publisher Macmillan confirms cyberattack forced systems offline
Macmillan, one of the largest book publishers in the U.S., said it has been hit by a cyberattack that forced it to shut down its IT systems. Macmillan spokesperson Erin…
Cybersecurity startups, once the VC darling, hammered by layoffs
On the face of it, the cybersecurity sector is doing just fine. Demand for cybersecurity products remains high as cyberattacks continue to blight both public and private-sector businesses, and investor…