Viry a Červi

Privacy Not Included label slapped on 22 of 25 top lonely-hearts corners

Interview  Dating apps ask people to disclose all kinds of personal information in the hope of them finding love, or at least a hook-up.…

Ready, set, sanctions?

AI built by Russian infosec firm Kaspersky was used in Russian drones for its war on Ukraine, volunteer intelligence gatherers claim.…

Sure, we're waking to the risk, but we gotta get outta bed, warns Endor Labs founder Varun Badhwar

interview  The more cybersecurity news you read, the more often you seem to see a familiar phrase: Software supply chain (SSC) vulnerabilities. Varun Badhwar, founder and CEO at security firm Endor Labs, doesn't believe that's by coincidence. …

Cops prevented crims from bilking victims out of more than €10m - but couldn't stop crime against art

A Europol-led operation dubbed “Pandora” has shut down a dozen phone scam centers, and arrested 21 suspects. The cops reckon the action prevented criminals from bilking victims out of more than €10 million (£8.6 million, $11 million).…

A 'murky' web sees many purchases run through Singapore in a way that hides potential users

Indonesia has acquired spyware and surveillance technologies through a "murky network" that extends into Israel, Greece, Singapore and Malaysia for equipment sourcing, according to Amnesty International.…

Bad configurations, insecure versions of jQuery, and crummy cookies are some of myriad problems

Exclusive  Five Chinese researchers examined the configurations of nearly 14,000 government websites across the country and found worrying lapses that could lead to malicious attacks, according to a not-yet-peer-reviewed study released last week.…

Windows giant extends passwordless tech to everyone else

Microsoft today said it will now let us common folk — not just commercial subscribers — sign into their Microsoft accounts and apps using passkeys with their face, fingerprint, or device PIN.…

Operation busted after dodgy devices ended up at Air Force

Miami resident Onur Aksoy has been sentenced to six and a half years in prison for running a multi-million-dollar operation selling fake Cisco equipment that ended up in the US military.…

Ten vulnerabilities in total for admins to apply

Network admins are being urged to patch a bundle of critical vulnerabilities in ArubaOS that lead to remote code execution as a privileged user.…

Warning comes exactly a year after the vulnerability was introduced

The US Cybersecurity and Infrastructure Security Agency (CISA) is forcing all federal agencies to patch a critical vulnerability in GitLab's Community and Enterprise editions, confirming it is very much under "active exploit."…

Taking down TikTok won't stop the CCP's attempt to control global narratives

Chinese tech companies that serve as important links in the world's digital supply chains are helping Beijing to execute and refine its propaganda strategy, according to an Australian think tank.…

After extorting $700 million from thousands of victims

A Ukrainian man has been sentenced to almost 14 years in prison and ordered to pay more than $16 million in restitution for his role in infecting thousands of victims with REvil ransomware.…

Man arrested and blackmail charges expected after allegations of unpaid contractors and iffy infosec

Updated  Over a million records describing Australians who visited local pubs and clubs have apparently been posted online.…

Only from its digital doc-signing service, which is isolated from its cloudy storage

Dropbox has revealed a major attack on its systems that saw customers' personal information accessed by unknown and unauthorized entities.…

Developer of Square and Cash App reportedly has big back-end problems it was slow to fix

Fintech biz Block is reportedly under investigation by US prosecutors over claims by a former employee that lax compliance checks mean its Square and Cash App services may have been used by terrorists – or in countries that US orgs are not permitted to do business.…

Intrusion investors went through Blount farce trauma, says SEC

Jack Blount, the now-ex CEO of Intrusion, has settled with the SEC over allegations he made false and misleading statements about his infosec firm's product as well as his own background and experience.…

Vulnerable elderly people tricked into paying tens of thousands over fake car accidents

Sixteen people are facing charges from US prosecutors for allegedly preying on the elderly and scamming them out of millions of dollars.…

Issue now resolved and isn't thought to be the work of criminals

Aussie airline Qantas says its app is now stable following a data breach that saw boarding passes take off from passengers' accounts.…

An ACE in the hole for miscreants

Updated  The open source R programming language – popular among statisticians and data scientists for performing visualization, machine learning, and suchlike – has patched an arbitrary code execution hole that scored a preliminary CVSS severity rating of 8.8 out of 10.…

Vastaamo villain more than doubled reported crime in Nordic nation

A cyber-thief who snatched tens of thousands of patients' sensitive records from a psychotherapy clinic before blackmailing them and then leaking their files online has been caged for six years and three months.…