Silence gets you nowhere in a data breach
An important lesson in how not to respond to a breach, courtesy of LastPass and Fortra.
Read moreAn important lesson in how not to respond to a breach, courtesy of LastPass and Fortra.
Read moreIn November 2022, Google revealed the existence of a then-unknown spyware vendor called Variston. Now, Google researchers say they have seen hackers use Variston’s tools in the United Arab Emirates. In a report published on Wednesday, Google’s Threat Analysis Group (TAG) said it discovered hackers targeting people in the UAE who used Samsung’s native Android […]
Read moreThe fallout from Fortra’s mass ransomware attack continues to widen as the hackers claim a new victim: a children’s virtual mental health care startup. In a data breach disclosure filed with the Maine attorney general’s office, U.S. healthcare giant Blue Shield of California confirmed that one of its providers, Brightline, had data stolen from data […]
Read moreAs a part of its continued quest to inject generative AI into all its products, Microsoft today introduced Security Copilot, a new tool that aims to “summarize” and “make sense” of threat intelligence. In a light-on-the-details announcement, Microsoft pitched Security Copilot as a way to correlate data on attacks while prioritizing security incidents. Countless tools […]
Read moreA group of bipartisan lawmakers has called on the U.S. Postal Service to strengthen its internal processes to reduce change of address fraud, which each year allows fraudsters to redirect thousands of people’s mail, including bills, checks and bank statements. U.S. Congressman Josh Gottheimer (D-NJ, 5th) and other House lawmakers want USPS to make it […]
Read moreThanks to three vulnerabilities chained together, malicious hackers could remotely hack into a Tesla, turn off the lights, honk the horn, open the trunk, activate the windshield wipers, and mess with the infotainment system, according to security researchers. The researchers, who work for security firm Synacktiv, found the vulnerabilities and showcased them at the Pwn2Own […]
Read moreThe Biden administration on Monday announced a new executive order that would broadly ban U.S. federal agencies from using commercially developed spyware that poses threats to human rights and national security. The move to ban federal agencies — including law enforcement, defense and intelligence — from using commercial spyware comes as officials confirmed that dozens […]
Read moreMicrosoft-owned GitHub took down a repository by a user named “FreeSpeechEnthusiast” that contained proprietary source code to Twitter after the social network filed a DCMA takedown request. The username certainly seems to be a jab at Twitter owner Elon Musk, who has claimed to be a “free speech absolutist” many times. On Friday, Twitter filed […]
Read moreSoftware maker Fortra told its corporate customers that their data was safe — even when it wasn’t — following a ransomware attack on its systems, TechCrunch has learned. As we have been reporting, the Clop ransomware gang exploited a newly discovered bug in Fortra’s GoAnywhere file transfer software, used by thousands of organizations to transfer […]
Read moreOn Friday, the U.S. Justice Department announced that the now-arrested alleged administrator of the infamous hacking forum BreachForums facilitated the sale and purchase of private information that belonged to “millions of U.S. citizens and hundreds of U.S. and foreign companies, organizations, and government agencies.” In a statement, prosecutors confirmed the arrest of Conor Fitzpatrick, 20, […]
Read more