Reddit says hackers accessed internal data following employee phishing attack

Hackers threaten to leak 80GB of confidential data stolen from Reddit

Hackers are threatening to release confidential data stolen from Reddit unless the company pays a ransom demand – and reverses its controversial API price hikes.  In a post on its dark web leak site, the BlackCat ransomware gang, also known as ALPHV, claims to have stolen 80 gigabytes of compressed data from Reddit during a […]

Read more
US government warns Royal ransomware is targeting critical infrastructure

US confirms federal agencies hit by MOVEit breach, as hackers list more victims

The U.S. government has confirmed that multiple federal agencies have fallen victim to cyberattacks exploiting a security vulnerability in a popular file transfer tool. In a statement shared with TechCrunch, CISA confirmed that “several” U.S. government agencies have experienced intrusions related to the exploitation of a vulnerability in MOVEit Transfer, an enterprise file transfer tool […]

Read more
A simple bug exposed access to thousands of smart security alarm systems

A simple bug exposed access to thousands of smart security alarm systems

U.S. power and electronics giant Eaton has fixed a security vulnerability that allowed a security researcher to remotely access thousands of smart security alarm systems. Security researcher Vangelis Stykas said he found the vulnerability in Eaton’s SecureConnect, a cloud-based system that allows customers to remotely access, manage, and arm and disarm their security alarm systems […]

Read more
Feds catch another LockBit hacker, Justice Department announces

Feds catch another LockBit hacker, Justice Department announces

The Justice Department has arrested and charged a Russian national for his alleged role in multiple LockBit ransomware attacks against victims in the U.S. and around the world. According to a criminal complaint unsealed on Thursday, 20-year-old Ruslan Magomedovich Astamirov is accused of carrying out five cyberattacks between August 2020 and March 2023, four of […]

Read more
Financial software firm Ion Group battles LockBit ransomware attack

Ransomware gang lists first victims of MOVEit mass-hacks, including US banks and universities

Clop, the ransomware gang responsible for exploiting a critical security vulnerability in a popular corporate file transfer tool, has begun listing victims of the mass-hacks, including a number of U.S. banks and universities. The Russia-linked ransomware gang has been exploiting the security flaw in MOVEit Transfer, a tool used by corporations and enterprises to share […]

Read more
Announcing the Security Stage agenda at TechCrunch Disrupt

Announcing the Security Stage agenda at TechCrunch Disrupt

A few weeks ago we introduced you to the brand new Security Stage, our debut space dedicated to cybersecurity at TechCrunch Disrupt. Now, we’re ready to reveal what we have in store. We’ve got a packed agenda featuring some of the sharpest minds and professionals in the industry discussing the biggest cybersecurity challenges today. There […]

Read more
US intelligence confirms it buys Americans’ personal data

US intelligence confirms it buys Americans’ personal data

A newly declassified government report confirms for the first time that U.S. intelligence and spy agencies purchase vast amounts of commercially available information on Americans, including data from connected vehicles, web browsing data, and smartphones. By the U.S. government’s own admission, the data it purchases “clearly provides intelligence value,” but also “raises significant issues related […]

Read more
Barracuda urges customers to remove and replace vulnerable hardware exploited by hackers

Barracuda urges customers to remove and replace vulnerable hardware exploited by hackers

Barracuda Networks has told customers they must replace vulnerable email gateway appliances following the disclosure of a critical security flaw. The technology company, which provides security, networking and storage products, is issuing the extraordinary guidance as it struggles to contain a zero-day flaw that hackers have exploited since October. Hackers are abusing the critical-rated vulnerability, […]

Read more
Shell Recharge security lapse exposed EV drivers’ data

Shell Recharge security lapse exposed EV drivers’ data

Oil giant Shell said it is investigating after a security researcher found an exposed internal database spilling the personal information of drivers who use the company’s electric vehicle charging stations. Security researcher Anurag Sen found a database online that contained close to a terabyte of logging data relating to Shell Recharge, the company’s worldwide network […]

Read more
Microsoft to pay $20M settlement for illegally collecting children’s personal data

Microsoft to pay $20M settlement for illegally collecting children’s personal data

Microsoft will pay $20 million to settle charges brought by the Federal Trade Commission accusing the tech giant of illegally collecting the personal information of children without their parents’ consent — and in some cases retaining it “for years.” The federal consumer watchdog said Microsoft violated the Children’s Online Privacy Protection Act (COPPA), the federal […]

Read more