LATEST POST
Cybercrime is ‘orders of magnitude’ larger than state-backed ops, says ex-White House advisor
The Register has an interview with former White House advisor Michael Daniel. Uncle Sam’s cybersecurity apparatus can’t only focus on China and other nation-state actors, but also has to fight the much bigger damage from plain old cybercrime, says former White House advisor Michael Daniel. And the Trump administration’s steep cuts to federal government staff […]
FTC Fines GoDaddy for Weak Security, Data Breaches
The Southern Maryland Chronicle reports: The Federal Trade Commission finalized a settlement with GoDaddy on May 23, 2025, addressing allegations that the web hosting provider misled consumers about its data security practices, leading to multiple data breaches. The order, approved unanimously by a 3-0 vote, mandates significant security upgrades and prohibits GoDaddy from making false […]
Authorities claim to have broken key links in the ‘ransomware kill chain’…for now at least
Seen at The Stack: Europol, the DoJ and other law enforcement agencies “neutralized” a swathe of malware strains this week, which they said was a “direct blow to the ransomware kill chain.” The actions were part of the ongoing Operation Endgame which targeted a series of botnets just over a year ago. But it’s worth […]
Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials
A trove of breached data, which has now been taken down, includes user logins for platforms including Apple, Google, and Meta. Among the exposed accounts are ones linked to dozens of governments. WIRED reports: The possibility that data could be inadvertently exposed in a misconfigured or otherwise unsecured database is a longtime privacy nightmare that has been difficult to fully address. […]
3AM ransomware uses spoofed IT calls, email bombing to breach networks
BleepingComputer reports: A 3AM ransomware affiliate is conducting highly targeted attacks using email bombing and spoofed IT support calls to socially engineer employees into giving credentials for remote access to corporate systems. This tactic was previously linked to the Black Basta ransomware gang and later observed in FIN7 attacks, but its effectiveness has driven a wider […]
Russian Intelligence Hackers Stalk Western Logistics Firms
GovInfoSecurity reports: A slew of Western cybersecurity agencies warned Wednesday that Russian intelligence is targeting logistics and technology companies in a prolonged hacking campaign that includes an emphasis on internet-connected cameras situated along border crossings and military installations. The advisory includes indicators of compromise typical of an attack by Unit 26165 of the Russian Main Intelligence Directorate. […]
Scottish council admits ransomware crooks stole school data
The Register reports: Scotland’s West Lothian Council has confirmed that data was stolen from its education network after the Interlock ransomware group claimed responsibility for the intrusion earlier this month. The local authority, governing a region bordering Edinburgh, originally said that there was no evidence to suggest that data had been taken when it first […]
Privilege Under Fire: Protecting Forensic Reports in the Wake of a Data Breach
Baker Donelson writes: Read more at JDSupra. \