LATEST POST
Indian IT giant Tata Consultancy Services investigating possible link to M&S cyber-attack
Tata Consultancy Services is conducting an internal investigation to determine whether it was the gateway for the cyber-attack on Marks & Spencer. The BBC reports: Tata Consultancy Services (TCS) has provided services to M&S for more than a decade. Earlier this week, M&S said the hackers who had brought huge disruption to the retailer had […]
Tiffany confirms data breach in South Korea following Dior incident
Tiffany and Dior data breaches raise security questions for parent company LVMH Tiffany & Co. has confirmed a data breach affecting customers in South Korea, marking the second such incident involving an LVMH Moët Hennessy Louis Vuitton brand after a similar case at Dior. The Chosun reports that on May 26, Tiffany Korea notified select […]
Hacker who breached Trump aide’s app stole data across government
Reuters reports that the person who hacked TeleMessage, the communications service used by former Trump national security adviser Mike Waltz, acquired messages from more officials than was previously reported. Smarsh, the company that owns TeleMessage, suspended service after the hack was revealed. Unlike Signal, which automatically deletes messages after whatever timeframe is set by the […]
Cybercrime is ‘orders of magnitude’ larger than state-backed ops, says ex-White House advisor
The Register has an interview with former White House advisor Michael Daniel. Uncle Sam’s cybersecurity apparatus can’t only focus on China and other nation-state actors, but also has to fight the much bigger damage from plain old cybercrime, says former White House advisor Michael Daniel. And the Trump administration’s steep cuts to federal government staff […]
FTC Fines GoDaddy for Weak Security, Data Breaches
The Southern Maryland Chronicle reports: The Federal Trade Commission finalized a settlement with GoDaddy on May 23, 2025, addressing allegations that the web hosting provider misled consumers about its data security practices, leading to multiple data breaches. The order, approved unanimously by a 3-0 vote, mandates significant security upgrades and prohibits GoDaddy from making false […]
Authorities claim to have broken key links in the ‘ransomware kill chain’…for now at least
Seen at The Stack: Europol, the DoJ and other law enforcement agencies “neutralized” a swathe of malware strains this week, which they said was a “direct blow to the ransomware kill chain.” The actions were part of the ongoing Operation Endgame which targeted a series of botnets just over a year ago. But it’s worth […]
Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials
A trove of breached data, which has now been taken down, includes user logins for platforms including Apple, Google, and Meta. Among the exposed accounts are ones linked to dozens of governments. WIRED reports: The possibility that data could be inadvertently exposed in a misconfigured or otherwise unsecured database is a longtime privacy nightmare that has been difficult to fully address. […]
3AM ransomware uses spoofed IT calls, email bombing to breach networks
BleepingComputer reports: A 3AM ransomware affiliate is conducting highly targeted attacks using email bombing and spoofed IT support calls to socially engineer employees into giving credentials for remote access to corporate systems. This tactic was previously linked to the Black Basta ransomware gang and later observed in FIN7 attacks, but its effectiveness has driven a wider […]