The government initially warned residents of the ransomware attack on December 19 and said it was working with U.K. government officials to address the attack. The attackers gained access to the...

The so-called AI diffusion rule from Commerce’s Bureau of Industry and Security faced swift pushback from industry. The post Biden administration unveils export controls on AI models, chips...

The proposed rules would ban public sector bodies in the UK from making extortion payments and require all victims to report ransomware incidents to the government.

A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency...

Proton Pass offers interoperability with Proton VPN and Proton Mail, along with a host of security features compatible with most devices and operating systems.

On several occasions recently, hackers have gone after Amazon Web Services’ cloud storage products known as S3 buckets and used the company’s own encryption tools to lock customers out of their data.

In recent months, incoming Trump administration national security adviser Mike Waltz and some lawmakers have suggested that in response to Chinese cyber breaches, the United States needs to...

Blood-donation not-for-profit OneBlood confirms that donors' personal information was stolen in a ransomware attack last summer. [...]

The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect...

In 2024, ransomware attacks targeting VMware ESXi servers reached alarming levels, with the average ransom demand skyrocketing to $5 million. With approximately 8,000 ESXi hosts exposed directly...

Diplomatic entities in Kazakhstan and Central Asia have been targeted by UAC-0063 using weaponized Word docs deploying HATVIBE malware

​CISA tagged a vulnerability in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks, ordering agencies to secure their systems within three weeks. [...]

Path of Exile 2 developers confirmed that a hacked admin account allowed a threat actor to change the password and access at least 66 accounts, finally explaining how PoE 2 accounts have been...

In December 2024, AhnLab SEcurity intelligence Center (ASEC) identified the distribution of malware using MS Windows CAB header batch file (*.cmd) with AhnLab’s email honeypot. The malware known...

Microsoft confirmed an outage of its multi-factor authentication system impacting access to Microsoft 365, causing login failures and service disruption

Recorded Future News sat down with Rep. Don Bacon late last week in his Capitol Hill office to talk about his goals for the subcommittee, the state of DOD innovation, and the future of Cyber Command.

The Philips 5000 Series Video Palm Recognition smart lock builds upon the success of its predecessor.

Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. [...]

The Cybersecurity and Infrastructure Security Agency (CISA) joined by 11 domestic and international partners, including the European Commission,... The post Cybersecurity agencies focus on...

Bitwarden and 1Password are two of the top password managers. Find out which password manager is the best for you using this comprehensive comparison.

Researchers at Check Point said FunkSec operators appear to use AI for malware development

Threat actors are exploiting a critical remote command execution vulnerability, tracked as CVE-2024-50603, in Aviatrix Controller instances to install backdoors and crypto miners. [...]

SUMMARY Three Russian nationals have been indicted for their alleged roles in running cryptocurrency mixing services Blender.io and…

The company confirmed the breach after a hacker posted millions of location data records online. © 2024 TechCrunch. All rights reserved. For personal use only.

Nominet, the U.K. domain registry that maintains .co.uk domains, has experienced a cybersecurity incident that it confirmed is linked to the recent exploitation of a new Ivanti VPN vulnerability....

Cybersecurity researchers are warning of a new stealthy credit card skimmer campaign that targets WordPress e-commerce checkout pages by inserting malicious JavaScript code into a database table...

A new WEF report highlighted growing disparities in the cyber capabilities of different types of organizations and regions

Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability. [...]

No less than 4,000 unique web backdoors previously deployed by various threat actors have been hijacked by taking control of abandoned and expired infrastructure for as little as $20 per domain....

Telefónica faces a data breach impacting its internal systems, linked to hackers using compromised credentials. Learn more about this alarming cyber threat.