Pulse of Truth
- How Chinese insiders are stealing data scooped up by President Xi's national surveillance systemgo.theregister.com How Chinese insiders exploit its surveillance state
'It's a double-edged sword,' security researchers tell The Reg
'It's a double-edged sword,' security researchers tell The Reg Feature Chinese tech company employees and government workers are siphoning off user data and selling it online - and even high-ranking Chinese Communist Party officials and FBI-wanted hackers' sensitive information is being peddled by the Middle Kingdom's thriving illegal data ecosystem.…
- Mysterious Drones Are Flying Over New Jersey at Nightgizmodo.com Mysterious Drones Are Flying Over New Jersey at Night
Authorities can't (or won't) explain why large drones have repeatedly been sighted by Jersey residents.
Authorities can't (or won't) explain why large drones have repeatedly been sighted by Jersey residents.
- A profile of Brain Krebs, who in the past 20 years has probed and outed some of the worst cybercriminals, including the alleged hackers of Snowflake clients (Wall Street Journal)www.techmeme.com A profile of Brain Krebs, who in the past 20 years has probed and outed some of the worst cybercriminals, including the alleged hackers of Snowflake clients
From Wall Street Journal. View the full context on Techmeme.
Wall Street Journal: A profile of Brain Krebs, who in the past 20 years has probed and outed some of the worst cybercriminals, including the alleged hackers of Snowflake clients — In the increasingly dangerous world of cybercrime, Brian Krebs faces threats, manipulation and the odd chess challenge
- Teen creates memecoin, dumps it, earns $50,000arstechnica.com Teen creates memecoin, dumps it, earns $50,000
Unsurprisingly, he and his family were doxed by angry traders.
Unsurprisingly, he and his family were doxed by angry traders.
- Major Health Insurance Companies Take Down Leadership Pages Following Murder of United Healthcare CEOwww.404media.co Major Health Insurance Companies Take Down Leadership Pages Following Murder of United Healthcare CEO
Following the shooting of United Healthcare CEO Brian Thompson, multiple major health insurance companies have taken their executive leadership pages offline.
Following the shooting of United Healthcare CEO Brian Thompson, multiple major health insurance companies have taken their executive leadership pages offline.
- A look at the Silicon Valley billionaires and millionaires steering Trump's transition by shaping hiring decisions and conducting senior-level job interviews (New York Times)www.techmeme.com A look at the Silicon Valley billionaires and millionaires steering Trump's transition by shaping hiring decisions and conducting senior-level job interviews
From New York Times. View the full context on Techmeme.
New York Times: A look at the Silicon Valley billionaires and millionaires steering Trump's transition by shaping hiring decisions and conducting senior-level job interviews — The involvement of wealthy investors has made this presidential transition one of the most potentially conflict-ridden in modern history.
- Your AI clone could target your family, but there’s a simple defensearstechnica.com Your AI clone could target your family, but there’s a simple defense
The FBI now recommends choosing a secret password to thwart AI voice clones from tricking people.
The FBI now recommends choosing a secret password to thwart AI voice clones from tricking people.
- Hackers Using Fake Video Conferencing Apps to Steal Web3 Professionals' Datathehackernews.com Hackers Using Fake Video Conferencing Apps to Steal Web3 Professionals' Data
Realst malware, hidden in fake video conferencing apps, targets Web3 workers to steal crypto wallets.
Cybersecurity researchers have warned of a new scam campaign that leverages fake video conferencing apps to deliver an information stealer called Realst targeting people working in Web3 under the guise of fake business meetings. "The threat actors behind the malware have set up fake companies using AI to make them increase legitimacy," Cado Security researcher Tara Gould said. "The company
- Romania ’s election systems hit by 85,000 attacks ahead of presidential votesecurityaffairs.com Romania ’s election systems hit by 85,000 attacks ahead of presidential vote
Romania's election systems suffered over 85K attacks,with leaked credentials posted on a Russian hacker forum before the presidential election
Romania ‘s election systems suffered over 85,000 attacks, with leaked credentials posted on a Russian hacker forum before the presidential election. Romania ‘s Intelligence Service revealed that over 85,000 cyberattacks targeted the country’s election systems. Threat actors gained access to credentials for election-related websites, and then leaked them on Russian cybercrime forums a few days […]
- Booking.com says typos giving strangers access to private trip info is not a bugarstechnica.com Booking.com says typos giving strangers access to private trip info is not a bug
Popular trip site confirmed it can’t stop typos after user flagged privacy issue.
Popular trip site confirmed it can't stop typos after user flagged privacy issue.
- You Can Now Use Uber to Harass Neighbors by Sending Carolers to Their Doorgizmodo.com You Can Now Use Uber to Harass Neighbors by Sending Carolers to Their Door
Uber is re-upping its Christmas tree delivery service, but this year’s festivities also include a door-to-door amateur chorus.
Uber is re-upping its Christmas tree delivery service, but this year’s festivities also include a door-to-door amateur chorus.
- Sources: with its own modem in the pipeline, Apple is investigating bringing cellular connectivity to the Mac and headsets like Vision Pro for the first time (Mark Gurman/Bloomberg)www.techmeme.com Sources: with its own modem in the pipeline, Apple is investigating bringing cellular connectivity to the Mac and headsets like Vision Pro for the first time
By Mark Gurman / Bloomberg. View the full context on Techmeme.
Mark Gurman / Bloomberg: Sources: with its own modem in the pipeline, Apple is investigating bringing cellular connectivity to the Mac and headsets like Vision Pro for the first time — - Apple explores bringing cell service to Macs for first time — Company is preparing three-year rollout to replace Qualcomm
- Texas Teen Arrested for Scattered Spider Telecom Hackswww.darkreading.com Texas Teen Arrested for Scattered Spider Telecom Hacks
An FBI operation nabbed a member of the infamous cybercrime group, who is spilling the tea on 'key Scattered Spider members' and their tactics.
An FBI operation nabbed a member of the infamous cybercrime group, who is spilling the tea on 'key Scattered Spider members' and their tactics.
- Blue Yonder SaaS giant breached by Termite ransomware gang
The Termite ransomware gang has officially claimed responsibility for the November breach of software as a service (SaaS) provider Blue Yonder. [...]
- Teenagers leading new wave of cybercrimewww.helpnetsecurity.com Teenagers leading new wave of cybercrime - Help Net Security
While supply chain breaches dominated the cyber landscape in 2024, AI-related incidents will likely become a major headline maker in 2025.
Global data breaches show no signs of slowing down as this year has already exceeded 2023 in the number of data breaches and consumers impacted, according to Experian. Younger cybercriminals on the rise Today, the world of cyber hacking is not confined to grown ups nor is the fallout. According to the FBI, the average age of someone arrested for cybercrime is 19 vs. 37 for any crime. Many teens will have been recruited into … More → The post Teenagers leading new wave of cybercrime appeared first on Help Net Security.
- UnitedHealthcare CEO Fatally Shot, Gunman Still at Largegizmodo.com UnitedHealthcare CEO Fatally Shot, Gunman Still at Large
"The suspect was lying in wait for several minutes," according to the NYPD.
"The suspect was lying in wait for several minutes," according to the NYPD.
- New Android spyware found on phone seized by Russian FSB
After a Russian programmer was detained by Russia's Federal Security Service (FSB) for fifteen days and his phone confiscated, it was discovered that a new spyware was secretly installed on his device upon its return. [...]
- The world is running short of copper - telecoms networks could be the answer
A shortage of copper presents an opportunity for telcos that are moving away from using the material for their legacy networks
- With Threats to Encryption Looming, Signal’s Meredith Whittaker Says ‘We’re Not Changing’www.wired.com With Threats to Encryption Looming, Signal’s Meredith Whittaker Says ‘We’re Not Changing’
At WIRED’s The Big Interview event, the president of the Signal Foundation talked about secure communications as critical infrastructure and the need for a new funding paradigm for tech.
At WIRED’s The Big Interview event, the president of the Signal Foundation talked about secure communications as critical infrastructure and the need for a new funding paradigm for tech.
- Reminder: Cops Can Point a Camera at Your House 24/7 Without a Warrantgizmodo.com Reminder: Cops Can Point a Camera at Your House 24/7 Without a Warrant
The Supreme Court recently declined to hear a case that civil liberties groups hoped might stop prolonged, warrantless surveillance with pole cameras.
The Supreme Court recently declined to hear a case that civil liberties groups hoped might stop prolonged, warrantless surveillance with pole cameras.
- 65% of office workers bypass cybersecurity to boost productivitywww.helpnetsecurity.com 65% of office workers bypass cybersecurity to boost productivity - Help Net Security
These days, almost all employees have some kind of sensitive or privileged access; they need it, in fact, just to get the job done.
High-risk access exists throughout the workplace, in almost every job role, proving that the time has come for organizations to re-think the way they protect their workforce, according to CyberArk. CyberArk surveyed 14,003 employees in the UK, USA, France, Germany, Australia and Singapore to uncover workforce behaviors that security teams are most keen to put a stop to. Employees depend on privileged access to complete daily tasks These days, almost all employees have some kind … More → The post 65% of office workers bypass cybersecurity to boost productivity appeared first on Help Net Security.
- 70% of open-source components are poorly or no longer maintainedwww.helpnetsecurity.com 70% of open-source components are poorly or no longer maintained - Help Net Security
The geographic distribution of open-source contributions introduces geopolitical risks that organizations must urgently consider.
The geographic distribution of open-source contributions introduces geopolitical risks that organizations must urgently consider, especially with rising nation-state attacks, according to Lineaje. Open-source code risks rise with anonymous contributions Microsoft estimates that its customers face 600 million cyberattacks daily, 24% of which are nation-state attackers targeting the IT sector. With software supporting increasingly vital systems, the origin of code has become a matter of national and economic security. 34% of open-source contributions come from the … More → The post 70% of open-source components are poorly or no longer maintained appeared first on Help Net Security.
- A New Phone Scanner That Detects Spyware Has Already Found 7 Pegasus Infectionswww.wired.com A New Phone Scanner That Detects Spyware Has Already Found 7 Pegasus Infections
The mobile device security firm iVerify has been offering a tool since May that makes spyware scanning accessible to anyone—and it’s already turning up victims.
The mobile device security firm iVerify has been offering a tool since May that makes spyware scanning accessible to anyone—and it's already turning up victims.
- Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defensesthehackernews.com Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses
Hackers exploit corrupted ZIPs and Office files, bypassing email filters and antivirus to launch phishing scams.
Cybersecurity researchers have called attention to a novel phishing campaign that leverages corrupted Microsoft Office documents and ZIP archives as a way to bypass email defenses. "The ongoing attack evades #antivirus software, prevents uploads to sandboxes, and bypasses Outlook's spam filters, allowing the malicious emails to reach your inbox," ANY.RUN said in a series of posts on X. The
- Vodka maker Stoli files for bankruptcy in US after ransomware attack
Stoli Group's U.S. companies have filed for bankruptcy following an August ransomware attack and Russian authorities seizing the company's remaining distilleries in the country. [...]
- Solana Web3.js library backdoored to steal secret, private keys
The legitimate Solana JavaScript SDK was temporarily compromised yesterday in a supply chain attack, with the library backdoored with malicious code to steal cryptocurrency private keys and drain wallets. [...]
- Russian-linked Turla caught using Pakistani APT infrastructure for espionagecyberscoop.com Russian-linked Turla caught using Pakistani APT infrastructure for espionage
A Russian cyber-espionage group has been caught using networks associated with a Pakistani-based APT group.
Both Microsoft and Lumen’s BlackLotus Labs found Turla spying on Afghanistan and India via Pakistani infrastructure. The post Russian-linked Turla caught using Pakistani APT infrastructure for espionage appeared first on CyberScoop.
- Deloitte Hacked – Brain Cipher Ransomware Group Allegedly Stolen 1 TB of Data
Notorious ransomware group Brain Cipher has claimed to have breached Deloitte UK, allegedly exfiltrating over 1 terabyte of sensitive data from the professional services giant. Brain Cipher is a ransomware group that emerged in June 2024, quickly gaining notoriety for its cyberattacks on organizations worldwide. Notably, it was responsible for a significant attack on Indonesia’s […] The post Deloitte Hacked – Brain Cipher Ransomware Group Allegedly Stolen 1 TB of Data appeared first on Cyber Security News.
- New DroidBot Android banking malware spreads across Europe
A new Android banking malware named 'DroidBot' attempts to steal credentials for over 77 cryptocurrency exchanges and banking apps in the UK, Italy, France, Spain, and Portugal. [...]
- She Was a Russian Socialite and Influencer. Cops Say She’s a Crypto Laundering Kingpinwww.wired.com She Was a Russian Socialite and Influencer. Cops Say She’s a Crypto Laundering Kingpin
Western authorities say they’ve identified a network that found a new way to clean drug gangs’ dirty cash. WIRED gained exclusive access to the investigation.
Western authorities say they’ve identified a network that found a new way to clean drug gangs’ dirty cash. WIRED gained exclusive access to the investigation.
- Company claims 1,000 percent price hike drove it from VMware to open source rivalarstechnica.com Company claims 1,000 percent price hike drove it from VMware to open source rival
Cloud provider moved most of its 20,000 VMs off VMware.
Cloud provider moved most of its 20,000 VMs off VMware.
- Sweden-Finland terrestrial Internet cable cut, sabotage suspected
Less than a month after subsea cables were cut in a suspicious manner
- Are Long-Lived Credentials the New Achilles’ Heel for Cloud Security?www.techrepublic.com Are Long-Lived Credentials the New Achilles' Heel for Cloud Security?
Datadog's report highlights long-lived credentials as a cloud security Achilles' heel. Discover risks and ways to secure your environment.
Datadog advises Australian and APAC companies to phase out long-lived cloud credentials.
- Your Bluesky Posts Are Probably In A Bunch of Datasets Nowwww.404media.co Your Bluesky Posts Are Probably In A Bunch of Datasets Now
After a machine learning librarian released and then deleted a dataset of one million Bluesky posts, several other, even bigger datasets have appeared in its place—including one of almost 300 million non-anonymized posts.
After a machine learning librarian released and then deleted a dataset of one million Bluesky posts, several other, even bigger datasets have appeared in its place—including one of almost 300 million non-anonymized posts.
- Apple Illegally Surveilled and Censored Workers, Employee Lawsuit Saysgizmodo.com Apple Illegally Surveilled and Censored Workers, Employee Lawsuit Says
The lawsuit filed Monday by a current Apple employee comes after federal labor investigators accused the company of imposing illegal policies on its workforce.
The lawsuit filed Monday by a current Apple employee comes after federal labor investigators accused the company of imposing illegal policies on its workforce.
- Beyond Compliance: Achieving Cyber Resilience in the Financial Sector with DORA and TIBER-EUwww.sans.org Beyond Compliance: Achieving Cyber Resilience in the Financial Sector with DORA and TIBER-EU | SANS Institute
A blog about the EU's new financial sector cybersecurity regulations, DORA and TIBER-EU
A blog about the EU's new financial sector cybersecurity regulations, DORA and TIBER-EU
- OpenWrt releases the $89+ OpenWrt One router, a "hacker-friendly device" with open-source firmware, two Ethernet ports, three USB ports, and dual-band Wi-Fi 6 (Jowi Morales/Tom's Hardware)www.techmeme.com OpenWrt releases the $89+ OpenWrt One router, a “hacker-friendly device” with open-source firmware, two Ethernet ports, three USB ports, and dual-band Wi-Fi 6
By Jowi Morales / Tom's Hardware. View the full context on Techmeme.
Jowi Morales / Tom's Hardware: OpenWrt releases the $89+ OpenWrt One router, a “hacker-friendly device” with open-source firmware, two Ethernet ports, three USB ports, and dual-band Wi-Fi 6 — This ‘Unbrickable’ router should never fail you. … The group worked together to draft the specifications for this router …
- Bypassing WAFs with the phantom $Version cookieportswigger.net Bypassing WAFs with the phantom $Version cookie
HTTP cookies often control critical website features, but their long and convoluted history exposes them to parser discrepancy vulnerabilities. In this post, I'll explore some dangerous, lesser-known
HTTP cookies often control critical website features, but their long and convoluted history exposes them to parser discrepancy vulnerabilities. In this post, I'll explore some dangerous, lesser-known
- BT unit took servers offline after Black Basta ransomware breach
Multinational telecommunications giant BT Group (formerly British Telecom) has confirmed that its BT Conferencing business division shut down some of its servers following a Black Basta ransomware breach. [...]