Alleged carder gang mastermind and three acolytes under arrest in Russia
The motto of the gang was "In Fraud We Trust", and they went by a dizzying range of online nicknames.
Cryptocoin broker Crypto.com says 2FA “bypass” led to $35m theft
The company has put out a brief security report that summarises the 'what', but not yet the 'how' or 'why'.
S3 Ep66: Cybercrime busts, wormable Windows, and the crisis of featuritis [Podcast + Transcript]
Latest epsiode - listen now!
Serious Security: Apple Safari leaks private data via database API – what you need to know
There's a tiny data leakage bug in the WebKit browser engine... but it could act as a "supercookie" identifier for your browsing
Romance scammer who targeted 670 women gets 28 months in jail
Found love online? Sending them money? Friends and family warning you it could be a scam? Don't be too quick to dismiss their concerns...
Serious Security: Linux full-disk encryption bug fixed – patch now!
Imagine if someone who didn't have your password could sneakily modify data that was encrypted with it.
REvil ransomware crew allegedly busted in Russia, says FSB
The Russian Federal Security Bureau has just published a report about the investigation and arrest of the infamous "REvil" ransomware crew.
S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript]
Latest episode -listen to it or read it now!
Wormable Windows HTTP hole – what you need to know
One bug in the January 2022 Patch Tuesday list is getting lots of attention: "HTTP Protocol Stack Remote Code Execution Vulnerability".
Home routers with NetUSB support could have critical kernel hole
Got a router that supports USB access across the network? You might need a kernel update...
JavaScript developer destroys own projects in supply chain “lesson”
Two popular open source JavaScript packages recently got "hacked" in a smbolic gesture by the original project creator.
MoleRats APT Launches Spy Campaign on Bankers, Politicians, Journalists
State-sponsored cyberattackers are using Google Drive, Dropbox and other legitimate services to drop spyware on Middle-Eastern targets and exfiltrate data.
The Case for Backing Up Source Code
As enterprise data security concerns grow, security experts urge businesses to back up their GitLab, GitHub, and BitBucket repositories.
Surge in Malicious QR Codes Sparks FBI Alert
QR codes have become a go-to staple for contactless transactions of all sorts during the pandemic, and the FBI is warning cybercriminals are capitalizing on their lax security to steal data and money, and drop malware.
Dark Souls 3 Servers Shut Down Due to Critical RCE Bug
The bug can allow attackers to remotely execute code on gamers’ computers. The devs temporarily deactivated PvP servers across multiple affected versions.
REvil gang member arrests strike fear among cybercriminals on the Dark Web
Dark Web forum posts uncovered by Trustwave show that the recent arrests in Russia have triggered major concerns among fellow criminals.
