SecurityWeek

Russia's Turla hackers hijacked 33 command servers operated by Pakistani hackers who had themselves breached Afghanistan and Indian targets.

Crimenetwork, the largest German-speaking online crime marketplace, has been shut down and one of its admins has been arrested.

Tuskira is working on an AI-powered security mesh promising to integrate fragmented security tools and mitigate risk exposure in real time.

A second vulnerability in Zyxel firewalls has been exploited in Helldown ransomware attacks over the past weeks.

Government agencies issue guidance on Chinese telecoms hacking as US officials say threat actors may have yet to be expelled. 

Even with careful and deliberate hiring, enterprise security teams will find themselves with a charlatan from time to time.

Google has released patches for 14 high-severity vulnerabilities as part of Android’s December 2024 security update.

Supply chain attack leads to decentralized application developers downloading backdoored versions of the Solana Web3.js library.

Law enforcement has taken down yet another encrypted messaging service used by criminals, but not before spying on its users.

Guidance issued by the FBI and CISA is intended to help root out the hackers and prevent similar cyberespionage.

The European Union has adopted new legislation to establish a cybersecurity shield and ensure adequate security standards for managed security services.

AWS and other vendors have announced new cloud security products and features at the cloud giant’s re:Invent 2024 conference.

Commerce Department expanded the list of Chinese technology companies subject to export controls to include many that make equipment used to make computer chips, chipmaking tools and software.

McInerney’s path to becoming a hacker is subtly different to many other hackers. He started as a 22-year old psychology graduate rather than a computer-obsessed 9-year old kid.

A hacker has posted online over 760,000 records belonging to employees of Bank of America, Koch, Nokia, JLL, Xerox, Morgan Stanley, and Bridgewater.

Hackers have caused close to $1.49 billion in cryptocurrency losses this year, with $71 million worth of assets stolen in November.

Energy sector contractor ENGlobal Corporation has restricted access to some of its systems in response to a ransomware attack.

Cisco has updated an advisory for CVE-2014-2120 to warn customers that the vulnerability has been exploited in the wild. 

AWS has launched Security Incident Response, a new service for quick and efficient security event management.

The 'Bootkitty' prototype UEFI bootkit contains an exploit for LogoFAIL and was created in a South Korea university program.