The Executive Order on Improving the Nation’s Cybersecurity issued on May 12, 2021 requires federal agencies to develop a plan to adopt Zero Trust architectures within 60 days and multi-factor authentication within 180 days. With the increasing cyber attacks toward all areas of government, the executive order should...
A Massachusetts man who used SIM swapping and other account takeover techniques to target business executives and steal more than $530,000 worth of cryptocurrency has pleaded guilty to several federal charges.
It's unlikely that the U.S. abandoning its embassy and other facilities in Afghanistan poses cyber risks, thanks to the emergency planning that was already in place, some security experts say.
T-Mobile USA has confirmed that attackers accessed its computer systems, but the mobile communications provider is still investigating whether customers' personal data was exposed. Cybercrime experts say the attackers apparently involved have been tied to previous crimes targeting telecommunications since at least...
When is a data exposure not just a data exposure? According to a U.S. Securities and Exchange Commission order, education publishing giant Pearson misled investors when it failed to proactively inform them that attackers had stolen millions of rows of student information, including poorly hashed passwords.
The ransomware attack that targeted Colonial Pipeline Co. in May compromised the personal information of more than 5,800 individuals, mainly current and former employees, according to a breach notification letter.
T-Mobile USA says it is investigating a claim that as many as 100 million accounts may have been compromised in a data breach. The person who claims responsibility for the alleged breach says T-Mobile misconfigured a Gateway GPRS Support Node.
The London High Court has ordered the cryptocurrency exchange Binance to attempt to identify and freeze accounts belonging to the attackers who allegedly stole about $2.6 million from U.K.-based Fetch.ai.
Initial access brokers continue to sell easy access to networks. Given the uptake of such access by ransomware operations over the past year, one surprise is that relatively few individuals appear to be serving as brokers, which, of course, makes them an obvious target for law enforcement authorities.
A yearlong phishing campaign used various techniques to help evade security tools while attempting to harvest the credentials of Office 365 users, according to Microsoft researchers. In some cases, the attackers even used Morse code to help avoid detection.
Ukrainian police have shuttered several allegedly illegal cryptocurrency exchanges throughout the country that were processing about $1.1 million in virtual currencies each month. Officials say the exchange allegedly appeared to facilitate money laundering and had connections to Russia.
The hacker behind the $612 million breach of the blockchain-based Poly Network system has reportedly returned all stolen assets. Security experts have highlighted a critical vulnerability and a need for further DeFi security regulations.
Cybercriminals have developed a blockchain analytics tool on the darknet that could help a gang launder illegally obtained bitcoin, and they are actively marketing it, according to the cryptocurrency analytics firm Elliptic. The tool, however, is rated as not entirely effective.
Security researchers are tracking several ransomware gangs that are attempting to exploit a series of bugs in Microsoft Windows collectively called "PrintNightmare." Meanwhile, Microsoft has published an out-of-band alert about another zero-day flaw related to the PrintNightmare vulnerabilities.
A recently uncovered cryptomining scheme used malicious Docker images to hijack organizations’ computing resources to mine cryptocurrency, according to the cybersecurity firm Aqua Security.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.