U.S. authorities have confirmed that they disrupted the operations of a Chinese state-backing hacking group, which infiltrated millions of computers worldwide to steal data as part of a years-long espionage campaign. The Department of Justice and the FBI said on Tuesday that they had successfully deleted the malware planted by the China-backed hacking group, known […]
U.K. public sector and critical infrastructure organizations could be banned from making ransom payments under new proposals from the U.K. government. The U.K.’s Home Office launched a consultation on Tuesday that proposes a “targeted ban” on ransomware payments. Under the proposal, public sector bodies — including local councils, schools, and NHS trusts — would be
UK plans to ban public sector organizations from paying ransomware hackers Read More »
Toward the end of 2023, an Israeli security researcher from Tel Aviv said that he was approached on LinkedIn with an opportunity to work abroad with “good pay.” He said that the company’s HR department told him that it was a “legitimate” offensive security company that was starting from scratch in Barcelona, Spain. But during
How Barcelona became an unlikely hub for spyware startups Read More »
A hack and data breach at location data broker Gravy Analytics is threatening the privacy of millions of people around the world, whose smartphone apps unwittingly revealed their location data collected by the data giant. The full scale of the data breach isn’t yet known, but the alleged hacker has already published a large sample
A breach of a data broker’s trove of location data threatens the privacy of millions Read More »
Nominet, the U.K. domain registry that maintains .co.uk domains, has experienced a cybersecurity incident that it confirmed is linked to the recent exploitation of a new Ivanti VPN vulnerability. In an email to customers, seen by TechCrunch, Nominet warned of an “ongoing security incident” under investigation. Nominet said hackers accessed its systems via “third-party VPN
UK domain giant Nominet confirms cybersecurity incident linked to Ivanti VPN hacks Read More »
Of the cybersecurity risks facing the United States today, few loom larger than the potential sabotage capabilities posed by China-backed hackers, which senior U.S. national security officials have described as an “epoch-defining threat.” The U.S. says Chinese government-backed hackers have — in some cases for years — been burrowing deep into the networks of U.S.
Meet the Chinese ‘Typhoon’ hackers preparing for war Read More »
Chinese hackers have reportedly breached a key office within the U.S. Treasury tasked with reviewing foreign investments and transactions that could threaten U.S. national security. CNN reports, citing U.S. officials familiar with the incident, that the Chinese hackers targeted the Committee on Foreign Investment in the United States, or CFIUS, which can approve or deny
Popular Los Angeles-based cannabis brand Stiiizy has confirmed that hackers accessed reams of sensitive customer data, including government-issued documents and medical cannabis cards, during a November cyberattack. In a data breach notice filed with California’s attorney general this week, Stiiizy said it was notified by its point-of-sale processing vendor that an “organized cybercrime group” had
Cannabis company Stiiizy says hackers accessed customers’ ID documents Read More »
In October 2024, security researcher Ben Sadeghipour was analyzing Facebook’s ad platform when he found a security vulnerability that allowed him to run commands on the internal Facebook server housing that platform, essentially giving him control of the server. After he reported the vulnerability to Facebook’s owner Meta, which Sadeghipour said took just one hour
Facebook awards researcher $100,000 for finding bug that granted internal access Read More »
Edtech giant PowerSchool has warned customers that hackers accessed its customers’ highly sensitive information — including student Social Security numbers, grades, and medical information — during a recent data breach, TechCrunch has learned. In an FAQ obtained by TechCrunch that was sent to affected customers this week, PowerSchool says that “sensitive personal information” was accessed during
