cybersecurity

Prequel is building a community-driven approach to finding software bugs

Startups /

Cybersecurity practitioners take a community-driven approach to solving problems. Security researchers share the vulnerabilities they find with the broader cybersecurity community, which allows companies to patch up their security holes before something catastrophic happens. Prequel is looking to bring that same approach to software. The startup is building a database of software failure patterns or […]

Prequel is building a community-driven approach to finding software bugs Read More »

Serbian police used Cellebrite to unlock, then plant spyware, on a journalist’s phone

Security /

This year, a Serbian journalist and an activist had their phones hacked by local authorities using a cellphone-unlocking device made by forensic tool maker Cellebrite. The authorities’ goal was not only to unlock the phones to access their personal data, as Cellebrite allows, but also to install spyware to enable further surveillance, according to a

Serbian police used Cellebrite to unlock, then plant spyware, on a journalist’s phone Read More »

UnitedHealthcare’s Optum left an AI chatbot, used by employees to ask questions about claims, exposed to the internet

Security /

Healthcare giant Optum has restricted access to an internal AI chatbot used by employees after a security researcher found it was publicly accessible online, and anyone could access it using only a web browser.  The chatbot, which TechCrunch has seen, allowed employees to ask the company questions about how to handle patient health insurance claims

UnitedHealthcare’s Optum left an AI chatbot, used by employees to ask questions about claims, exposed to the internet Read More »

Yahoo cybersecurity team sees layoffs, outsourcing of ‘red team,’ under new CTO

Security /

Yahoo laid off around 25% of its cybersecurity team — known as The Paranoids — over the last year, TechCrunch has learned. Overall, the company has laid off or lost through attrition 40 to 50 people from a total of 200 employees in the cybersecurity team since the start of 2024, according to multiple current

Yahoo cybersecurity team sees layoffs, outsourcing of ‘red team,’ under new CTO Read More »

Researchers find security flaws in Skoda cars that may let hackers remotely track them

Transportation /

Security researchers have discovered multiple vulnerabilities in the infotainment units used in some Skoda cars that could allow malicious actors to remotely trigger certain controls and track the cars’ location in real time. PCAutomotive, a cybersecurity firm specializing in the automotive sector, unveiled 12 new security vulnerabilities impacting the latest model of the Skoda Superb

Researchers find security flaws in Skoda cars that may let hackers remotely track them Read More »

Bitcoin ATM giant Byte Federal says 58,000 users’ personal data compromised in breach

Security /

Byte Federal, one of the largest Bitcoin ATM operators in the U.S., said the personal data of thousands of customers may have been compromised during a recent breach. In a filing with Maine’s attorney general, Florida-based Byte Federal said hackers tried to access the data of 58,000 customers, including names, addresses, phone numbers, government-issued IDs,

Bitcoin ATM giant Byte Federal says 58,000 users’ personal data compromised in breach Read More »

Russian government spies targeted Ukraine using tools developed by cybercriminals

Security /

A Russian-government backed hacking group targeted Ukraine’s military using tools and infrastructure developed by cybercriminals, according to new research. On Wednesday, Microsoft published a report detailing a hacking campaign carried out by a group it calls Secret Blizzard, which the U.S. Cybersecurity and Infrastructure Security Agency (CISA) previously said “is almost certainly subordinate to the

Russian government spies targeted Ukraine using tools developed by cybercriminals Read More »

Krispy Kreme discloses cyberattack that is disrupting online orders

Security /

International doughnut chain Krispy Kreme disclosed a security incident on Wednesday, which the company said has caused  “certain operational disruptions, including with online ordering in parts of the United States.” Krispy Kreme disclosed the cyberattack in an 8-K filing with the SEC. The company said it was “notified regarding unauthorized activity on a portion of

Krispy Kreme discloses cyberattack that is disrupting online orders Read More »

Researchers uncover Chinese spyware used to target Android devices

Security /

Security researchers have uncovered a new surveillance tool that they say has been used by Chinese law enforcement to collect sensitive information from Android devices in China. The tool, named “EagleMsgSpy,” was discovered by researchers at U.S. cybersecurity firm Lookout. The company said at the Black Hat Europe conference on Wednesday that it had acquired

Researchers uncover Chinese spyware used to target Android devices Read More »

US sanctions Chinese cybersecurity firm for firewall hacks targeting critical infrastructure

Security /

The U.S. sanctioned a Chinese cybersecurity company and one of its employees for exploiting a zero-day vulnerability in Sophos firewalls to target U.S. organizations. On Tuesday, the U.S. Treasury Department said Guan Tianfeng, an employee of Sichuan Silence, used the vulnerability to compromise approximately 81,000 firewalls in April 2020. The hacking campaign, detailed by Sophos

US sanctions Chinese cybersecurity firm for firewall hacks targeting critical infrastructure Read More »