hacking

Apple fixes zero-day flaw affecting all devices

Apple released the latest updates for its iPhone, iPad and Mac operating systems on Monday, which included switching on Apple Intelligence by default for newer devices.  As part of this batch of software updates, Apple also released several patches fixing security bugs, including a zero-day bug that “may have been actively exploited” — meaning hackers […]

Apple fixes zero-day flaw affecting all devices Read More »

TalkTalk investigating data breach after hacker claims theft of customer data

U.K. telecoms giant TalkTalk has confirmed that it is investigating a data breach after a hacker claimed to have stolen the personal information of millions of customers. In a post on a popular cybercrime forum seen by TechCrunch, an individual using the alias “b0nd” claimed to have stolen the personal data of more than 18.8

TalkTalk investigating data breach after hacker claims theft of customer data Read More »

Hidden Waymo feature let researcher customize robotaxi’s display

A security researcher found a hidden unreleased feature in the Waymo app that allowed her to display whatever characters she wanted on the robotaxi’s top display.  Jane Manchun Wong, a well-known security researcher, posted an image on X on Saturday showing the top display of a Waymo car — officially called “dome” — that included

Hidden Waymo feature let researcher customize robotaxi’s display Read More »

What PowerSchool isn’t saying about its ‘massive’ student data breach

It’s only January, but the recent hack of U.S. edtech giant PowerSchool has the potential to be one of the biggest breaches of the year.  PowerSchool, which provides K-12 software to more than 18,000 schools to support some 60 million students in the United States, confirmed the breach in early January. The California-based company, which

What PowerSchool isn’t saying about its ‘massive’ student data breach Read More »

HPE investigating security breach after hacker claims theft of sensitive data

Hewlett-Packard Enterprise is investigating a data breach after a well-known hacker claimed to have stolen sensitive information from the company. The hacker, who uses the alias “IntelBroker,” claims to have stolen a trove of data from HPE, the enterprise IT division of hardware giant HP.  In a post on a popular cybercrime forum on January

HPE investigating security breach after hacker claims theft of sensitive data Read More »

How victims of PowerSchool’s data breach helped each other investigate ‘massive’ hack

On January 7, at 11:10 p.m. in Dubai, Romy Backus received an email from education technology giant PowerSchool notifying her that the school she works at was one of the victims of a data breach that the company discovered on December 28. PowerSchool said hackers had accessed a cloud system that housed a trove of

How victims of PowerSchool’s data breach helped each other investigate ‘massive’ hack Read More »

Treasury sanctions Salt Typhoon hacking group behind breaches of major US telecom firms

The U.S. government has announced sanctions against a Chinese organization with links to Salt Typhoon, the hacking group responsible for the largest telecoms hack in U.S. history.  The Treasury Department’s Office of Foreign Assets Control (OFAC) announced on Friday that it had sanctioned a China-based cybersecurity company, known as Sichuan Juxinhe Network Technology, which it

Treasury sanctions Salt Typhoon hacking group behind breaches of major US telecom firms Read More »

UK plans to ban public sector organizations from paying ransomware hackers

U.K. public sector and critical infrastructure organizations could be banned from making ransom payments under new proposals from the U.K. government.  The U.K.’s Home Office launched a consultation on Tuesday that proposes a “targeted ban” on ransomware payments. Under the proposal, public sector bodies — including local councils, schools, and NHS trusts — would be

UK plans to ban public sector organizations from paying ransomware hackers Read More »

UK domain giant Nominet confirms cybersecurity incident linked to Ivanti VPN hacks

Nominet, the U.K. domain registry that maintains .co.uk domains, has experienced a cybersecurity incident that it confirmed is linked to the recent exploitation of a new Ivanti VPN vulnerability. In an email to customers, seen by TechCrunch, Nominet warned of an “ongoing security incident” under investigation. Nominet said hackers accessed its systems via “third-party VPN

UK domain giant Nominet confirms cybersecurity incident linked to Ivanti VPN hacks Read More »

Meet the Chinese ‘Typhoon’ hackers preparing for war

Of the cybersecurity risks facing the United States today, few loom larger than the potential sabotage capabilities posed by China-backed hackers, which senior U.S. national security officials have described as an “epoch-defining threat.” The U.S. says Chinese government-backed hackers have — in some cases for years — been burrowing deep into the networks of U.S.

Meet the Chinese ‘Typhoon’ hackers preparing for war Read More »