security

Treasury sanctions Salt Typhoon hacking group behind breaches of major US telecom firms

The U.S. government has announced sanctions against a Chinese organization with links to Salt Typhoon, the hacking group responsible for the largest telecoms hack in U.S. history.  The Treasury Department’s Office of Foreign Assets Control (OFAC) announced on Friday that it had sanctioned a China-based cybersecurity company, known as Sichuan Juxinhe Network Technology, which it […]

Treasury sanctions Salt Typhoon hacking group behind breaches of major US telecom firms Read More »

Clop ransomware gang names dozens of victims hit by Cleo mass-hack, but several firms dispute breaches

The prolific Clop ransomware gang has named dozens of corporate victims it claims to have hacked in recent weeks after exploiting a vulnerability ​​in several enterprise popular file transfer products developed by U.S. software company Cleo.  In a post on its dark web leak site, seen by TechCrunch, the Russia-linked Clop gang listed 59 organizations

Clop ransomware gang names dozens of victims hit by Cleo mass-hack, but several firms dispute breaches Read More »

PowerSchool data breach victims say hackers stole ‘all’ historical student and teacher data

U.S. school districts affected by the recent cyberattack on edtech giant PowerSchool have told TechCrunch that hackers accessed “all” of their historical student and teacher data stored in their student information systems.  PowerSchool, whose school records software is used to support more than 50 million students across the United States, was hit by an intrusion

PowerSchool data breach victims say hackers stole ‘all’ historical student and teacher data Read More »

UK plans to ban public sector organizations from paying ransomware hackers

U.K. public sector and critical infrastructure organizations could be banned from making ransom payments under new proposals from the U.K. government.  The U.K.’s Home Office launched a consultation on Tuesday that proposes a “targeted ban” on ransomware payments. Under the proposal, public sector bodies — including local councils, schools, and NHS trusts — would be

UK plans to ban public sector organizations from paying ransomware hackers Read More »

UK domain giant Nominet confirms cybersecurity incident linked to Ivanti VPN hacks

Nominet, the U.K. domain registry that maintains .co.uk domains, has experienced a cybersecurity incident that it confirmed is linked to the recent exploitation of a new Ivanti VPN vulnerability. In an email to customers, seen by TechCrunch, Nominet warned of an “ongoing security incident” under investigation. Nominet said hackers accessed its systems via “third-party VPN

UK domain giant Nominet confirms cybersecurity incident linked to Ivanti VPN hacks Read More »

Microsoft accuses group of developing tool to abuse its AI service in new lawsuit

Microsoft has taken legal action against a group the company claims intentionally developed and used tools to bypass the safety guardrails of its cloud AI products. According to a complaint filed by the company in December in the U.S. District Court for the Eastern District of Virginia, a group of unnamed 10 defendants allegedly used

Microsoft accuses group of developing tool to abuse its AI service in new lawsuit Read More »

Cannabis company Stiiizy says hackers accessed customers’ ID documents

Popular Los Angeles-based cannabis brand Stiiizy has confirmed that hackers accessed reams of sensitive customer data, including government-issued documents and medical cannabis cards, during a November cyberattack. In a data breach notice filed with California’s attorney general this week, Stiiizy said it was notified by its point-of-sale processing vendor that an “organized cybercrime group” had

Cannabis company Stiiizy says hackers accessed customers’ ID documents Read More »

DoorBox debuts its new and improved smart delivery box at CES 2025

Millions of packages stolen each year. DoorBox aims to change how packages are delivered with its smart package box that features a theft-proof design with live camera feeds and an alarm that activates automatically if the box is tampered with.  After selling 2,000 units of its initial version, which offered manual functionality, the startup unveiled

DoorBox debuts its new and improved smart delivery box at CES 2025 Read More »

PowerSchool says hackers stole students’ sensitive data, including Social Security numbers, in data breach

Edtech giant PowerSchool has warned customers that hackers accessed its customers’ highly sensitive information — including student Social Security numbers, grades, and medical information — during a recent data breach, TechCrunch has learned.  In an FAQ obtained by TechCrunch that was sent to affected customers this week, PowerSchool says that “sensitive personal information” was accessed during

PowerSchool says hackers stole students’ sensitive data, including Social Security numbers, in data breach Read More »