cybersecurity
Biden signs executive order to bolster national cybersecurity
Days before leaving office, President Joe Biden signed an executive order to shore up the United States’ cybersecurity by making it easier to sanction hacking groups targeting federal agencies and the nation’s critical infrastructure. These also include ransomware gangs, which have been continuously targeting U.S. healthcare organizations in recent years, causing disruptions by encrypting systems […]
Fake CrowdStrike job offer emails target devs with crypto miners
CrowdStrike is warning that a phishing campaign is impersonating the cybersecurity company in fake job offer emails to trick targets into infecting themselves with a Monero cryptocurrency miner (XMRig). The company discovered the malicious campaign on January 7, 2025, and based on the phishing email’s content, it likely didn’t start much earlier. The attack starts […]
Washington state sues T-Mobile over 2021 data breach security failures
Washington state has sued T-Mobile over failing to secure the sensitive personal information of over 2 million Washington residents in a 2021 data breach. The case dates back to August 2021, when T-Mobile admitted that attackers brute forced their way into its corporate network and gained access to the sensitive information of 79 million people nationwide. The data breach itself, […]
US govt launches cybersecurity safety label for smart devices
Today, the White House announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for internet-connected consumer devices. The Cyber Trust Mark label, which will appear on smart products sold in the United States later this year, will help American consumers determine whether the devices they want to buy are safe […]
Windows 10 users urged to upgrade to avoid “security fiasco”
Cybersecurity firm ESET is urging Windows 10 users to upgrade to Windows 11 or Linux to avoid a “security fiasco” as the 10-year-old operating system nears the end of support in October 2025. “It’s five minutes to twelve to avoid a security fiasco for 2025,” explains ESET security expert Thorsten Urbanski. “We strongly advise all […]
Massive healthcare breaches prompt US cybersecurity rules overhaul
The U.S. Department of Health and Human Services (HHS) has proposed updates to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to secure patients’ health data following a surge in massive healthcare data leaks. These stricter cybersecurity rules, proposed by the HHS’ Office for Civil Rights (OCR) and expected to be published as […]
Kali Linux 2024.4 released with 14 new tools
Kali Linux has released version 2024.4, the fourth and final version of 2024, and it is now available with fourteen new tools, numerous improvements, and deprecates some features. Kali Linux is a distribution created for cybersecurity professionals and ethical hackers to perform penetration testing, ethical hacking, vulnerability research, security audits, and red team exercises. With this final […]
Bitfinex hacker gets 5 years in prison for 120,000 bitcoin heist
A hacker responsible for stealing 119,754 Bitcoin in a 2016 hack on the Bitfinex cryptocurrency exchange was sentenced to five years in prison by U.S. authorities. The man, Ilya Lichtenstein, was arrested in February 2022 in Manhattan following a lengthy investigation led by the IRS, HSI, and the FBI, which managed to recover roughly 80% of the […]
Fake AI video generators infect Windows, macOS with infostealers
Fake AI image and video generators infect Windows and macOS with the Lumma Stealer and AMOS information-stealing malware, used to steal credentials and cryptocurrency wallets from infected devices. Lumma Stealer is a Windows malware and AMOS is for macOS, but both steal cryptocurrency wallets and cookies, credentials, passwords, credit cards, and browsing history from Google Chrome, […]
EDRSilencer red team tool used in attacks to bypass security
A tool for red-team operations called EDRSilencer has been observed in malicious incidents attempting to identify security tools and mute their alerts to management consoles. Researchers at cybersecurity company Trend Micro say that attackers are trying to integrate EDRSilencer in attacks to evade detection. “Our internal telemetry showed threat actors attempting to integrate EDRSilencer in their […]