Cybersecurity
Latest
Proton Mail’s paid users will now get alerts if their info has been posted on the dark web
Proton Mail has introduced Dark Web Monitoring, which will keep them informed of breaches or leaks they may have been affected by. The feature is only available to paying users at this time.
AT&T resets millions of customers’ passcodes after account info was leaked on the dark web
AT&T says 7.6 million current customers were affected by a recent leak in which sensitive data was released on the dark web, along with 65.4 million former account holders. As first reported by TechCrunch, the company has reset the passcodes of affected accounts.
US officials believe Chinese hackers lurk in critical infrastructure
By lurking behind the scenes of transportation, water, electricity and other important systems, the hackers have the opportunity to strike whenever they deem the time is right, US officials say in a 50-page report on the subject.
CBS and Paramount’s parent company reports hack affecting over 80,000 people
National Amusements, CBS and Paramount’s parent company, confirmed a year-old hack this month affecting 82,128 people. TechCrunch first reported on the breach, revealed in a company legal filing with Maine’s Attorney General under a 2005 state digital privacy law.
Ubisoft reportedly stopped hackers from stealing 900GB of data in a breach this week
VX-Underground shared this week that hackers were able to breach Ubisoft's internal services in an attempt to exfiltrate 900GB of data. Ubisoft shut down the breach after 48 hours, and told BleepingComputer it's investigating the incident.
Xfinity breach may have affected as many as 35.8 million customers
Xfinity says it suffered a data breach in October with attackers likely obtaining usernames, hashed passwords and potentially other sensitive information.
Here’s everything you should do to up your security before next year
Here's a quick holiday checklist you and your loved ones can spend an hour doing during your holiday downtime to set up for a more secure year.
23andMe hackers accessed ancestry information on millions of customers using a feature that matches relatives
Biotech company 23andMe first disclosed a data breach affecting a portion of its customers back in October. The information was obtained in a credential stuffing attack. An SEC filing now reveals roughly 14,000 accounts were accessed, along with information on millions of users participating in the DNA Relatives feature.
Hackers use a new SEC rule to snitch on the company they infiltrated
A hacking group deployed a surprising tactic after infiltrating a financial software company’s network. They reported the breach to the US Securities and Exchange Commission (SEC).
Discord is switching to expiring links for files shared off-platform
Discord told BleepingComputer it's switching away from permanent file links for files hosted on its network. When those files are shared elsewhere, the links will expire after 24 hours. Content shared within Discord itself won't be affected.
Ace Hardware's online ordering and other systems are still down due to a suspected cyberattack
Home improvement retailer Ace Hardware still can't take online orders as of Friday while it recovers from a cyberattack impacting almost 1,000 servers.
The EPA won't force water utilities to inspect their cyber defenses
The EPA is withdrawing its call to set regulations in place that would have required states to assess the cybersecurity and integrity of public water system programs.
The NSA has a new security center specifically for guarding against AI
The National Security Agency (NSA) is starting an artificial intelligence security center to safeguard our defense and intelligence systems. This should discourage bad actors from stealing or sabotaging currently-used AI models.
The US electrical grid is in desperate need of upgrades, watchdog warns
In a new report, the SAFE Grid Security Project warns the US grid faces increasing risks from extreme weather, cyberattacks, and inadequate infrastructure as energy demands grow more complex.
Clop ransomware gang obtained personal data of 45,000 New York City students in MOVEit hack
The New York City Department of Education has become the latest organization to disclose it had private data stolen as part of the far-reaching MOVEit file transfer software hack.
'Diablo IV' and other Blizzard games were down on Sunday due to a DDoS attack
If you had hoped to play Diablo IV this weekend, it appears someone is intent on ruining those plans.
Microsoft confirms June Outlook and OneDrive outages were caused by DDoS attacks
In early June, a group known as Anonymous Sudan took credit for a service outage that disrupted access to Outlook, OneDrive and a handful of other Microsoft online services. On Friday, the company confirmed a DDoS attack was behind the incident.
Hackers breach Philadelphia Inquirer ahead of Tuesday’s mayoral primary
This weekend, The Philadelphia Inquirer was hacked ahead of Tuesday’s Democratic mayoral primary. As a result, the newspaper had to cancel its Sunday edition, and it wasn’t clear until late Sunday afternoon that it could proceed with its Monday circulation. It’s the paper’s biggest disruption since 1996, when a blizzard that blanketed much of the eastern US made it impossible for staff to reach their offices. It isn’t yet known who is responsible for the cyberattack or if it was politically motivated.
Security researchers find LockBit ransomware can target macOS devices
LockBit gang, one of the most notorious ransomware players appears to have recently begun targeting Mac computers for the first time.
WhatsApp makes it harder for scammers to steal your account
WhatsApp's new Account Protect feature will ask you to use your old device to verify when you're moving your account to a new phone.