Pulse of Truth

Emmy-nominated filmmaker Cullen Hoback, known for exposing the authors of the QAnon conspiracy theory, is behind this latest investigation. The documentary will air on Tuesday at 9 p.m. EST.Read Entire Article

Irish data watchdog opens probe after 'numerous complaints' Ireland's Data Protection Commission (DPC) has launched an inquiry into Ryanair's Customer Verification Process for travelers booking flights through third-party websites or online travel agents (OTA).…

Radioactive hazards and cyber failings ... what could possibly go wrong? The outfit that runs Britain's Sellafield nuclear waste processing and decommissioning site has been fined £332,500 ($440,000) by the nation's Office for Nuclear Regulation (ONR) for its shoddy cybersecurity practices between 2019 and 2023.…

Comments

Over the weekend, Google removed Kaspersky's Android security apps from the Google Play store and disabled the Russian company's developer accounts. [...]

Repair scheme got Apple to replace 6K fake iPhones with real ones.

The ability to remain installed and undetected makes Perfctl hard to fight.

A growing number of organizations are taking longer to get back on their feet after an attack, and they're paying high price tags to do so — up to $2M or more.

The former county clerk suggested at her sentencing that God would get revenge against prosecutors because she's a "child of God."

A recently disclosed vulnerability in the Common Unix Printing System (CUPS) open-source printing system can be exploited by threat actors to launch distributed denial-of-service (DDoS) attacks with a 600x amplification factor. [...]

Off-the-shelf offensive security tools and poorly configured cloud environments create openings in the attack surface, according to Elastic. Adversaries are utilizing off-the-shelf tools Offensive security tools (OSTs), including Cobalt Strike and Metasploit, made up ~54% of observed malware alerts. The most prevalent malware family observed this year was Cobalt Strike, accounting for 27.02% of infections. Cobalt Strike is a very mature commercial post-exploitation framework with an experienced research and development team. It is so effective … More → The post Cybercriminals capitalize on poorly configured cloud environments appeared first on Help Net Security.

Fake trading apps on Google Play and Apple's App Store lure victims into "pig butchering" scams that have a global reach. [...]

Ivanti is advising administrators to get up to date on their patches following a new spell of exploits against Endpoint Manager (EPM).

Those of us old enough to remember BBS servers or even rainbow banners often go down the nostalgia hole about how the internet was better “back in the day” than …read more

Approximately 5% of all Adobe Commerce and Magento online stores, or 4,275 in absolute numbers, have been hacked in "CosmicSting" attacks. [...]

Linking Meta smart glasses to a face search engine can ID strangers in a glance.

While the storm could pose a threat to fragile electric systems, the National Oceanic and Atmospheric Administration says the danger is minor.

The notorious APT hacking group known as FIN7 launched a network of fake AI-powered deepnude generator sites to infect visitors with information-stealing malware. [...]

Cloudflare recently mitigated another record-breaking DDoS attack, peaking at 3.8 Tbps and 2.14 billion Pps.  The post Record-Breaking DDoS Attack Peaked at 3.8 Tbps, 2.14 Billion Pps appeared first on SecurityWeek.

Google, Microsoft and others have taken big steps towards error-free devices, hinting that quantum computers that solve real problems aren’t far away

    Illustration by Alex Castro / The Verge

T-Mobile is investing millions of dollars into revamping its cybersecurity practices as part of a settlement with the US Federal Communications Commission. The company will also need to pay the US Treasury $15.75 million in civil penalties — the same amount as its internal cybersecurity investment. The commission says this “groundbreaking” settlement will serve as a model for the industry. Data breaches at T-Mobile in the last few years have leaked social security numbers, addresses, and driver’s license numbers for millions of people. The settlement clears up several T-Mobile investigations involving cybersecurity incidents in 2021, 2022, and 2023. The FCC press release says, “...these investigations developed evidence that the breaches...

Continue reading…

The U.S. government has indicted a co-owner of a Minnesota IT company for his participation in an international conspiracy to sell forged license keys for networking devices. [...]

And what looks like proof stolen data was never deleted even after ransom paid Building on the success of what's known around here as LockBit Leak Week in February, the authorities say they've arrested a further four individuals with ties to the now-scuppered LockBit ransomware empire.…

With hundreds of courts and agencies affected, chances are one near you is, too.