Security

Dangerous new Nnice ransomware laughs at victims by replacing file extensions with ‘.xdddd’

A new ransomware variant has appeared on various underground forums. The CYFIRMA Research and Advisory team has reported on Nnice Ransomware, which employs advanced encryption techniques and sophisticated methods for evasion and persistence.
Read more about Dangerous new Nnice ransomware laughs at victims by replacing file extensions with ‘.xdddd’

FBI and CISA alert software vendors: stop hardcoding secrets, use secure cryptography

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are urging vendors to prioritize security to reduce customer risk. The updated guidance for critical software vendors adds three bad practices and other recommendations.
Read more about FBI and CISA alert software vendors: stop hardcoding secrets, use secure cryptography

US Treasury sanctions Chinese cybersecurity firm and hacker behind US network breaches

A cybersecurity company from Sichuan and a hacker from Shanghai recently hacked multiple major US telecoms and internet service providers and compromised the network infrastructure.
Read more about US Treasury sanctions Chinese cybersecurity firm and hacker behind US network breaches

How to disable Apple Intelligence features and why you should do it

Users aren’t satisfied with the Apple Intelligence features, so here’s how to turn them off.
Read more about How to disable Apple Intelligence features and why you should do it

Hacker withdraws from Anonymous: it was overwhelming

One of the primary reasons I had to withdraw from Anonymous was the overwhelming number of CSAM links and screenshots.
Read more about Hacker withdraws from Anonymous: it was overwhelming

Supreme Court upholds law to ban TikTok this Sunday

The US Supreme Court on Friday handed down its decision to uphold a bipartisan law requiring ByteDance, the Chinese-owned parent company of TikTok, to divest from the app or cease operations in the US on Sunday, January 19th.
Read more about Supreme Court upholds law to ban TikTok this Sunday

Europol-led operation is going after criminals’ wallets

Project A.S.S.E.T. – Asset Search and Seize Enforcement Taskforce – ended on January 17th, 2025, and identified dozens of properties, over 220 bank accounts, and millions in assets.
Read more about Europol-led operation is going after criminals’ wallets

Cyber pros skeptical of Biden’s last-minute cybersecurity executive order

President Joe Biden signed a broad executive order on cybersecurity aimed at containing malicious cyber-enabled threats, such as attacks against critical infrastructure, ransomware, other intrusions, and sanction evasion. The document expands the criteria to designate individuals and entities for sanctions.
Read more about Cyber pros skeptical of Biden’s last-minute cybersecurity executive order

AT&T hack exposes agents’ call logs leaving FBI scrambling

The FBI is racing to safeguard the identities of confidential informants after their numbers were exposed in an AT&T breach last April, Bloomberg News reported on Thursday.
Read more about AT&T hack exposes agents’ call logs leaving FBI scrambling

Huge “zombie” MikroTik router botnet spreads malware and obscures Russian hackers

Cybercriminals with links to Russia are running a large-scale hacking operation, sending spoofed emails and delivering trojan malware. They’re hiding behind a smokescreen – a botnet of at least 13,000 compromised MikroTik internet routers acting as proxies.
Read more about Huge “zombie” MikroTik router botnet spreads malware and obscures Russian hackers

FTC scolds GoDaddy for neglecting basic cybersecurity

GoDaddy, a major website hosting provider, failed to secure its website hosting services for years, the Federal Trade Commission (FTC) alleged in a complaint. The company settled to implement a 'robust information security program' and will not face any monetary penalties.
Read more about FTC scolds GoDaddy for neglecting basic cybersecurity

One in ten AI prompts puts sensitive data at risk

Almost half of the sensitive data employees enter into tools like ChatGPT or Perplexity includes sensitive customer information, a new study has found.
Read more about One in ten AI prompts puts sensitive data at risk

Major leak exposes 1.5 billion Weibo, DiDi, Shanghai Communist Party, and others’ records

One of the largest data leaks involving mostly Chinese nationals includes a colossal 1.5 billion records, with full names and government ID numbers exposed.
Read more about Major leak exposes 1.5 billion Weibo, DiDi, Shanghai Communist Party, and others’ records

Cl0p ransom gang says ‘contact us’ or we'll publish data of 59 Cleo victims

In a deja-vu of the MOVEit hacks, the Cl0p ransomware gang has threatened to publish the data of 59 companies it compromised in a December breach of the Cleo file transfer platform – unless those companies start engaging in ransom negotiations by Friday.
Read more about Cl0p ransom gang says ‘contact us’ or we'll publish data of 59 Cleo victims

Hackers are stealing Google Ads accounts to publish fake ads in a perpetual cycle

Cybercriminals from Brazil and Asia are placing malicious ads on Google that impersonate the company's own Google Ads platform. Users are tricked into providing their login credentials, feeding a perpetual cycle that allows criminals to compromise and sell even more accounts.
Read more about Hackers are stealing Google Ads accounts to publish fake ads in a perpetual cycle

Room for error: European hotel chain exposes millions of guests' data

Arrival times, price paid, and contact details – over 24 million records with sensitive data were left passwordless online, putting hotel customers at risk.
Read more about Room for error: European hotel chain exposes millions of guests' data

AI email guardian hamstrung by powerful QR code and CAPTCHA combo cyberattack

La Roux duo might be bulletproof, as per their hit song, but artificial intelligence (AI) is not. At least not when it’s a sole defender of email against phishing emails.
Read more about AI email guardian hamstrung by powerful QR code and CAPTCHA combo cyberattack

US officials admit to IT bribery scheme

Government officials were among those who pleaded guilty in an ongoing bid-rigging, fraud, and bribery probe related to US government IT purchases.
Read more about US officials admit to IT bribery scheme