Air Company, a startup that turns carbon dioxide into things like perfume, vodka, hand sanitizer and aviation fuel, is now on the U.S. Defense Department’s payroll, so to speak. The JetBlue and Toyota-backed company struck an up-to $65 million deal to help the Air Force capture CO2 and turn it into “sustainable” aviation fuel on
Month: February 2023
Threat actors are shifting away from traditional ransomware and toward malware-free cyber attacks, according to a new report from CrowdStrike. The cybersecurity vendor this week published its “2023 Global Threat Report,” which annually compiles CrowdStrike’s research related to cybercrime, or “eCrime,” from the previous year. Major topics covered in the 2023 report include malware-free extortion
Security researchers have recorded a 76% year-on-year (YoY) increase in financial losses stemming from phishing attacks, as sophisticated tactics and user knowledge gaps give threat actors the upper hand. Proofpoint compiled its 2023 State of the Phish report from interviews with 7500 consumers and 1050 IT security professionals across 15 counties, as well as 135
by Paul Ducklin There’s no date on the update, but as far as we can make out, LastPass just [2023-02-27] published a short document entitled Incident 2 – Additional details of the attack. As you probably remember, because the bad news broke just before the Christmas holiday season in December 2022, LastPass suffered what’s known
As digital transformation takes hold and businesses become increasingly reliant on digital services, it has become more important than ever to secure applications and APIs (Application Programming Interfaces). With that said, application security and API security are two critical components of a comprehensive security strategy. By utilizing these practices, organizations can protect themselves from malicious
The OnePlus that was founded in 2013 was a cautious company, deliberate in its release schedule. The Shenzhen-based firm would announce one to two phones a year, not hung up on being the first to market with new features. It was a cadence that allowed the company to distinguish itself, in part, through pricing, with
TikTok has been banned from government-issued mobile devices in Canada, the country’s Treasury Board announced Monday. Taking effect on February 28, this block follows similar actions taken by the European Commission and some state governments in the U.S. The European Commission issued their directive to remove TikTok from government devices late last week. That same
Decentralized identity has been getting attention as a way of addressing the shortcomings of centralized identity. But what does decentralized identity really mean? And how would managing centralized identities differ from managing decentralized identities? Learn about centralized vs. decentralized identity management, as well as the advantages and disadvantages of each from two viewpoints: organizations that
A business magnate and major political donor has been indicted for masterminding a “massive” $2bn scheme to defraud regulators and thousands of insurance policyholders. Greg Lindberg, 53, of Durham, North Carolina, allegedly conspired with others between 2016 and 2019 to invest nearly $2bn in multiple insurance companies – many of which have since 2019 apparently
by Paul Ducklin Thanks to Tommy Mysk and Talal Haj Bakry of @mysk_co for the impetus and information behind this article. The duo describe themselves as “two iOS developers and occasional security researchers on two continents.” In other words, although cybersecurity isn’t their core business, they’re doing what we wish all programmers would do: not
Feb 27, 2023Ravie LakshmananBrowser Security / Malware A new ChromeLoader malware campaign has been observed being distributed via virtual hard disk (VHD) files, marking a deviation from the ISO optical disc image format. “These VHD files are being distributed with filenames that make them appear like either hacks or cracks for Nintendo and Steam games,”
Planet Computers turned heads when it arrived on the scene almost exactly five years ago. The London-based hardware startup was banking on a bit of nostalgia for the days of tactile mobile keyboards, as it attempted to drag the PDA kicking and screaming into the 21st century with the Gemini. 2020’s Astro Slide 5G followed
Twitter has laid off at least another 50 employees, according to a report from The Information and posts on social media from former workers. And apparently not even Elon Musk loyalist Esther Crawford, the chief executive of Twitter payments who oversaw the company’s Twitter Blue verification subscription, was spared, according to Platformer’s Zoë Schiffer. Alex
The US Cybersecurity and Infrastructure Security Agency (CISA) warned nations’ defenders yesterday against disruptive and defacement attacks today. These, the agency said on Thursday, may spur from attempts to sow chaos and societal discord on the anniversary of Russia’s 2022 invasion of Ukraine. “In response to the heightened geopolitical tensions resulting from Russia’s full-scale invasion
Feb 24, 2023The Hacker NewsCybersecurity Webinar / SaaS Security Are you prepared to tackle the top SaaS challenges of 2023? With high-profile data breaches affecting major companies like Nissan and Slack, it’s clear that SaaS apps are a prime target for cyberattacks. The vast amounts of valuable information stored in these apps make them a
SMBs need to not only reduce their odds of being hit by an attack, but also implement processes that they can follow if their defenses are breached The prevalence of cyberattacks continues to rise, with our telemetry showing a 13% increase in cyberthreat detections in 2022 year-on-year. While the news tends to feature breaches involving
Welcome back to This Week in Apps, the weekly TechCrunch series that recaps the latest in mobile OS news, mobile applications and the overall app economy. The app economy in 2023 hit a few snags, as consumer spending last year dropped for the first time by 2% to $167 billion, according to data.ai’s “State of
It’s Friday (or should I say, Fri-yay.) You’ve made it. Give yourself a pat on the back — and then go read the rest of this issue of Week in Review, TechCrunch’s newsletter summing up the past seven days in tech (sign up here to get it directly in your inbox every Saturday). I’ll continue
ESET Research has compiled a timeline of cyberattacks that used wiper malware and have occurred since Russia’s invasion of Ukraine in 2022 This blogpost presents a compiled overview of the disruptive wiper attacks that we have observed in Ukraine since the beginning of 2022, shortly before the Russian military invasion started. We were able to
Incident response planning and the development of incident handling procedures are core to any effective information security program. As enterprise cloud use becomes more ubiquitous, it’s more important than ever to include the cloud in the incident response process. What is cloud incident response? Incident response, in general, encompasses plans, processes and controls that help
Google Play Store’s new Data Safety labels have been criticized for being inaccurate in nearly 80% of cases. The claims come from Mozilla’s *Privacy Not Included researchers, who published a new study about them on Thursday. “[We] found that the labels were false or misleading based on discrepancies between the apps’ privacy policies and the
Feb 24, 2023Ravie LakshmananMobile Security / Firmware Google said it’s working with ecosystem partners to harden the security of firmware that interacts with Android. While the Android operating system runs on what’s called the application processor (AP), it’s just one of the many processors of a system-on-chip (SoC) that cater to various tasks like cellular
To get a roundup of TechCrunch’s biggest and most important stories delivered to your inbox every day at 3 p.m. PST, subscribe here. Folks, we’ve got some really sad news for you. The weekend is here, which means that you have to stop working for a couple days. We know, it’s a tragedy. But don’t
The PlayStation VR2 is a simultaneously exciting and disappointing development in the virtual reality space. Well-specced, easy to set up and reasonably light and comfortable, Sony’s latest still can’t shake the fundamental issues that have prevented VR from going mainstream: a lack of compelling content and despite a brand new 4K OLED display, distracting image
With the conflict in Ukraine passing the one-year mark, have its cyber-war elements turned out as expected? It’s been twelve months since Russia invaded Ukraine, and it’s a good time to pause and reflect on a few pertinent issues, including: How is the war playing out in cyberspace? Have the cyber-elements turned out as expected?
Russia’s invasion of Ukraine has disrupted the vast cybercrime underground operating from the country, thanks to mobilization of some threat actors and the emigration of others, according to Recorded Future. The threat intelligence firm’s new report, Russia’s War Against Ukraine Disrupts the Cybercriminal Ecosystem, is compiled from analysis of dark web sources. The cybersecurity vendor
by Paul Ducklin LEARNING FROM OTHERS The first search warrant for computer storage. GoDaddy breach. Twitter surprise. Coinbase kerfuffle. The hidden cost of success. Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin Intro and outro music by Edith Mudge. You
Feb 24, 2023Ravie LakshmananPrivacy / Data Safety An investigation into data safety labels for Android apps available on the Google Play Store has uncovered “serious loopholes” that allow apps to provide misleading or outright false information. The study, conducted by the Mozilla Foundation as part of its *Privacy Not Included initiative, compared the privacy policies
Amazon is joining the Indian government-backed e-commerce initiative that seeks to “democratize” online shopping in the South Asian market and amusingly challenge the very dominance of companies such as the American retail group. In a statement on Friday, Amazon said it will integrate its logistics network and SmartCommerce, its platform to digitize neighborhood stores, to
The targeted region, and overlap in behavior and code, suggest the tool is used by the infamous North Korea-aligned APT group ESET researchers have discovered one of the payloads of the Wslink downloader that we uncovered back in 2021. We named this payload WinorDLL64 based on its filename WinorDLL64.dll. Wslink, which had the filename WinorLoaderDLL64.dll,
- 1
- 2
- 3
- …
- 6
- Next Page »