North Korean hackers have reportedly stolen a total of $3bn in cryptocurrency since 2017, as revealed in a recent report by Recorded Future’s Insikt Group. The revelation underscores the prolonged engagement of the regime in the cryptocurrency sector, transitioning from targeting financial institutions through the SWIFT network to a broader strategy during the 2017 cryptocurrency
Month: November 2023
Nov 30, 2023NewsroomMachine Learning / Email Security Google has revealed a new multilingual text vectorizer called RETVec (short for Resilient and Efficient Text Vectorizer) to help detect potentially harmful content such as spam and malicious emails in Gmail. “RETVec is trained to be resilient against character-level manipulations including insertion, deletion, typos, homoglyphs, LEET substitution, and
Digital Security The technology is both widely available and well developed, hence it’s also poised to proliferate – especially in the hands of those wishing ill Cameron Camp 29 Nov 2023 • , 2 min. read Who would be to blame if your plane got tricked into flying into a war zone? If GPS gets
PDD, the firm behind the fast-growing shopping app Temu, is shaking up China’s Big Tech club. On Thursday, news of Alibaba’s market cap sliding under that of PDD made headlines all over the Chinese internet. This development marked a historic shift in China’s e-commerce space, where for years Alibaba had held the crown jewel. Now
Amazon Web Services is live in Las Vegas for its AWS re:Invent event. We expect a rapid-fire stream of announcements and unveilings of recent things it’s been working on. We know you might not have time to watch the whole thing, so we’re taking that on for the next few days and will deliver quick
While Okta initially confirmed that a support case management system breach affected only 1% of its customers, further analysis revealed that threat actors accessed information for all customers and some Okta employees. Last month, Okta CSO David Bradbury confirmed that attackers used stolen credentials to infiltrate the vendor’s support case management system and view troubleshooting
Threat actors have been observed exploiting a critical vulnerability, CVE-2023-46604, in Apache systems. Over the past few weeks, Fortiguard Labs identified multiple threat actors leveraging this vulnerability to unleash several malware strains. Among the discoveries is the emergence of a newly discovered Golang-based botnet named GoTitan. This sophisticated botnet has raised concerns due to its ability
Nov 29, 2023NewsroomCyber Attack / Hacking The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that it’s responding to a cyber attack that involved the active exploitation of Unitronics programmable logic controllers (PLCs) to target the Municipal Water Authority of Aliquippa in western Pennsylvania. The attack has been attributed to an Iranian-backed hacktivist collective known
Business Security While it may be too late to introduce wholesale changes to your security policies, it doesn’t hurt to take a fresh look at where the biggest threats are and which best practices can help neutralize them Phil Muncaster 28 Nov 2023 • , 6 min. read The holiday shopping season has begun in
Prosus has marked down the valuation of Byju’s, India’s most valuable startup, to below $3 billion, the investment giant’s executives said on an earnings call Wednesday even as they asserted that they remain bullish on the opportunities in the South Asian market. The Bengaluru-headquartered startup, which has raised over $5 billion in equity and debt
“When is a bot a person?,” my colleague Kirsten asked after I learned that Polestar’s climate bot is more human than machine. Polestar launched its “Truth Bot” on X (formerly Twitter) ahead of COP28, the UN climate conference overseen by an oil executive. The Truth Bot replies to misleading tweets about the climate crisis and
Security researchers have uncovered the continuation and expansion of an Android mobile banking Trojan campaign targeting major Iranian banks. Initially discovered in July 2023, the campaign has not only persisted but has also evolved with enhanced capabilities, according to a new report by Zimperium malware analysts Aazim Bill SE Yaswant and Vishnu Pratapagiri. A prior
Nov 28, 2023The Hacker NewsData Security / Posture Management As cloud technology evolves, so does the challenge of securing sensitive data. In a world where data duplication and sprawl are common, organizations face increased risks of non-compliance and unauthorized data breaches. Sentra’s DSPM (Data Security Posture Management) emerges as a comprehensive solution, offering continuous discovery
Meta’s shiny new bid to circumvent European Union privacy rules — by offering users a false choice between paying it a hefty monthly subscription for ad-free versions of Facebook and Instagram or agreeing to give up their privacy rights in exchange for free access to its social networks, meaning they will be tracked and profiled
Scams, Cybercrime The holiday shopping season may be the time to splurge, but it’s a also favorite time of year for cybercriminals to target shoppers with phony deals, phishing scams and other threats Phil Muncaster 27 Nov 2023 • , 5 min. read The holiday shopping season is in full swing. It involves a seemingly
Last week, the Ukrainian government fired two of its top cybersecurity officials, who are accused of embezzlement. Now, one of them has been detained. Ukraine’s senior cabinet official Taras Melnychuk announced the firings in a public post on Telegram last week. The two officials are Yurii Shchyhol, head of Ukraine’s State Special Communications Service of
Fidelity National Financial (FNF) has disclosed a cybersecurity incident that prompted the company to take down certain systems. The company made the announcement in a recent Form 8-K filing with the Securities and Exchange Commission (SEC) dated November 19 2023. A prominent player in the real estate and mortgage industry, FNF said it initiated an immediate
Nov 27, 2023NewsroomServer Security / Encryption A new study has demonstrated that it’s possible for passive network attackers to obtain private RSA host keys from a vulnerable SSH server by observing when naturally occurring computational faults that occur while the connection is being established. The Secure Shell (SSH) protocol is a method for securely transmitting
ByteDance’s gaming ambition has been an expensive, short-lived pursuit. In late 2021, the TikTok parent’s plans for video games came into the spotlight after it became one of the firm’s six core business units, posing a new threat to incumbents such as Tencent and NetEase and rising star MiHoYo. Nonetheless, after two years of tepid
“What controversy?” said the journalist from a global mainstream television outlet to me at the Web Summit Media Dinner, earlier this month in Lisbon. For all the heat and light, the gnashing of teeth, the tearing of clothes and the clutching of pearls, the big technology conference had seemingly managed to pull itself out of
CISA announced that it’s relaunching the Cybersecurity Insurance and Data Analysis Working Group amid surging cyber insurance premiums and an increasingly dangerous threat landscape. In a blog post Monday, CISA Deputy Director Nitin Natarajan revealed that the agency reestablished the Cybersecurity Insurance and Data Analysis Working Group (CIDAWG) initiative last week during a conference on
Security researchers have warned of triple-digit increase in the volume of phishing emails designed to trick shoppers, ahead of the Black Friday online sales bonanza which starts today. For the past few years, the Amazon-inspired event has signaled the unofficial start of the busy shopping season running through to the end of December. However, it
Nov 25, 2023NewsroomData Security / Vulnerability The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to disclose sensitive information and modify files. A brief description of the vulnerabilities is as follows – Disclosure of sensitive credentials and configuration in containerized deployments impacting graphapi versions from
Now that the OpenAI leadership saga has died down, startup founders building with AI can get back to work building the future. If that’s you, TechCrunch+ has a pile of notes, opinion pieces and forward-looking stories with your name on them. Sure, TechCrunch+ is a lot more than AI-related coverage, but we are also going
Video ESET’s research team reveals details about the onboarding process of the Telekopye scam operation and the various methods that the fraudsters use to defraud people online 24 Nov 2023 How do aspiring fraudsters become members of a scam operation that helps them defraud people on online marketplaces? ESET researchers recently discovered and analyzed Telekopye,
Hey, folks, welcome to Week in Review (WiR), TechCrunch’s regular recap of the past few days in tech. The headlines have been dominated — nay, overwhelmed — by the drama unfolding at AI startup OpenAI, but plenty else happened in the half-week leading up to Thanksgiving. So much for a sleepy pre-holiday! In this edition
Security researchers have found a way to bypass the popular Windows Hello fingerprint authentication technology, after discovering multiple vulnerabilities. Microsoft’s Offensive Research and Security Engineering (MORSE) asked Blackwing Intelligence to evaluate the security of the top three fingerprint sensors embedded in laptops. The firm studied a Dell Inspiron 15, a Lenovo ThinkPad T14 and a Microsoft
Nov 25, 2023NewsroomCyber Attack / Threat Intelligence An unspecified government entity in Afghanistan was targeted by a previously undocumented web shell called HrServ in what’s suspected to be an advanced persistent threat (APT) attack. The web shell, a dynamic-link library (DLL) named “hrserv.dll,” exhibits “sophisticated features such as custom encoding methods for client communication and
On a weekday afternoon at Red Rock Coffee, the cafe known for spotting venture capitalists in Silicon Valley, one is likely to overhear a few conversations in Mandarin. Since China reopened its border this spring after three years of COVID-19 restrictions, managers of U.S. funds in the country have been flocking to the Bay Area.
Thanksgiving Thursday, when stores in the U.S. are closed and many are spending time off work, has become the de facto start of the holiday shopping season both for those looking to bargains online, and for online retailers to kick off holiday sales deals to meet that demand. But if there is a message from
- 1
- 2
- 3
- …
- 5
- Next Page »