Cyber News & Articles

At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, merely by supplying an email address tied to an existing domain.

AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T said it delayed disclosing the incident in response to “national security and public safety concerns,” noting that some of the records included data that could be used to determine where a call was made or text message sent. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).

Despite first appearing earlier this year, RansomHub is already considered one of the most prolific ransomware groups in existence.

Read more in my article on the Tripwire State of Security blog.

The US Justice Department, working in coordination with Canadian and Dutch authorities, has seized two domain names which it claims were being used by Russian-backed hackers to spread disinformation on social media.

Read more in my article on the Hot for Security blog.

Execs at a health tech startup are sentenced to jail after a massive ad fraud, and a school is shaken after teachers are targeted via TikTok.

All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

The Russia-based cybercrime group dubbed “Fin7,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 — setting up thousands of websites mimicking a range of media and technology companies — with the help of Stark Industries Solutions, a sprawling hosting provider is a persistent source of cyberattacks against enemies of Russia.

Microsoft Corp. today issued software updates to plug 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users.

In episode six of The AI Fix, our hosts discover an unusual place to put a traffic cone, Mark learns why Americans should pretend to be from Brazil, and Graham discovers a way to make any situation much, much worse. Graham inflicts his terrible Australian accent on Mark while explaining bot-on-bot crime, and Mark tells … Continue reading “The AI Fix #6: AI lobotomies, and bots scam scam bots”

A ransomware attack by the BlackSuit gang against South Africa’s National Health Laboratory Service (NHLS) has put lives at risk and created chaos for healthcare services across the country.

Read more in my article on the Hot for Security blog.

OpenAI’s ever-so-clever ChatGPT’s software was doing something really-rather-stupid: storing users’ chats on their Mac computers in plaintext.

Read more in my article on the Hot for Security blog.