48-page report citing Ars Technica urges FTC, FCC investigate connected TV data harvesting. Gen AI, potentially racially discrimniatory practices head concerns.

Ukrainian national Mark Sokolovsky has pleaded guilty to his involvement in the Raccoon Stealer malware-as-a-service (MaaS) cybercrime operation.

An international law enforcement operation led to the arrest of one of the three administrators of the dual dark web market 'Bohemia/Cannabia,' known for hosting ads for drug sales and distributed denial of service (DDoS) attacks.

Universal Music Group is informing hundreds of individuals about a recent data breach impacting personal information.

The money transfer giant said hackers also stole some customer Social Security numbers during the September cyberattack.

1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies - zendesk.md

ESET Research shares new findings about Telekopye, a scam toolkit used to defraud people on online marketplaces, and newly on accommodation booking platforms.

Pokemon developer Game Freak hit with big hack, leaking source code news about MMO-like game Synapse with ILCA, and more.

A cyber security expert warns the hack, uncovered by i, presents a 'terrible threat to public health safety'

The breach does not appear to impact the main consumer Verizon network, and instead involves the company’s push to talk (PTT) product, marketed to public sector agencies and enterprises.

It's hard enough creating one air-gap-jumping tool. Researchers say the group GoldenJackal did it twice in five years.

Microsoft has officially deprecated the Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP) in future versions of Windows Server, recommending admins switch to different protocols that offer increased security.
#Deprecated #L2TP #Microsoft #PPTP #Server #VPN #Windows

"It could have been worse," one owner incredibly concluded.

National Public Data, a company responsible for a massive leak of Social Security numbers in the summer, has filed for bankruptcy. That's unsurprising.

The FBI and Microsoft have seized more than 100 web domains they say Russian intelligence used for cyber-espionage, according to court documents unsealed Thursday.

Internet Archive's "The Wayback Machine" has suffered a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records.

News of the breach began circulating Wednesday afternoon after visitors to archive.org began seeing a JavaScript alert created by the hacker, stating that the Internet Archive was breached.

Following the publication of my blog post A Practical Guide to PrintNightmare in 2024, a few people brought to my attention that there was a way to bypass the Point and Print (PnP) restrictions recommended at the end. So, rather than just updating this article with a quick note, I decided to dig a little deeper, and see if I could find a better way to protect against the exploitation of PnP configurations.

A case study on advanced fuzzing techniques for network services.

Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities, and include business email compromise (BEC) attacks.

Chatbot companion platform muah.ai was hacked and had its chatbot prompts stolen.