Palo Alto Networks CEO joins Uber board amid executive shakeup

FBI: Play ransomware breached 900 victims, including critical orgs

#cybersecurity #digitalhealth #cybercrime

Ransomware gang claims responsibility for Kettering Health hack

Lorenzo Franceschi-Bicchierai / techcrunch - A group of cybercriminals known as Interlock is advertising stolen data from Kettering Health, which includes patients’ data.

Interlock ransomware claims Kettering Health breach, leaks stolen data

Ransomware scum leak patient data after disrupting chemo treatments at Kettering

Ransomware gang claims responsibility for Kettering Health hack

9 months / techcrunch / Lorenzo Franceschi-Bicchierai

Ukraine strikes Russian bomber-maker with hack attack

Iain Thomson / theregister - Drones are not enough Following a daring drone attack on Russian airfields, Ukrainian military intelligence has reportedly also hacked the servers of Tupolev, the Kremlin's strategic bomber maker.…

#cybersecurity #defensetech #ukraine #russia

Ukraine strikes Russian bomber-maker with hack attack

9 months / theregister / Iain Thomson

Ukraine claims it hacked Tupolev, Russia’s strategic warplane maker

#cybersecurity #saas #infosec #cybercrime

Google: Hackers target Salesforce accounts in data extortion attacks

Bill Toulas / bleepingcomputer - Google has observed hackers claiming to be the ShinyHunters extortion group conducting social engineering attacks against multi-national companies to steal data from organizations' Salesforce platforms. [...]

Google warns of cybercriminals targeting Salesforce app to steal data, extort companies

9 months / therecord

Fake IT support calls hit 20 orgs, end in stolen Salesforce data and extortion, Google warns

Google: Hackers target Salesforce accounts in data extortion attacks

9 months / bleepingcomputer / Bill Toulas

Media giant Lee Enterprises says data breach affects 39,000 people

Sergiu Gatlan / bleepingcomputer - Publishing giant Lee Enterprises is notifying over 39,000 people whose personal information was stolen in a February 2025 ransomware attack. [...]

#cybersecurity #dataprivacy #infosec

Data breach at newspaper giant Lee Enterprises affects 40,000 people

9 months / techcrunch / Zack Whittaker

Media giant Lee Enterprises says data breach affects 39,000 people

Crims stole 40,000 people's data from our network, admits publisher Lee Enterprises

#cybersecurity #dataprivacy #scam

Cartier data breach prompts urgent customer alert

French luxury giant Cartier has confirmed a data breach exposing customer information, prompting the firm to warn clients about potential phishing scams. Though authorities assure that no highly sensitive data was compromised, the incident has rattled its upscale clientele, highlighting the irony of high-end security meeting human error.

Bling slinger Cartier tells customers to be wary of phishing attacks after intrusion

Cartier hit by data breach as cyberattacks on fashion brands surge

9 months / techmonitor / Aninda Chakraborty

NSO Group Fights WhatsApp Damages Ruling in Court

The spyware maker is battling a multi‐million-dollar damages verdict imposed in its dispute with WhatsApp. Claiming the award is outrageously high and aimed at bankrupting it, NSO Group is seeking a new trial to lower or overturn the financial penalty, adding another twist to its ongoing legal saga.

#cybersecurity #infosec #judiciary #law

Spyware co NSO appeals $168 million jury award to WhatsApp, saying it "grossly exceeds NSO’s ability to pay"+ jury wants to bankrupt firm. NSO: Fact that Pegasus "temporarily functioned by sending harmless messages through WhatsApp servers

9 months / bsky / @suzannesmalley.bsky.social / suzannesmalley.bsky.social

NSO appeals WhatsApp decision, says it can’t pay $168 million in ‘unlawful’ damages

9 months / therecord

NSO Group asks judge for new trial, calling $167 million in damages ‘outrageous’

9 months / techcrunch / Lorenzo Franceschi-Bicchierai

Microsoft and CrowdStrike link threat aliases

Microsoft and CrowdStrike have joined forces to end the alias ambiguity that has long frustrated cybersecurity experts. The partnership directly connects the multiple names used by the same hacking group, cutting through the confusion and streamlining threat intelligence efforts—with a touch of “finally, common sense” in the cybersecurity realm.

#cybersecurity #infosec #microsoft

Microsoft and CrowdStrike collaborate on shared threat actor mapping system

9 months / siliconangle / Duncan Riley

Microsoft and CrowdStrike finally fix the stupidest problem in cybersecurity

9 months / betanews / Brian Fagioli

Microsoft and CrowdStrike partner to link hacking group names

Plus: An Iranian man pleads guilty to a Baltimore ransomware attack, Russia’s nuclear blueprints get leaked, a Texas sheriff uses license plate readers to track a woman who got an abortion, and more. www.wired.com/story/trump-...

Probe Launched Into Hacked Phone of Trump’s Chief of Staff

Authorities are investigating an incident involving the hacking of Trump’s chief of staff’s phone, with allegations of a deepfake phishing campaign and unauthorized access to sensitive contacts. The breach raises serious concerns about the digital security of top political officials in today’s cyber-threat environment.

#cybersecurity #trump #doj #cybercrime

9 months / bsky / @wired.com / wired.com

A Hacker May Have Deepfaked Trump’s Chief of Staff in a Phishing Campaign #cybersecurity #hacking #news #infosec #security #technology #privacy www.wired.com/story/...

9 months / bsky / @ninjaowl.ai / ninjaowl.ai

A Hacker May Have Deepfaked Trump’s Chief of Staff in a Phishing Campaign

9 months / wired / Andy Greenberg, Matt Burgess, Lily Hay Newman

White House investigating how Trump’s chief of staff’s phone was hacked

9 months / techcrunch / Zack Whittaker

Apple Cracks Down on Fraudulent Apps with New 2024 Report

In 2024, Apple intensified its fight against fraudulent and low-quality apps by rejecting nearly two million submissions. Its transparency report detailed rejections, removals, and other key performance metrics that signal a robust crackdown on spam and software fraud across the App Store.

#cybersecurity #apple #apps #scam

Apple rejected nearly two million apps in 2024, cracking down harder than ever on fraud, spam, and low-effort software.

9 months / bsky / @appleinsider.com / appleinsider.com

Millions of apps were denied by Apple in 2024 amid fraud crackdown

9 months / appleinsider

Apple Shares 2024 App Store Data: Rejections, Removals, and More

9 months / macrumors / Juli Clover

German Authorities Unmask TrickBot/Conti Cybercrime Leader

In a determined crackdown, German law enforcement has unmasked the elusive mastermind behind the notorious TrickBot and Conti ransomware gangs. The investigation led to doxxing the figure known as “Stern,” exposing vulnerabilities in cyber operations and prompting international eyebrows to be raised over security coordination.

#cybersecurity #government #cybercrime #security

Germany doxxes Conti ransomware and TrickBot ring leader

Cops in Germany Claim They've ID'd the Mysterious Trickbot Ransomware Kingpin

9 months / wired / Matt Burgess, Lily Hay Newman

ConnectWise Hit by Coordinated Nation-State Cyberattacks

IT management firm ConnectWise confirmed that state-sponsored hackers breached its systems, affecting services including ScreenConnect. The sophisticated assault has raised serious cybersecurity concerns amidst ongoing nation-state activity, prompting a full-scale investigation to safeguard critical infrastructures.

#cybersecurity #infosec #government #cybercrime

ConnectWise breached in cyberattack linked to nation-state hackers

9 months / bleepingcomputer / Lawrence Abrams

ConnectWise says nation-state attack targeted multiple ScreenConnect customers

9 months / therecord

Asus Routers Ensnared in Persistent, Advanced Botnet Campaign

Thousands of Asus routers have reportedly been compromised by a sophisticated botnet exploiting enduring security vulnerabilities—even firmware updates appear powerless. Users are now left to question whether their once-trusted routers have been outsmarted in a digital cat-and-mouse game.

#cybersecurity #cybercrime

Thousands of Asus routers compromised by "ViciousTrap" backdoor

9 months / techspot

8,000+ Asus routers popped in 'advanced' mystery botnet plot

Check your ASUS router for a hidden hack that survives reboots & updates

9 months / appleinsider

9,000 Asus routers compromised by botnet attack and persistent SSH backdoor that even firmware updates can't fix

9 months / tomshardware

US Sanctions Funnull Technology for Cyber Scam Operations

US authorities have imposed sanctions on Southeast Asia’s Funnull Technology after allegations that it provided essential infrastructure for pig butchering crypto scams. The crackdown underscores that even well‐entrenched cyber scammers can’t dodge regulatory heat forever.

#cybersecurity #government #cybercrime #scam

Feds gut host behind pig butchering scams that bilked $200M from Americans

9 months / theregister / Iain Thomson

US government sanctions tech company involved in cyber scams

9 months / bsky / @techcrunch.com / techcrunch.com

The U.S. Treasury Department has sanctioned Funnull Technology, a Philippines-based company that supports hundreds of thousands of malicious websites behind cyber scams linked to over $200 million in losses for Americans.

9 months / bsky / @bleepingcomputer.com / bleepingcomputer.com

US government sanctions tech company involved in cyber scams

9 months / techcrunch / Lorenzo Franceschi-Bicchierai

Southeast Asian provider of ‘infrastructure laundering’ for scams is sanctioned by US

9 months / therecord

US sanctions firm linked to cyber scams behind $200 million in losses

#cybersecurity #infosec #business #cloth

Victoria’s Secret Faces Prolonged Security Outage

In a dramatic blow to its digital presence, Victoria’s Secret has battled a three‐day website blackout linked to a security incident, leaving customers—and perhaps their undergarments—up in the air. The retailer has yet to fully detail the breach, prompting both concern and raised brows among loyal shoppers.

Victoria’s Secret takes down website after security incident

Victoria's Secret website laid bare for three days after 'security incident'

9 months / theregister / Iain Thomson

Victoria’s Secret hit by outages as it battles security incident

9 months / techcrunch / Zack Whittaker, Lorenzo Franceschi-Bicchierai

Cerby Raises $40M to Automate Identity Security Solutions

Identity security startup Cerby has raised $40 million to further develop its automation solutions for nontraditional applications. The fresh funding is poised to accelerate growth, positioning the company as a key player in an increasingly complex cybersecurity landscape.

#vc #cybersecurity #automation #infosec

Identity security automation startup Cerby raises $40M

9 months / siliconangle / Kyt Dotson

LexisNexis breach exposes 364K personal records

A breach at LexisNexis Risk Solutions has reportedly exposed sensitive personal data, including Social Security numbers, for over 364,000 individuals. Security experts are now questioning the firm’s safeguards and the scope of the breach as regulatory bodies look into the incident with raised privacy concerns.

#cybersecurity #dataprivacy #security

Attack on LexisNexis Risk Solutions exposes data on 300k +

New, by me: Data broker giant LexisNexis has revealed that its risk solutions unit (think "know your customer," risk assessing, due diligence, and law enforcement assistance) was breached, affecting the personal data and Social Security numbers

9 months / bsky / @zackwhittaker.com / zackwhittaker.com

Data Brokers are not secure. This breach is the latest in a long line of failures, either in professionalism, process or technology. And there will be no consequences to the Data Broker. techcrunch.com/2025/05/28/d...

9 months / bsky / @buckwoodymsft.bsky.social / buckwoodymsft.bsky.social

Data broker giant LexisNexis says breach exposed personal information of over 364,000 people

9 months / bsky / @techcrunch.com / techcrunch.com

LexisNexis leaked social security numbers and other personal data for over 364,000 people

9 months / theverge / Emma Roth

Data broker giant LexisNexis says breach exposed personal information of over 364,000 people

9 months / techcrunch / Zack Whittaker

DragonForce ransomware exploits expose MSP vulnerabilities

In a cunning cyberattack, threat actors exploited SimpleHelp’s vulnerabilities to breach a managed service provider, resulting in notable data theft. The breach not only rattles cybersecurity experts but also underscores persistent weaknesses in MSP defenses, proving that even well-guarded systems have their Achilles’ heel.

#cybersecurity #infosec #cybercrime #scam

DragonForce exploits SimpleHelp in MSP breach

9 months / techmonitor / Pradeep Bairaboina

DragonForce double-whammy: First hit an MSP, then use RMM software to push ransomware

#cybersecurity #cybercrime

CISA Warns Of Commvault-Linked Cyber Threat Campaigns

CISA has issued alerts regarding emerging cyber risks tied to vulnerabilities in Commvault software. Officials warned about zero-day attacks and malicious campaigns targeting cloud applications, highlighting the urgent need for clients to bolster security measures amid increasingly sophisticated digital threats.

Commvault clients should beware of campaign targeting cloud applications, CISA says

9 months / therecord

CISA says SaaS providers in firing line after Commvault zero-day Azure attack