Security News

Some smart folks have found a way to automatically unscramble documents encrypted by the Rhysida ransomware, and used that know-how to produce and release a handy recovery tool for victims. Rhysida is a newish ransomware gang that has been around since May last year.

We're very familiar with the many projects in which Raspberry Pi hardware is used, from giving old computers a new lease of life through to running the animated displays so beloved by retailers. The technique was published in a YouTube video over the weekend and demonstrated how a Raspberry Pi Pico can be used to gain access to a BitLocker-secured device in under a minute, provided you have physical access to the device.

Microsoft on Wednesday said it obtained a court order to seize infrastructure set up by a group called Storm-1152 that peddled roughly 750 million fraudulent Microsoft accounts and tools through a...

The U.S. government has announced the seizure of 17 website domains used by North Korean information technology (IT) workers as part of an illicit scheme to defraud businesses across the world,...

In an ironic twist, Rockstar Games reportedly uses pirated software cracks to remove its DRM from some games they sell on Steam. [...]

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

Simply put, the CVE-2023-32784 vulnerability means that a KeePass master password might be recoverable from system data even after the KeyPass program has exited, because sufficient information about your password might get left behind in sytem swap or sleep files, where allocated system memory may end up saved for later. A long-term password leak in memory also means that the password could, in theory, be recovered from a memory dump of the KeyPass program, even if that dump was grabbed long after you'd typed the password in, and long after the KeePass itself had no more need to keep it around.

Police have arrested 69 people alleged to have used bots to book up nearly all of Spain's available appointments with immigration officials, and then sold those meeting slots for between €30 and €200 to aspiring migrants. Those arrested include the four alleged leaders of the crime ring, plus lawyers, managers, advisors, recruiters, and intermediaries, who reportedly received "Large amounts of money" from the sale of the immigration appointments.

European police arrested three people in Belgrade described as "The biggest" drug lords in the Balkans in what cops are chalking up to another win in dismantling Sky ECC's encrypted messaging app last year. Sky ECC was a subscription-based, end-to-end encrypted messaging app made by Sky Global and bundled on Google, Apple, Nokia, and BlackBerry handsets stripped of their GPS units, cameras, and microphones - the idea being that you could chat via text with other users without fear of being snooped on by the cops and others.

"We will need to be persistent as we work to take down the cracked, legacy copies of Cobalt Strike hosted around the world," said Amy Hogan-Burney, the head of Microsoft's Digital Crimes Unit. Last Friday, March 31, the U.S. District Court for the Eastern District of New York issued a court order allowing the coalition to seize the domain names and take down the IP addresses of servers hosting cracked versions of Cobalt Strike.