Security News

US authorities have named Iran as the likely source of a recent attack on the campaign of the US Republican Party's presidential nominee, Donald Trump. One of those efforts, the statement asserts, resulted in compromise of the Trump campaign and subsequent leaking of documents.

Toyota confirmed that its network was breached after a threat actor leaked an archive of 240GB of data stolen from the company's systems on a hacking forum. [...]

Unpatched MS Office flaw may leak NTLM hashes to attackersA new MS Office zero-day vulnerability can be exploited by attackers to grab users' NTLM hashes, Microsoft has shared late last week. Key metrics for monitoring and improving ZTNA implementationsIn this Help Net Security interview, Dean Hamilton, CTO at Wilson Perumal & Company, discusses the complexities of zero trust network access implementation, focusing on balancing security with operational efficiency.

According to USDoD, the stolen data was collected by NPD between 2019 and 2024. After weeks of silence, and countless people starting to get alerts from privacy and anti-fraud services that their personal info has been leaked, NPD has, in cagey language, confirmed it was compromised and that its data was stolen and shared.

A new MS Office zero-day vulnerability can be exploited by attackers to grab users' NTLM hashes, Microsoft has shared late last week. Once attackers get a victim's NTLM hash, they can relay it another service and authenticate as the victim.

Almost 2.7 billion records of personal information for people in the United States were leaked on a hacking forum, exposing names, social security numbers, all known physical addresses, and...

An unnamed Fortune 50 corporation paid a stonking $75 million to a ransomware gang to stop it leaking terabytes of stolen data. In September 2023, Dark Angels used a RagnarLocker variant to encrypt international conglomerate Johnson Controls' data, and demanded a $51 million ransom.

Infosec in brief Protecting computers' BIOS and the boot process is essential for modern security - but knowing it's important isn't the same as actually taking steps to do it. Take the research published last week by security boffins at firmware security vendor Binarily.

The entire database for the notorious BreachForums v1 hacking forum was released on Telegram Tuesday night, exposing a treasure trove of data, including members' information, private messages,...

Microsoft has released the July 2024 preview update for Windows 10, version 22H2, with fixes for Windows Defender Application Control issues causing app crashes and system memory exhaustion. KB5040525 is a monthly optional cumulative update that helps Windows administrators test fixes and improvements that will be included with the August 2024 Patch Tuesday release.