Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Popular Topics
#General #Development #Mobile Development #Cloud & DevOps #Cybersecurity & Privacy #AI & Data Science #Hardware & Gadgets #Design & UXFriday Squid Blogging: Opioid Alternatives from Squid Research
Is there nothing that squid research can’t solve? “If you’re working with an organism like squid that can edit genetic information way better than any other organism, then it makes sense that that might be useful for a therapeutic application like deadening pain,” he said. […] Researchers hope to mimic how squid and octopus use RNA editing in nerve channels that interpret pain and use that knowledge to manipulate human...
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
TSA extends cyber requirements for pipeline owners
The agency added an additional year to two post-Colonial Pipeline security directives. The post TSA extends cyber requirements for pipeline owners appeared first on CyberScoop.
Employees Enter Sensitive Data Into GenAI Prompts Far Too Often
The propensity for users to enter customer data, source code, employee benefits information, financial data, and more into ChatGPT, Copilot, and others is racking up real risk for enterprises.
15K Fortinet Device Configs Leaked to the Dark Web
The stolen firewall data is thorough but more than 2 years old now, meaning that most organizations following even basic security practices face minimal risk, hopefully.
US Sanctions Chinese Hacker & Firm for Treasury, Critical Infrastructure Breaches
The cyber actor played a role in the Treasury breach as well as attacks on critical infrastructure, linked to China-backed advanced persistent threat (APT) group Salt Typhoon.
Noem: No anti-disinformation, misinformation action under her as DHS secretary
She said at her confirmation hearing that CISA needs to be “smaller, more nimble” and it has gone “far off-mission.” The post Noem: No anti-disinformation, misinformation action under her as DHS secretary appeared first on CyberScoop.
Treasury sanctions Chinese cybersecurity company, affiliate for Salt Typhoon hacks
It’s the first formal attribution for the campaign that has swept up data from at least nine telecoms and the Treasury Department. The post Treasury sanctions Chinese cybersecurity company, affiliate for Salt Typhoon hacks appeared first on CyberScoop.
Closing software-understanding gap is critical to national security, CISA says
In a joint report with DARPA and others, the cyber agency said that knowledge gap “exacerbates” risks posed by threat actors in U.S. critical infrastructure. The post Closing software-understanding gap is critical to national security, CISA says appeared first on CyberScoop.
Restoring U.S. cyber resilience: A blueprint for the new administration
The Trump administration can start by returning CISA to its core mission, former DHS and California officials argue. The post Restoring U.S. cyber resilience: A blueprint for the new administration appeared first on CyberScoop.
Leveraging Behavioral Insights to Counter LLM-Enabled Hacking
As LLMs broaden access to hacking and diversify attack strategies, understanding the thought processes behind these innovations will be vital for bolstering IT defenses.
Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation
Cybersecurity researchers have disclosed three security flaws in Planet Technology's WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices. "These switches are widely used in building and home automation systems for a variety of networking applications," Claroty's Tomer Goldschmidt said in a Thursday report. "An attacker
Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation
Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia. "Over the past two months, a significant volume of attacks from Python-based bots has been observed, suggesting a coordinated effort to exploit thousands of web apps," Imperva researcher Daniel Johnston said in an analysis. "These attacks
Social Engineering to Disable iMessage Protections
I am always interested in new phishing tricks, and watching them spread across the ecosystem. A few days ago I started getting phishing SMS messages with a new twist. They were standard messages about delayed packages or somesuch, with the goal of getting me to click on a link and entering some personal information into a website. But because they came from unknown phone numbers, the links did not work. So—this is the...
How HHS has strengthened cybersecurity of hospitals and health care systems
The agency has embraced performance goals, provided resources to small systems and improved coordination, its deputy secretary writes. The post How HHS has strengthened cybersecurity of hospitals and health care systems appeared first on CyberScoop.
How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal?
Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their networks while providing convenient access to visitors, contractors, temporary staff, and employees with BYOD. Implementing secure guest Wi-Fi infrastructure has become essential for authenticating access,
New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass
Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that's capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication (2FA) codes since at least October 2024. The nascent phishing kit has been dubbed Sneaky 2FA by French cybersecurity company Sekoia, which detected it in the wild in December. Nearly 100 domains hosting
U.S. Sanctions North Korean IT Worker Network Supporting WMD Programs
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and four entities for their alleged involvement in illicit revenue generation schemes for the Democratic People's Republic of Korea (DPRK) by dispatching IT workers around the world to obtain employment and draw a steady source of income for the regime in violation of international sanctions. "These
European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China
Austrian privacy non-profit None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully transferring users' data to China. The advocacy group is seeking an immediate suspension of such transfers, stating the companies in question cannot shield user data
Russian APT Phishes Kazakh Gov't for Strategic Intel
A highly targeted cyber-intelligence campaign adds fuel to the increasingly complex relationship between the two former Soviet states.
Biden's Cybersecurity EO Leaves Trump a Comprehensive Blueprint for Defense
New order mandates securing the federal software supply chain and communications networks, as well as deploying AI tools to protect critical infrastructure from cyberattacks — but will the Trump administration follow through?
Treasury sanctions North Korea over remote IT worker schemes
The North Korean office responsible for the scheme, Department 53, was created to funnel money back into the country’s weapons programs. The post Treasury sanctions North Korea over remote IT worker schemes appeared first on CyberScoop.
183M Patient Records Exposed: Fortified Health Security Releases 2025 Healthcare Cybersecurity Report
CISA and US and International Partners Publish Guidance for OT Owners and Operators
SEALSQ in Cooperation With WISeKey Expands Post-Quantum Footprint in Saudi Arabia
Chinese Innovations Spawn Wave of Toll Phishing Via SMS
Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass, warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes it simple to set up convincing lures spoofing toll road operators in multiple...
Biden cyber executive order gets mostly plaudits, but its fate is uncertain
At least one key Republican told CyberScoop that he wasn’t happy about the last-minute nature of the EO. The post Biden cyber executive order gets mostly plaudits, but its fate is uncertain appeared first on CyberScoop.
FTC Orders GoDaddy to Fix Inadequate Security Practices
The FTC claims that the Web hosting company's security failures led to several major breaches in the past few years.
Russian Star Blizzard Shifts Tactics to Exploit WhatsApp QR Codes for Credential Harvesting
The Russian threat actor known as Star Blizzard has been linked to a new spear-phishing campaign that targets victims' WhatsApp accounts, signaling a departure from its longstanding tradecraft in a likely attempt to evade detection. "Star Blizzard's targets are most commonly related to government or diplomacy (both incumbent and former position holders), defense policy or international relations
Russian Star Blizzard Targets WhatsApp Accounts in New Spear-Phishing Campaign
The Russian threat actor known as Star Blizzard has been linked to a new spear-phishing campaign that targets victims' WhatsApp accounts, signaling a departure from its longstanding tradecraft in a likely attempt to evade detection. "Star Blizzard's targets are most commonly related to government or diplomacy (both incumbent and former position holders), defense policy or international relations
Microsoft catches Russian state-sponsored hackers shifting tactics to WhatsApp
Star Blizzard, known to be part of Russia’s FSB, moved schemes to the messaging platform last November. The post Microsoft catches Russian state-sponsored hackers shifting tactics to WhatsApp appeared first on CyberScoop.
UEFI Secure Boot: Not so secure
ESET researchers uncover a vulnerability in a UEFI application that could enable attackers to deploy malicious bootkits on unpatched systems
Strategic Approaches to Threat Detection, Investigation & Response
By staying vigilant, agile, and prepared, organizations can turn TDIR from a defensive strategy into a proactive enabler of security and operational excellence.
Risk, Reputational Scores Enjoy Mixed Success as Security Tools
Part predictive analysis, part intuition, risk and reputation services are imperfect instruments at best — and better than nothing for most organizations and insurers.
A CISA secure-by-design guru makes the case for the future of the initiative
The initiative had led to tangible changes, Jack Cable said upon his exit from the agency as senior technical adviser. The post A CISA secure-by-design guru makes the case for the future of the initiative appeared first on CyberScoop.