A U.S. No Fly list with over 1.5 million records of banned flyers and upwards of 250,000 'selectees' has been shared publicly on a hacking forum. BleepingComputer has confirmed the list is the same TSA No Fly list that was discovered recently on an unsecured CommuteAir server.

CAP-M AI will be used to test and learn about cyberthreats

Multiple bugs affecting millions of vehicles from almost all major car brands could allow miscreants to perform any manner of mischief — in some cases including full takeovers — by exploiting vulnerabilities in the vehicles' telematic systems, automotive APIs and supporting infrastructure, according to security researchers.

Major security flaws have been found in Mercedes, Ferrari, and other top luxury cars which could have allowed threat actors to steal the owners’ personally identifiable information, track their vehicles, and in some cases - even unlock and start the cars. Almost two-dozen car brands were affected by the flaws, including top brands such as BMW, Roll Royce, Mercedes-Benz, Ferrari, Porsche, Jaguar, Land Rover, Ford, KIA, Honda, Infiniti, Nissan, Acura, Hyundai, Toyota, and Genesis.

IN AUGUST, THE internet infrastructure company Cloudflare was one of hundreds of targets in a massive criminal phishing spree that succeeded in breaching numerous tech companies. While some Cloudflare employees were tricked by the phishing messages, the attackers couldn't burrow deeper into the company's systems.

Congress passed a large spending package that includes a bill banning TikTok from being used on government devices and new filing fees for mergers.

It’s been two weeks since we reported that Anker’s Eufy lied to us about the security of its security cameras, and we’ve been pushing the company for answers ever since. But the company hasn’t answered a single one of our questions — in fact, I haven’t gotten a single reply since December 1st. Today, on a whim, I thought I’d take a peek at Eufy’s website... maybe find some answers there? Instead, I found that Anker has quietly scrubbed all of its most promising privacy promises from its “privacy commitment” page. It got nerfed — hard.

Is the Government Monitoring you based on the features of your face? The goal of developing facial recognition software is to usher in a new era in which every person who goes out into public spaces may be identified, followed, and filmed as they go about their everyday routines. The government and its business partners are able to identify people and follow their activities in real-time with the use of face recognition technology. This technology works in conjunction with the widespread use of surveillance cameras around the nation.

Democrats and Republicans don't agree on much these days, but have joined forces to unveil bipartisan legislation that would ban TikTok across the US. Representatives on both sides of the political divide in the House of Representatives and Senate have spoken out against what they perceive as a threat to national security.

Google's Project Zero team said it had alerted the chip designer ARM about the GPU bug, and the British chip designer had fixed those vulnerabilities.

CISA says organizations that haven't yet patched VMware systems against Log4Shell should "assume" that they've already been breached.

Kaspersky is stopping the operation and sales of its VPN product, Kaspersky Secure Connection, in the Russian Federation, with the free version to be suspended as early as November 15, 2022. As the Moscow-based company informed on its Russian blog earlier this week, the shutdown of the VPN service will be staged, so that impact on customers remains minimal.

While consumers may be looking to scam retailers as the cost of living crisis deepens, cyber criminals are also on the rampage through the sector, with a range of automated threats – from account takeover, credit card fraud, web scraping, API abuses, Grinch bots and distributed denial of service (DDoS) attacks – all becoming a persistent challenge for the eCommerce industry, threatening online sales and customer satisfaction.

In short, they’re not. But a new Chubb report finds increasing cyber anxiety, as well as people clinging to bad security habits. (Seriously, that ‘keepsake password’ has to go.)

A French-speaking criminal group codenamed OPERA1ER has pulled off more than 30 cyber-heists against telecom organizations and banks across Africa, Asia, and Latin America, stealing upwards of $30 million over four years, according to security researchers.

For years, Big Tech has insisted that the death of the password is right around the corner. For years, those assurances have been little more than empty promises. The password alternatives—such as pushes, OAUTH single-sign ons, and trusted platform modules—introduced as many usability and security problems as they solved. But now, we’re finally on the cusp of a password alternative that’s actually going to work.

What appeared to be one simple Linux Wi-Fi networking security problem was soon revealed to be five different nasty Wi-Fi security problems. Fortunately, the patches are on their way.

The U.S. Federal Communications Commission plans to ban all sales of Huawei and ZTE telecommunications equipment in the United States on national security grounds, news website Axios reported on Thursday, citing sources familiar with the matter.

The US government is recognizing the importance of open-source software. But is it ready for what's needed?

Should you be monitoring your work-from-home employees? Yes, but not for the reasons you might suspect. According to a recent report in the New York Times, eight of the 10 largest private US employers are using software and other technologies to track the productivity of their employees in the office and at home.