The hack against JBS is renewing calls for stronger cybersecurity requirements for critical companies.

Most people think of trust as active – you place your trust in someone or you don't. But weak cybersecurity, like leaving your front door unlocked, is a matter of trust, too.

The DarkSide ransomware attack on Colonial Pipeline shows how nation states and criminal hackers may be working together, even when they aren't.

A cyber-crime spree wreaking havoc around the world has reignited calls for governments to ban ransom payments to hackers. Ransomware criminals are holding computer systems hostage on a daily basis, demanding large payments from victims to restore order.

On Feb. 5, an unidentified hacker broke into the computer system of a treatment plant in the Florida town of Oldsmar and temporarily changed the plant’s sodium hydroxide setting to a potentially dangerous level, according to local officials. It turns out that hacker wasn’t alone on the network.

On the day Apple was set to announce a slew of new products at its Spring Loaded event, a leak appeared from an unexpected quarter. The notorious ransomware gang REvil said they had stolen data and schematics from Apple supplier Quanta Computer about unreleased products, and that they would sell the data to the highest bidder if they didn’t get a $50 million payment. As proof, they released a cache of documents about upcoming, unreleased MacBook Pros. They've since added iMac schematics to the pile.

This week, the Justice Department announced that it had given the FBI permission to run a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable computers in the United States. These vulnerable computers were running on-premises versions of Microsoft Exchange Server software that had been exploited by hacking groups through January and February 2021.

A user in a low level hacking forum on Saturday published the phone numbers and personal data of hundreds of millions of Facebook users for free online. The exposed data includes personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. It includes their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and — in some cases — email addresses.

It's not sure why journalists keep having to do the wireless industry's job, yet here we are. Sometime around mid-march, Motherboard reporter Joseph Cox wrote a story explaining how he managed to pay a hacker $16 to gain access to most...

Merely weeks after releasing out-of-band patches for iOS, iPadOS, macOS and watchOS, Apple has issued yet another security update for iPhone, iPad, and Apple Watch to fix a critical zero-day weakness that it says is being actively exploited in the wild.

There’s a newly discovered attack on SMS messaging that’s almost invisible to victims, and seemingly sanctioned by the telecom industry, uncovered in a report by Motherboard. The attack uses text-messaging management services that are aimed at businesses to silently redirect text messages from a victim to hackers, giving them access to any two-factor codes or login links that are sent via text message.

Many websites have a robots.txt, a plain-text file that tells search engines to ignore certain files and folders on the site. Security.txt is a proposed standard to do likewise with security polici…

The jailbreak group said it used its "own exploit" for a vulnerability that Apple said was "actively exploited" by hackers.

In addition to the new features detailed earlier today, iOS 14.4 also brings a trio of notable security improvements. In a new Support document published this afternoon, Apple said that iOS 14.4 fixes a kernel vulnerability and two WebKit vulnerabilities, all three of which “may have been actively exploited.”

[German]The forum of Windows tool developer IOBit was hacked over the weekend. The aim of the hack was to distribute the DeroHE ransomware to forum visitors.

While you've been distracted by the holidays, coronavirus, and politics, the more we learn about the SolarWinds security fiasco, the worse it looks.

The hackers may have operated within the US to evade Homeland Security

One of the great threats to our civilization is space weather. Specifically, the Sun's proven ability to target the planet with a tremendous cosmic belch of radiation, knocking out satellites, power grids, and networks worldwide.

Thousands of companies and governments are racing to discover whether they have been hit by the Russian hackers who reportedly infiltrated several US government agencies. The initial breach, reported on December 13, included the Treasury as well as the Departments of Commerce and Homeland Security. But the stealthy techniques the hackers used mean it could take months to identify all their victims and remove whatever spyware they installed.

Hackers who breached federal agency networks through software made by SolarWinds appear to have conducted a test run of their broad espionage campaign last year, sources with knowledge of the operation said.