New York Times: Analysis of 3.2M+ Telegram messages from 16K+ channels shows how the app is inundated with criminal activity, CSAM, drug dealers, white nationalists, and more  —  Drug dealers, scammers and white nationalists openly conduct business and spread toxic speech on the platform …

It turns out some lifehacks can come with prison time.

American car rental giant Avis disclosed a data breach after attackers breached one of its business applications last month and stole customer personal information. [...]

Recently fixed access control SonicOS vulnerability, tracked as CVE-2024-40766, is potentially exploited in attacks in the wild, SonicWall warns. SonicWall warns that a recently fixed access control flaw, tracked as CVE-2024-40766 (CVSS v3 score: 9.3), in SonicOS is now potentially exploited in attacks. “An improper access control vulnerability has been identified in the SonicWall SonicOS management […]

Alphabet Inc.’s Google is abusing its dominant position in advertising technology, the UK’s antitrust agency warned in a move that could pave the way for hefty fines and an order to change one of the tech giant’s most lucrative businesses.

A newly discovered PyPI hijack technique called “Revival Hijack” has been exploited in the wild, posing a significant threat to thousands of Python packages. Identified by JFrog’s security research team, the method takes advantage of a loophole in the PyPI software registry that allows attackers to re-register package names that have been removed by their [...]

​Transport for London, the city's public transportation agency, revealed today that its staff has limited access to systems and email due to measures implemented in response to a Sunday cyberattack. [...]

Comments

Danny Nelson / CoinDesk: Telegram radically alters its stance on “illegal” use of its platform by letting users in private chats “flag illegal content” for review by its moderators  —  The decision comes after the CEO's arrest in France for allegedly failing to police illegal content.

Ransomware is an all-too-common occurrence: 83% of organizations have experienced at least one ransomware attack in the last year, 46% of respondents experienced four or more and 14% indicated they experienced 10 or more. Of those respondents who experienced at least one ransomware attack in the last year, 61% said it resulted in downtime of at least 24 hours, according to Onapsis. Source: Onapsis Of those organizations that experienced ransomware attacks, 89% said their Enterprise … More → The post 83% of organizations experienced at least one ransomware attack in the last year appeared first on Help Net Security.

Supply chains, 13M jobs and $649B a year at risk, so Uncle Sam is fighting back - with a request for info The US Department of Homeland Security is seeking help to assess the security of tech at maritime ports, to safeguard the 13 million jobs and $649 billion of economic activity generated by the nation’s docks.…

A Gizmodo analysis of OpenAI’s GPT store found more than 100 tools that appear to violate the company’s policies regarding sexual content, cheating, legal and medical advice, gambling, fake review generation, and romantic companionship.

Allowed access to 150k cameras, some in sensitive spots, but has been done for spamming Physical security biz Verkada has agreed to cough up $2.95 million following an investigation by the US Federal Trade Commission (FTC) – but the payment won’t make good its past security failings, including a blunder that led to CCTV footage of Tesla, Cloudflare, and others being snooped on. Instead, the fine is about spam.…

93GB of info feared pilfered in Montana by heartless crooks Planned Parenthood of Montana's chief exec says the org is responding to a cyber-attack on its systems, and has drafted in federal law enforcement and infosec professionals to help investigate and rebuild its IT environment.…

Sophisticated attack breaks security assurances of the most popular FIDO key.

Better late than never The White House on Tuesday indicated it hopes to shore up the weak security of internet routing, specifically the Border Gateway Protocol (BGP).…

Comments

​The U.S. Federal Trade Commission (FTC) has reported a massive increase in losses to Bitcoin ATM scams, nearly ten times the amount from 2020 and reaching over $110 million in 2023. [...]

A proximity resilience graph offers a more accurate representation of risk than heat maps and risk registers, and allows CISOs to tell a complex story in a single visualization.

Ransomware remains a concerning cybersecurity threat, with attacks becoming more frequent, severe, and costly. Recent reports highlight alarming trends, including increased attacks on critical sectors like healthcare, education, and manufacturing. The US, leading in global ransomware incidents, faces an exceptionally high risk, especially in education and healthcare. Organizations are frequently hit multiple times, and ransom payments, while common, often fail to prevent further disruption. Most ransomware attacks occur between 1 a.m. and 5 a.m. Malwarebytes … More → The post Ransomware attacks escalate as critical sectors struggle to keep up appeared first on Help Net Security.

In April 2024, 15M records from the online florist Blooms Today were listed for sale on a popular hacking forum. The most recent data in the breach corpus was from November 2023 and appeared alongside 3.2M unique email addresses, names, phone numbers physical addresses and partial credit card data (card type, 4 digits of the number and expiry date). The breach did not expose sufficient card data to make purchases. Blooms Today did not respond when contacted about the incident.

Transport for London (TfL), the city's transport authority, is investigating an ongoing cyberattack that has yet to impact its services. [...]

South Korea is facing a surge in digital sex crimes, particularly involving deepfake pornography targeting women and minors. What's more troubling, teenagers are often the ones perpetrating these crimes. South Korea's President, Yoon Suk Yeol, has urged authorities to "thoroughly investigate and address these digital sex crimes to eradicate them."Read Entire Article

Mastercard Inc. is expanding its efforts to eliminate the use of credit card numbers when customers make purchases online in a bid to fight fraud.