Personal information belonging to some 15,000 Denver Public Schools (DPS) employees was stolen in what the district is calling a “cybersecurity incident” that went on for a month.

As well as the $7.8m fine, BetterHelp will be banned from sharing any more consumer health data, including information on mental health issues, for the purposes of advertising, according to the terms of the order.

Sysdig discovered a sophisticated operation, named SCARLETEEL, targeting public-facing web apps running in a self-managed Kubernetes cluster hosted on AWS to steal proprietary data. Cybercriminals camouflage their campaigns as cryptojacking operations, however, their agenda is to steal sensitive data and credentials from targeted systems. Organizations and individuals are suggested to adopt extra measures, such as […]

Modesto confirmed that the February 3 breach of its Police Department’s digital network was a ransomware attack and said that a number of people’s personal information, including Social Security and driver’s license numbers, may have been accessed.

A group of researchers has revealed what it says is a vulnerability in a specific implementation of CRYSTALS-Kyber, one of the encryption algorithms chosen by the U.S. government as quantum-resistant last year.

Trend Micro found PlugX RAT masquerading as an open-source Windows debugger tool, dubbed x32dbg, with an aim to evade security controls and gain control over the target system. Attackers use DLL side-loading to execute malicious code via the DLLs of the debugger tool, allowing attackers to bypass security restrictions and escalate privileges.

The experts have yet to determine the initial attack vector, they reported that FiXS utilizes an external keyboard (similar to Ploutus). It instructs the ATM to dispense money 30 minutes after the last ATM reboot.

An opposition-linked Polish mayor had his phone hacked using Pegasus spyware, Gazeta Wyborcza daily reported on Friday, amid allegations that the country’s special services have used the technology against government opponents.

During the analysis of Wago PLCs, a researcher discovered several vulnerabilities in the web-based management interface designed for administering, commissioning and updating devices.