Security
Security news coverage encompasses investigative cybersecurity reporting and analysis on the latest security breaches, hacks and cyberattacks around the globe.
HealthEquity said in an 8-K filing with the SEC that it detected “anomalous behavior by a personal use device belonging to a business partner.”
Roll20 said that on June 29 it had detected that a “bad actor” gained access to an account on the company’s administrative website for one hour.
Twilio says “threat actors were able to identify” phone numbers of people who use the two-factor app Authy.
In a major update, Proton adds privacy-safe document collaboration to Drive, its freemium E2EE cloud storage service
Collaborative document features are being made available inside Proton Drive, further extending the company’s trademark pitch of robust security.
Newsletter writer covering Evolve Bank’s data breach says the bank sent him a cease and desist letter
The situation around a data breach that’s affected an ever-growing number of fintech companies has gotten even weirder. Evolve Bank & Trust announced last week that it was hacked and…
Yieldstreet says some of its customers were affected by the Evolve Bank data breach
Evolve, a popular financial institution for fintech startups, announced that a cyberattack affected “the data and personal information of some Evolve retail bank customers and financial technology partners’ customers.”
The news highlights that the fallout from the Evolve data breach on third-party companies — and their customers and users — is still unclear.
Featured Article
The biggest data breaches in 2024: 1 billion stolen records and rising
Some of the largest, most damaging breaches of 2024 already account for over a billion stolen records.
The company “identified a security incident that involved bad actors targeting a limited number of HubSpot customers and attempting to gain unauthorized access to their accounts” on June 22.
Remote access giant TeamViewer says Russian spies hacked its corporate network
The remote access giant linked the cyberattack to government-backed hackers working for Russian intelligence, known as APT29.
Startups scramble to assess fallout from Evolve Bank data breach
Fintech-friendly Evolve Bank disclosed a data breach, saying it may have impacted customers and partners.
PortSwigger, the company behind the Burp Suite of security testing tools, swallows $112M
Sometimes the most successful startup ideas come from people building tools to solve their own needs. Such was the case with Dafydd Stuttard, a security expert who goes by Daf. …
Securing cloud services remains a challenge for enterprises. That’s why several companies have been working on security solutions that specifically address that need. In the latest example of that, Odaseva…
US charges Russian civilian for allegedly helping GRU spies target Ukrainian government systems with data-destroying malware
U.S. prosecutors say the WhisperGate cyberattack was designed to “sow concern” among Ukrainian civil society ahead of Russia’s invasion.
Featured Article
Kaspersky resellers deride US government ban: ‘Complete bulls—t’
“It’s just a lot of time lost for nothing,” a U.S.-based Kaspersky reseller told TechCrunch, following the news of a US sales ban.
A hacker claims to be selling an extensive database associated with an Indian government portal meant for blue-collar workforce emigrating from the country.
Featured Article
Welcome to the fediverse: Your guide to Mastodon, Threads, Bluesky and more
The fediverse isn’t just another social media platform; it’s a rallying cry and a manifesto of sorts.
Telegram says it has ‘about 30 engineers’; security experts say that’s a red flag
Telegram’s founder Pavel Durov says his company only employs around 30 engineers. Security experts say that raises serious questions about the company’s cybersecurity.
Car dealerships and auto shops around the U.S. enter a second week of disruption following cyberattacks at software maker CDK.
Hacker claims to have 30 million customer records from Australian ticket seller giant TEG
A hacker is advertising customer data allegedly stolen from the Australia-based live events and ticketing company TEG on a well-known hacking forum. On Thursday, a hacker put up for sale…
The U.S. government announced sanctions against 12 executives and senior leaders of the Russia-based cybersecurity giant Kaspersky. In a press release, the Department of the Treasury’s Office of Foreign Assets…
Featured Article
Change Healthcare confirms ransomware hackers stole medical records on a ‘substantial proportion’ of Americans
The February ransomware attack on UHG-owned Change Healthcare stands as one of the largest-ever known digital thefts of U.S. medical records.
US bans sale of Kaspersky software citing security risk from Russia
U.S. officials imposed the “first of its kind” ban arguing that Kaspersky threatens U.S. national security because of its links to Russia.
EU member states remain divided on controversial CSAM-scanning plan — but for how long?
Opponents also contend the EU plan will fail at its claimed aim of protecting children, suggesting law enforcement will instead be swamped by millions of false positives.
CDK said it “does not have an estimated time frame” for recovery, as car dealerships and auto shops face continued outages.
Semperis, a specialist in Active Directory security now worth more than $1B, raises $125M
Active Directory, the Microsoft directory service for connecting users with network resources, is used by more than 90% of all Fortune 1000 companies and many more besides. So it’s no…
PQShield secures $37M more for ‘quantum resistant’ cryptography
Malicious hacking is getting increasingly sophisticated, and that’s leading to a very clear trend in security technology. To keep people and organizations safe, security also has to continue improving. Security…
A researcher has found a bug that allows anyone to impersonate Microsoft corporate email accounts, making phishing attempts look credible and more likely to trick their targets. As of this…
UK national accused of hacking dozens of US companies arrested in Spain
TechCrunch has learned that the arrested hacker is the alleged leader of the group that masterminded the Twilio hacks in 2022.
Stop playing games with online security, Signal president warns EU lawmakers
A controversial European Union legislative proposal to scan the private messages of citizens in a bid to detect child sexual abuse material (CSAM) is a risk to the future of…
