Internet infamy drives The Com’s crime sprees
The Com doesn’t fit into a traditional definition of cybercrime. While the majority of groups tend to either be financially-motivated or working at the behest…
Category: Cyberscoop
Unverified code is the next national security threat
American infrastructure is powered by open-source software and no one knows who wrote it. That’s not hyperbole. It’s a structural vulnerability. Every day, government agencies,…
Trump cyber executive order takes aim at prior orders, secure software, more
President Donald Trump signed an executive order Friday that the White House says promotes developing secure software, adopting the latest encryption protocols, securing internet routing…
DOJ seizes $7.7M from crypto funds linked to North Korea’s IT worker scheme
Federal authorities on Thursday said they seized $7.74 million from North Korean nationals as they attempted to launder cryptocurrency obtained by IT workers who gained…
Sean Cairncross has policy coordination in mind if confirmed as national cyber director
Sean Cairncross laid out his vision to senators Thursday for the Office of the National Cyber Director if he is confirmed to lead it. “A…
Cellebrite to acquire mobile testing firm Corellium in $200 million deal
Security technology company Cellebrite has announced plans to acquire Florida-based mobile testing startup Corellium for $170 million in cash, with an additional $20 million converted…
Rep. Garbarino: Ending CISA mobile app security program for feds sends ‘wrong signal’
The chairman of the House Homeland Security subcommittee on cybersecurity is apprehensive about the Department of Homeland Security’s plans to end a program that vets…
Feds seize 145 domains associated with BidenCash cybercrime platform
Federal authorities on Wednesday announced the seizure of about 145 domains and cryptocurrency funds linked to BidenCash, a cybercrime marketplace for stolen credit cards, compromised…
Vibe coding is here to stay. Can it ever be secure?
Software powers the world, and soon, the bulk of the work making it may be done by machines. As generative AI tools have gotten more…
Salesforce customers duped by series of social-engineering attacks
A financially motivated threat group posing as IT support has intruded the systems of about 20 organizations by duping employees into installing a malicious, illegitimate…
Google addresses 34 high-severity vulnerabilities in June’s Android security update
Google’s June security update for Android devices contains 34 vulnerabilities, all of which the company designates as high-severity defects. The company didn’t disclose any actively…
CrowdStrike, Microsoft aim to eliminate confusion in threat group attribution
CrowdStrike and Microsoft announced an agreement Monday to formally connect the different names each company uses for the same threat groups in their attribution analysis.…