US Immigration and Customs Enforcement has signed a $2 million contract with Israeli commercial spyware vendor Paragon Solutions.

The one-year contract between the company’s US subsidiary in Chantilly, Virginia, and ICE’s Homeland Security Investigations Division 3 was signed on September 27 and covers a “fully configured proprietary solution including license, hardware, warranty, maintenance and training.”

Read More
23andMe Is Sinking Fast. Can the Company Survive?

23andMe is in trouble. Once a hot Silicon Valley startup, the genetic testing company has been in free fall since a major data breach last year that affected roughly half of its customers. The incident led to a class action lawsuit, which the company has agreed to settle for $30 million.

Read More
Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks

In recent years, cybercriminals have increasingly exploited vulnerabilities in widely-used IT and security tools, leading to major security incidents. For instance, a zero-day vulnerability in Ivanti enterprise VPNs was recently exploited, allowing attackers to deploy a backdoor named ‘DSLog’.

Read More
Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug

Researchers found a flaw in a Kia web portal that let them track millions of cars, unlock doors, and start engines at will—the latest in a plague of web bugs that’s affected a dozen carmakers.

Read More
Telegram to Share User IPs and Phone Numbers on Legal Request

Telegram now shares users’ IP addresses and phone numbers with authorities after valid legal requests. This policy change affects privacy-focused users like journalists and whistleblowers while helping fight criminal activities.

Read More
Mandiant Offers Clues to Spotting and Stopping North Korean Fake IT Workers

An American collaborator assisting fake North Korean IT workers to secure jobs at US companies generated approximately $7 million in revenue over three years, underscoring the profitability of a growing threat with serious nuclear weapons implications.

Read More
Police Broke Tor Anonymity to Arrest Dark Web Users in Major CSAM Bust

German authorities dismantled Boystown, a notorious Dark Web platform for CSAM, by deanonymizing Tor users in 2021. This breakthrough raises concerns over Tor’s privacy as law enforcement targets criminal activities on the Dark Web.

Read More
Hacker Claims “Minor” Data Breach at DELL; Leaks Over 10,000 Employee Details

A hacker claims Dell suffered a “minor” breach, exposing over 10,000 employee records. The incident raises cybersecurity concerns amid ongoing threats targeting businesses by tricking employees into phishing and phone call scams.

Read More
AT&T to Pay $13 Million in Settlement Over 2023 Data Breach

US wireless carrier AT&T has agreed to pay $13 million in a settlement with the Federal Communications Commission (FCC) over a 2023 data breach.

Read More
RAMBO Attack: Electromagnetic Waves Steal Data from Air-Gapped Systems

Discover the RAMBO attack, a groundbreaking method that uses electromagnetic waves to steal data from air-gapped systems. Learn how hackers exploit isolated networks using electromagnetic emissions to extract sensitive information securely.

Read More
VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest

Broadcom-owned VMware on Tuesday rolled out critical-severity patches to cover a pair of vulnerabilities in its vCenter Server platform and warned that there’s a major risk of remote code execution attacks.

Read More
DeltaPrime Suffers $5.98M Loss as Hacker Exploits Admin Key on Arbitrum

DeltaPrime DeFi platform suffers a $5.98M hack on the Arbitrum chain due to a private key leak. The attack compromised several liquidity pools, and the team is working on asset recovery and minimizing user losses.

Read More