Digital money laundering pays, until it doesn't An Ohio man, who operated the Grams dark-web search engine and the Helix cryptocurrency money-laundering service associated with it, has been sentenced to three years in prison.…

QR codes arrive via an age-old delivery system Switzerland's National Cyber Security Centre (NCSC) has issued an alert about malware being spread via the country's postal service.…

ProPublica: Investigation: Microsoft offered the US government free cybersecurity upgrades in 2021, increasing government reliance on Microsoft due to high switching costs  —  - Raising the Bar: President Joe Biden asked tech companies to “raise the bar on cybersecurity.”

It’s with sadness that we note the passing of Thomas E. Kurtz, on November 12th. He was co-inventor of the BASIC programming language back in the 1960s, and though his …read more

OpenBSD has released an important bug fix addressing a potential double-free vulnerability within its Network File System (NFS) client and server implementation. OpenBSD is a Unix-like operating system renowned for its strong focus on security, simplicity, and correctness, with features like OpenSSH, PF (firewall), and W^X. It emphasizes “secure by default” principles, proactive security measures, […] The post OpenBSD Double-Free Vulnerability Let Attackers Exploit NFS Client & Server appeared first on Cyber Security News.

Israeli surveillance firm NSO Group reportedly used multiple zero-day exploits, including an unknown one named "Erised," that leveraged WhatsApp vulnerabilities to deploy Pegasus spyware in zero-click attacks, even after getting sued. [...]

SentinelOne described some of ransomware groups’ favorite techniques for targeting cloud services

Security tool sprawl makes it harder to manage environments and overwhelms teams

Hijacking domains using a ‘Sitting Ducks attack’ remains an underrecognized topic in the cybersecurity community. Few threat researchers are familiar with this attack vector, and knowledge is scarce. However, the prevalence of these attacks and the risk to organizations are significant. Infoblox researchers estimate that over 1 million registered domains could be vulnerable daily. More evidence found on Sitting Ducks Attacks During a Sitting Ducks attack, the malicious actor gains control of a domain by … More → The post Cybercriminals hijack DNS to build stealth attack networks appeared first on Help Net Security.

Jibin Joseph / PCMag: UK mobile operator Virgin Media O2 creates Daisy, an AI-generated “scambaiter” tool that mimics the voice of an elderly woman to waste scammers' time  —  After a survey found that 71% of Brits want revenge on scammers, mobile operator O2 deploys Daisy, an AI tool that keeps fraudsters on the line to waste their time.

Microsoft has pulled the November 2024 Exchange security updates released during this month's Patch Tuesday because of email delivery issues on servers using custom mail flow rules. [...]

Ilya Lichtenstein, who pleaded guilty to the 2016 hack of cryptocurrency stock exchange Bitfinex, has been sentenced to five years in prison, the U.S. Department of Justice (DoJ) announced Thursday. Lichtenstein was charged for his involvement in a money laundering scheme that led to the theft of nearly 120,000 bitcoins (valued at over $10.5 billion at current prices) from the crypto exchange.