August 2025
China’s botched Great Firewall upgrade invites attacks on its censorship infrastructure
Attempts to censor QUIC traffic create chance to block access to offshore DNS resolvers China’s attempts to censor traffic carried using Quick UDP Internet Connections (QUIC) are imperfect and have left the country at risk of attacks that degrade its censorship apparatus, or even cut access to offshore…
Silent Push CEO on cybercrime takedowns: ‘It’s an ongoing cat-and-mouse game’
Plus: why takedowns aren't in threat-intel analysts' best interest interview It started out small: One US financial services company wanted to stop unknown crooks from spoofing their trading app, tricking customers into giving the digital thieves their login credentials and account information, thus allowing them to drain their…
CISA roasts unnamed critical national infrastructure body for shoddy security hygiene
Plaintext passwords, shared admin accounts, and insufficient logging rampant at mystery org CISA is using the findings from a recent probe of an unidentified critical infrastructure organization to warn about the dangers of getting cybersecurity seriously wrong.…
OpenAI removes ChatGPT self-doxing option
Checkbox to make chatbot conversations appear in search engines deemed a footgun OpenAI has removed the option to make ChatGPT interactions indexable by search engines to prevent users from unwittingly exposing sensitive information.…
Tested: Microsoft Recall can still capture credit cards and passwords, a treasure trove for crooks
Our tests have shown there are ways to get around the promised security improvements exclusive Microsoft Recall, the AI app that takes screenshots of what you do on your PC so you can search for it later, has a filter that's supposed to prevent it from screenshotting sensitive…
China says US spies exploited Microsoft Exchange zero-day to steal military info
Spy vs. spy China has accused US intelligence agencies of exploiting a Microsoft Exchange zero-day exploit to steal defense-related data and take over more than 50 devices belonging to a "major Chinese military enterprise" for nearly a year.…
Florida prison email blunder exposes visitor contact info to inmates
Victims fear leak at Everglades Correctional Institution could lead to violent extortion A data breach at a Florida prison has inmates' families concerned for their welfare after their contact details were allegedly leaked to convicted criminals.…
Cybercrooks attached Raspberry Pi to bank network and drained ATM cash
Criminals used undocumented techniques and well-placed insiders to remotely withdraw money A ring of cybercriminals managed to physically implant a Raspberry Pi on a bank's network to steal cash from an Indonesian ATM.…
Top spy says LinkedIn profiles that list defence work ‘recklessly invite attention of foreign intelligence services’
Workers on joint US/UK/Australia nuclear submarine program are painting a target on themselves The Director-General of Security at the Australian Security Intelligence Organization (ASIO) has lamented the fact that many people list their work in the intelligence community or on sensitive military projects in their LinkedIn profiles.…