Cybersecurity
India demands smartphone makers install a government app on every handset
'Sanchar Saathi' shares data to help fight fraud and protect carrier security India’s government has issued a directive that requires all smartphone manufacturers to install a government app on every handset in the country and has given them 90 days to get the job done – and to…
Four arrested in South Korea over massive IP camera snooping spree
Plus: Aussie Wi-Fi phisher and Brit dark web dealer nailed Cybercrime suspects and offenders across three continents have been rounded up this week, with cases spanning hacked IP cameras in South Korea, evil twin Wi-Fi traps in Australia, and a dark web drug empire in rural England.…
Dutch study finds teen cybercrime is mostly just a phase
Only a select few continue into later life, mainly for the love of the game Young threat actors may be rebels without a cause. These cybercriminals typically grow out of their offending ways by the time they turn 20, according to data published by the Dutch government.…
South Korea’s answer to Amazon admits breach exposed 33.7M customers
Coupang confirms internationally routed intrusion compromised more than half of the country's population South Korean retail behemoth Coupang has admitted to a data breach that exposed the personal details of 33.7 million customers, turning the company's famed "Rocket Delivery" logistics empire into an express shipment for personal information.…
French Football Federation faces own-goal after club software data breach
Zut alors! Cybercrooks scored names, numbers, and license IDs The French Football Federation (FFF) has conceded that attackers broke into its member management software using a compromised account, scoring a match sheet's worth of player data in the process.…
PostHog admits Shai-Hulud 2.0 was its biggest ever security bungle
Automation flaw in CI/CD workflow let a bad pull request unleash worm into npm PostHog says the Shai-Hulud 2.0 npm worm compromise was "the largest and most impactful security incident" it's ever experienced after attackers slipped malicious releases into its JavaScript SDKs and tried to auto-loot developer credentials.…
Brit telco Brsk confirms breach as bidding begins for 230K+ customer records
Crims claim to know which customers are marked 'vulnerable' British telco Brsk is investigating claims that it was attacked by cybercriminals who made off with more than 230,000 files.…
GrapheneOS bails on OVHcloud over France’s privacy stance
Project cites fears of state access as cloud sovereignty row deepens French cloud outfit OVHcloud took another hit this week after GrapheneOS, a mobile operating system, said it was ditching the company's servers over concerns about France's approach to digital privacy.…
TryHackMe races to add women to Christmas cyber challenge roster after backlash
Training outfit scrambles to fix all-male lineup before December kickoff Cybersecurity training provider TryHackMe is scrambling to recruit women infosec pros to help with its Christmas challenge following backlash concerning a lack of gender diversity.…
OBR drags in cyber bigwig after Budget leak blunder
Ex-NCSC chief Ciaran Martin asked to examine how forecast ended up online ahead of schedule The Office for Budget Responsibility (OBR) has drafted in former National Cyber Security Centre (NCSC) chief Ciaran Martin to sniff out how its Budget day forecast wandered onto the open internet before the…