Threatline

Data breach exposes up to 14.2 million email logins at six ISPs

Japanese telecommunications operator KDDI Corporation disclosed a data breach where threat actors gained access to one of its email systems used by five other internet service providers (ISPs) in the country. [...]

Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials

The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign orchestrated by Russian intelligence services to break into the messaging accounts of government officials, military personnel, politicians, and activists in Ukraine, Europe, and the U.S. The systematic cyber attacks aimed at stealing sensitive

Timekeeping biz Kronos hit by ransomware and warns customers to engage biz continuity plans

Updated

Is VPOTUS Bluetooth-phobic or sensible? The answer's pretty clear

In Brief

When disaster strikes, data recovery really is a race against time

Log4j RCE latest: In case you hadn't noticed, this is Really Very Bad, exploited in the wild, needs urgent patching

Updated

MPs charged with analysing Online Safety Bill say end-to-end encryption should be called out as 'specific risk factor'

Britain's Online Safety Bill is being enthusiastically endorsed in a "manifesto" issued today by MPs who were tasked with scrutinising its controversial contents.…

Popular password manager LastPass to be spun out from LogMeIn

One of the biggest beasts in the password management world, LastPass, is being spun out from parent LogMeIn as a "standalone cloud security" organisation.…

You may have cracked serverless development, but it’s almost certain you haven’t solved serverless security

Paid Post

Apache takes off, nukes insecure feature at the heart of Log4j from orbit with v2.16