Latest news as of 7/13/2025, 3:14:51 AM
Dark Reading
The evolving regulatory environment presents both challenges and opportunities for businesses.
Graham Cluley
Stoli Group USA, the US subsidiary of vodka maker Stoli, has filed for bankruptcy – and a ransomware attack is at least partly to blame. The American branch of Stoli, which imports and distributes Stoli brands in the United States, as well as the Kentucky Owl bourbon brand it purchased in 2017, was hit by a ransomware attack in August 2024. Learn more in my article on the Exponential-e blog.
Krebs on Security
In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as "Wazawaka," a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The U.S. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies.
The Register
Installed the final non-security preview update of 2024? Best not hop onto the Dev Channel Microsoft has pinned down why some eager Windows Insiders could not persuade the Recall preview to save any snapshots. It's all down to a pesky non-security preview.…
Dark Reading
Proposals from Google and Apple drastically reduce the life cycle of certificates, which should mean more oversight — and hopefully better control.
The Hacker News
Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. However, the cloud's flexibility, scalability, and efficiency come with significant risk — an expanded attack surface. The decentralization that comes with utilizing multi-cloud environments can also lead to limited visibility into user activity and
The Hacker News
Europol on Tuesday announced the takedown of an invite-only encrypted messaging service called MATRIX that's created by criminals for criminal purposes. The joint operation, conducted by French and Dutch authorities under the moniker Passionflower, comes in the aftermath of an investigation that was launched in 2021 after the messaging service was discovered on the phone of a criminal convicted
The Hacker News
Many organizations struggle with password policies that look strong on paper but fail in practice because they're too rigid to follow, too vague to enforce, or disconnected from real security needs. Some are so tedious and complex that employees post passwords on sticky notes under keyboards, monitors, or desk drawers. Others set rules so loose they may as well not exist. And many simply copy
Graham Cluley
It's not a new technique, but that doesn't mean that cybercriminals cannot make rich rewards from SEO poisoning. Read more in my article on the Tripwire State of Security blog.
The Hacker News
Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js npm library that involved pushing two malicious versions capable of harvesting users' private keys with an aim to drain their cryptocurrency wallets. The attack has been detected in versions 1.95.6 and 1.95.7. Both these versions are no longer available for download from the npm