The U.S. Federal Communications Commission is seeking comment on a proposal to establish a three-year pilot program to provide up to $200 million to support cybersecurity and advanced firewall services to eligible schools and libraries. The Schools and Libraries Cybersecurity Pilot Program was proposed in a rule issued Dec. 29 to be offered through the Universal ...

Google LLC has patched two significant vulnerabilities in Google Kubernetes Engine that could allow an attacker to gain control of a Kubernetes cluster. The vulnerabilities, detailed Dec. 27 by researchers at Palo Alto Network Inc.’s Unit 42, involved an issue in the default configuration of GKE’s logging agent FluentBit, which runs by default on all clusters ...

Court Services Victoria, an independent body that runs court services in Victoria, Australia, has been struck by a ransomware attack, with court recordings allegedly stolen. Officially described as a “cyber security incident” by CSV, the attack is said to have been detected on Dec. 21 and involved unauthorized access leading to a disruption of the ...

Four alleged cyberattackers have been arrested in mainland China for developing ransomware with the help of ChatGPT, the first case of its sort in the country. The South China Morning Post reported Friday that the suspects were arrested in November following a ransomware attack on an unidentified company in Zhenjiang Province, just south of Shanghai. The ...

As the year draws to an end, the No. 1 trend this year was undoubtedly artificial intelligence. Although AI promises much, not all is rosy, with various ethical debates around the technology and then thrown into the mix a report of a robot attacking a worker at a Tesla Inc. factory in Texas. With concerns ...

Barracuda Networks Inc. has patched a vulnerability in its Email Security Gateway appliances that was found to be being exploited by an alleged Chinese hacking group. Tracked as CVE-2023-7102, the vulnerability is an arbitrary code execution vulnerability in a third-party library, Spreadsheet::ParseExcel. An arbitrary code execution vulnerability is a security flaw that allows an attacker to execute ...

A little-known ransomware gang has claimed responsibility for a cyberattack on the Ohio Lottery that allegedly involved the theft of personally identifiable information. Officially described as a “cybersecurity event” by Ohio Lottery, the attack occurred on Dec. 24 and affected some systems. The lottery took steps to mitigate the attack, including taking certain systems offline ...

National Amusements Inc., the parent company of Paramount and CBS, has suffered a data breach that affected some 82,000 people. The data breach, disclosed via a Dec. 22 filing with the Office of the Maine Attorney General, occurred between Dec. 13 and Dec. 15, 2022, before being detected on Aug. 23 this year. In a ...

Members of Oklahoma-based healthcare provider Integris Health reportedly received messages from hackers on Christmas Eve telling them that their data had been breached, along with a demand for payment to delete their stolen data. According to a “data privacy incident” notice from Integris, the stolen data was accessed via “potential unauthorized activity on certain systems” ...

A previously unknown spyware campaign targeting iPhones, believed to have been ongoing since 2019, has been found to exploit a previously unknown feature in chips designed by Apple Inc. to bypass hardware-based security protections. Detailed today by researchers from Kaspersky Labs Inc. at the 37th Chaos Communication Congress, the campaign, dubbed “Operation Triangulation,” starts with a ...