A new report from threat intelligence startup Digital Shadows Ltd. has found that 24 billion stolen and breached usernames and passwords are available on the dark web, the shady corner of the internet where illicit goods and services are sold. That’s a 65% increase from two years ago and is the equivalent of nearly four credentials for ...

Microsoft Corp. has entered into an agreement to acquire cybersecurity threat analysis company Miburo for an undisclosed price. Founded in 20011, Miburo offers cyberthreat analysis and research specializing in the detection and response to foreign information operations. Foreign information operations, in this context, are primarily state-sponsored media attempting to influence opinion in other countries. Miburo ...

Researchers at Akamai Technologies Inc. today said they have discovered a new peer-to-peer botnet and SSH worm that has been actively breaching Linux servers. Dubbed “Panchan,” the botnet and SSH worm was first spotted in March and is written in the Golang programming language. Panchan utilizes built-in concurrency features to maximize spreadability and execute malware modules ...

A recently discovered spear-phishing campaign has been targeting former Israeli officers, high-ranking military personnel, the head of a security think tank and a former U.S. ambassador to Israel. Detailed today by researchers from Check Point Software Technologies Inc., the attack used custom phishing infrastructure and an array of fake email accounts to impersonate trusted partners, a ...

Content delivery network provider Cloudflare Inc. revealed today that it has managed to detect and mitigate a 26 million-request-per-second distributed denial-of-service attack, the largest such attack on record for HTTPS, a secure way to send a web server and a browser. The strike, which took place last week, targeted a customer website using Cloudflare’s free plan. ...

According to multiple reports, U.S. technology company and defense contractor L3Harris Technologies Inc. is in talks to acquire some or all of the controversial Israeli spyware maker NSO Group Ltd. The Guardian reported today that the negotiations involve L3Harris acquiring only NSO’s surveillance technology and possibly transferring some NSO personnel to L3Harris. Other reports, such as ...

The Rust Foundation, a foundation set up to support the development of the increasingly popular open-source Rust programming language, today announced the first recipients of awards for its inaugural Community Grants Program. The Rust Foundation Community Grants Program is a mechanism to provide funds to the Rust development community to support their work. Financial support granted ...

Cybersecurity company Trustwave Holdings Inc., owned by Singtel Holdings Inc. since 2015, today announced a new managed detection and response offering built to improve threat visibility, rapidly detect and respond to threats, and boost the overall cybersecurity resilience of organizations. The new Trustwave MDR and Trustwave MDR Elite offer 24×7 monitoring of hybrid multicloud environments ...

Palo Alto Networks Inc.’s Unit 42 today identified new, difficult-to-detect remote-access malware used by the Gallium advanced persistent threat group. The Gallium APT group is believed to be a Chinese state-sponsored group and has a reputation for targeting telecommunications companies in Southeast Asia, Europe and Africa. In the last year, Gallium has expanded its targeting beyond telcos ...

Health care provider Kaiser Permanente has disclosed a data breach that compromised the information of some 70,000 patients at subsidiary Kaiser Foundation Health Plan of Washington. In a June 3 notice to patients, Kaiser Permanente described the data breach as a “security incident” that involved unauthorized access on April 5. The company said it discovered that ...