#cybersecurity

#cybersecurity

When the library system's IT department detected suspicious activity on one of the library's servers Thursday morning, staff immediately "turned off the server in the middle of this happening," as well as shut down all remote access to the library's computer systems, library director Todd Dunkelberg said. "That stopped all activity," Dunkelberg said Friday about the cyberattack, which was first reported by KTVZ, as well as Oregon Public Broadcasting.

Bacon wrote, This means the top two positions at NSA and the four-star commander at Cyber Command will remain vacant for 8 months and counting. We are at Cyber War every day, and the inability to get leaders in place is gross negligence. Bacon went on to blame the chaos on infighting in the White House and the involvement of whacky Laura Loomer in hiring.

LastPass failed customers and fell short on expectations that the company would employ robust measures to protect personal data. Password managers are a safe and effective tool for businesses and the public to manage their numerous login details and we continue to encourage their use, he said. However, as is clear from this incident, businesses offering these services should ensure that system access and use is restricted to ensure risks of attack are significantly reduced,

Despite overwhelming focus on the Department of Homeland Security's handling of immigration enforcement, a Thursday hearing on worldwide threats targeting the U.S. did feature some insights into the biggest cybersecurity challenges facing the nation. DHS Secretary Kristi Noem, National Counterterrorism Center Director Joe Kent and FBI National Security Branch operations chief Michael Glasheen testified before the House Homeland Security Committee in the annual hearing meant to discuss terrorism, cybersecurity, drones and other matters that concern Americans' security.

The retail giant, often compared to Amazon for its dominance in South Korean e-commerce and logistics, last month revealed details of a data breach affecting close to 34 million people. The breach allegedly began in June but wasn't noticed until November, when Coupang initially said over 4,500 customers had their data stolen. The company later revised that figure dramatically upward.

In December 2011, the CIA lost control of a stealth drone near the Iranian city of Kashmar, about 140 miles from the Afghanistan border, and it wound up in the regime's possession. On state television, the Iranian military displayed the boomerang-shaped craft like a trophy. Triumphant banners beneath its 30-foot wings said, in Farsi, THE US CAN'T MESS WITH US and WE'LL CRUSH AMERICA UNDERFOOT.

Cloudflare says it has fixed an outage that took down several websites and apps, including Zoom, LinkedIn, Shopify and Fortnite, early on Friday, in the latest major glitch involving the web traffic management giant whose shares dipped in premarket trading. Another Cloudflare outage took down several websites and apps early on Friday morning. An update on Cloudflare's status page said the nearly half-hour-long outage was the result of "issues with Cloudflare Dashboard and related APIs."

The big picture: Hassabis in May had predicted AI that meets or exceeds human capabilities - artificial general intelligence, or AGI - could come by 2030. What they're saying: In an interview with Axios' Mike Allen, Hassabis assessed the risk from a number of "catastrophic outcomes" of AI misuse as the technology develops, particularly "energy or water cyberterror." "That's probably almost already happening now, I would say, maybe not with very sophisticated AI yet, but I think that's the most obvious vulnerable vector," he said.

Speaking on 3 December at the Financial Times Cyber Resilience Summit 2025, security minister Dan Jarvis said: "We've heard the criticisms about the Computer Misuse Act, and how it can leave many cyber security experts feeling constrained in the activity that they can undertake. These researchers play an important role in increasing the resilience of UK systems, and securing them from unknown vulnerabilities."

Quietly launched earlier this year, Share and Defend collates data gleaned from public reports made to the NCSC, industry threat intelligence experts, protective domain name service (PDNS) providers and takedown actions. These datasets are then shared with internet service provider (ISP) partners, which in turn filter them through their own DNS platforms to stop their customers from accessing malicious websites.

Public Wi-Fi has become an essential part of daily business life in London. From cafés and co-working spaces to hotels and trains, employees and entrepreneurs rely on wireless networks to stay connected on the move. Yet as Wi-Fi usage grows, so does the risk. Over the past five years, cybersecurity reports have consistently shown that public hotspots remain one of the easiest entry points for attackers. Business travellers, remote workers, and small companies-especially those without dedicated IT teams-are often the most exposed.

The fallout from this incident is likely to continue for months, and probably years. With car production halted for over a month and over 5,000 businesses affected, the Cyber Monitoring Centre has estimated a financial impact of £1.9bn, and likely "the most economically damaging cyber event to hit the UK". The shutdown meant that the number of cars manufactured in September 2025 was the lowest in the UK since 1952.

Admiral Giuseppe Cavo Dragone, who chairs NATO's Military Committee told the Financial Times that they are reassessing how they are confronting Russia 's hybrid threats which have escalated across Europe. Russia is also behind explosions and fires which includes a fire at an East London Ukrainian warehouse. In recent years hybrid attacked have intensified which includes cyber-attacks, underwater infrastructure was damaged in the Baltic Sea that all points to Russia.

In the ever-evolving cryptocurrency landscape, both investors and miners face a growing challenge-how to mine profitably while maintaining security, transparency, and sustainability. In an industry often affected by cyberattacks, energy concerns, and unreliable platforms, FutureWave Mining emerges as a forward-thinking solution. By integrating cutting-edge technology, renewable energy, and accessible cloud mining, FutureWave Mining sets a new standard for safe, sustainable, and intelligent crypto mining.

A third of UK organizations are failing to back up all of their sensitive data, hindering their ability to restore operations and ensure service continuity in the event of a breach. Almost half of those surveyed by security firm Cohesity reported not backing up all their workloads, including virtual machines, applications, and unstructured data, while 38% aren't applying consistent data categorization, backup controls, and policies globally.

The individual was believed to have been paid around $25,000 for this, which all things considered, I think, is quite low when you're risking being fired and, you know, a potential jail sentence in the aftermath of this. So these were leaked on Telegram. CrowdStrike, obviously, was made aware of this and they reacted pretty swiftly like we mentioned. That person has since been dismissed, I don't think it was too much of an issue for HR in that situation.

"It's truly astonishing that such a market-sensitive document could find its way online via official channels in advance of the Chancellor's speech," he said. "Basic compliance requirements should be in place to prevent this from happening. A complete review is required to understand how and why such a major breach occurred."

The scope, nature and extent of such impact remains under investigation by the Company and its third-party advisors, the company wrote in the statement. The incident is now contained and our services are fully operational. No encrypting malware was involved. SitusAMC said it launched an internal investigation upon becoming aware of the incident and notified federal law enforcement authorities. The company provides services across the mortgage lifecycle, including loan fulfillment, warehouse administration and securities valuations.

On 10 November, hackers gained access to a Princeton University database containing the personal information of those in the institution's community, including alumni, donors and students. In October, similar data breaches occurred at the University of Pennsylvania in Philadelphia and Harvard University in Cambridge, Massachusetts. These incidents are part of a broader trend. Over the past few years, cyberattacks have been on the rise at academic institutions around the globe.

Nobody embarks on a career in cyber security expecting an easy ride. It's widely recognised that protecting critical digital infrastructure is high-pressure and high-stakes work. For many of us, that's part of the buzz. Every day, we tackle complex challenges, address high-stakes problems, and (hopefully) make a real difference - but who will protect cyber professionals from the risk of burnout?

VPN ads are everywhere now. It feels like you can't even open YouTube or listen to a podcast without hearing that "hackers" are waiting to steal your data and that a VPN will solve everything. While VPNs can be useful, they're privacy tools, not security apps. A virtual private network can hide your traffic, but it probably won't stop you from getting hacked.

Aging digital infrastructure equipment like routers, network switches, and network-attached storage-has long posed a silent risk to organizations. In the short term, it's cheaper and easier to just leave those boxes running in a forgotten closet. But this infrastructure may have old, insecure configurations, and legacy tech is often no longer supported by vendors for software patches and other protections.

A pair of U.S. Senators say there are specific serious threats to the nation's phone networks, but the Trump administration has yet to release a relevant report about the threats. In a letter last week, U.S. Senators Ron Wyden, D-Oregon, and Mark Warner, D-Virginia - who is vice-chairman of the Senate Select Committee on Intelligence - asked for the report to be released, claiming it identifies serious telecommunications industry vulnerabilities.

Cybersecurity company Guardio is taking aim at a fresh market born amid this flux: finding malicious code written using AI tools. The company says it has found that with AI tools, malicious actors now find it easier than ever to build scam and phishing sites as well as the infrastructure needed to run them. Now, Guardio is leveraging its experience building browser extensions and apps that scan for malicious and phishing sites.

I tried to fool my brother, sort of. Next to him and his Pekingese on the couch, without context or introduction, I played an audio clip of me-deepfake audio of my voice that I'd asked cybersecurity startup Doppel to make. Fake Me's voice sounded distressed, stilted, and just persuasive enough that he narrowed his eyes, scrunched his nose, and asked: "That's AI, right?" My extremely online brother was far from fooled, but he was unsettled.