Attention gamers! Motherboard maker MSI admits to breach, issues “rogue firmware” alert
Stealing private keys is like getting hold of a medieval monarch's personal signet ring... you get to put an official seal on treasonous material.
Theft in cybersecurity covers stolen data, credentials, devices, and funds, often creating risks of unauthorized access, fraud, and privacy loss.
Search across headline titles and summaries.
Background for this topic.
Unauthorized taking or copying of information, credentials, intellectual property, or digital assets is cyber theft. News under this tag may involve stolen passwords, payment data, personal information, source code, cloud tokens, cryptocurrency, or sensitive business files. Theft can result from phishing, malware, compromised accounts, insider access, exposed storage, or the loss of an unencrypted device; the relevant issue is the unauthorized acquisition or control of an asset, whether or not the attacker also alters systems.
Security teams should identify where valuable data and credentials are stored, restrict access by role, require strong authentication, encrypt data at rest and in transit, and monitor unusual downloads or transfers. Vulnerability management matters when flaws expose databases, endpoints, or cloud services to unauthorized retrieval. After suspected theft, preserving logs, revoking tokens and credentials, determining what was accessed or copied, and assessing privacy or notification obligations are central to containing the incident and measuring its impact.
Weekly headline count for the current query.
Stealing private keys is like getting hold of a medieval monarch's personal signet ring... you get to put an official seal on treasonous material.
It's not exactly data theft, but it's worrying close to "unintentional treachery" - apparently because it's great for marketing purposes
Another day, another "sophisticated" attack. This time, the company has handily included some useful advice along with its mea culpa...
Reddit is suggesting 3 tips as a follow-up to this breach. We agree with 2 of them but not with the 3rd...
7 memory mismanagements and a timing attack. We explain all the jargon bug terminology in plain English...
Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway?
There was a breach, so the bad news isn't great, but the good news isn't too bad...
Undercover Austrian "controlled data buy" leads to Amsterdam arrest and ongoing investigation. Suspect is said to steal and sell all sorts of data, including medical records.
We were going to write, "Once more unto the breach, dear friends, once more"... but it seems to go without saying these days.
Once more, it's time for Shakespeare's words: Once more unto the breach...
As always: entertaining, informative and educational... and not bogged down with jargon! Listen (or read) now...
Lessons for us all: improve cryptography, fight cybercrime, own your supply chain... and don't steal my data and then pretend you're sorry.
Turns out they did steal those password vaults (and where you live) after all.
The warning is hosted on a real Facebook page; the phishing uses HTTPS via a real Google server... but the content is all fake
It took three years, but the Capital One cracker was convicted in the end. Don't get caught out in a data breach of your own!
Lastest epsiode - listen now!
The online identity "brokerage" SSNDOB Market didn't want pople to be in any doubt what it was selling.
"Change your code to improve cryptomining"... or we'll dump 1TB of stolen secrets.