Nonprofit technology supplier Blackbaud stops ransomware attack from encrypting files, but pays to ensure attackers delete stolen customer information

Nonprofit technology supplier Blackbaud stops ransomware attack from encrypting files, but pays to ensure attackers delete stolen customer information
Current laws give security services ‘excessive’ access to citizens’ data, finds top court, giving government until end of 2021 to bring in higher thresholds
Demonstration technology carries out offline sweeps of Linux virtual machine snapshots at large scale to help organisations root out in-memory malware
Zwickau public prosecutor confiscates server used to distribute hundreds of gigabytes of data hacked from police forces across the US
Apple will no longer allow user profiles to be installed on Macs without user interaction, in move targeting ‘plague of adware’
F5 says BIG-IP application delivery controllers used on many corporate and government networks are vulnerable to takeover by remote attackers
Rapid evolution of Thanos ransomware-as-a-service, along with high-end attacks, indicate evolving threat as criminals seek to monetise organisations’ data
Activist hackers release 24 years’ worth of data from hundreds of police forces in move timed to coincide with protests against police brutality and racism
Amazon says its AWS Shield mitigated a DDoS attack peaking at 2.3Tbps, far larger than previous assaults, amidst increasing cloud security threats
Security officials warn operators that Huawei may be unable to continue to provide gear following ‘escalating US action’ against the company
Peak of pandemic-related phishing traffic has passed by volume, but attackers are using increasingly focused and effective lures to steal data, study finds
GitLab to integrate Peach Tech and Fuzzit fuzz-testing into its DevOps lifecycle tool, helping developers to catch security bugs earlier on
Study finds cyber-criminals are shifting tactics to favour multi-stage ransomware attacks that include stealing sensitive data to maximise damage and profits
Apple’s open source Password Manager Resources project includes site-specific data aimed at improving compatibility of third-party password tools
TrickBot information-stealing malware updated with new ‘nworm’ module that uses encryption and in-memory execution to hinder detection efforts
Security researchers find attackers breaking into public-facing Windows IIS web servers to install Monero-mining malware across networks
Scam emails use Excel spreadsheets containing Covid-19 data as a lure, then execute malicious macros that give attackers control over system
Agency says it had to develop its own tool to access two locked iPhones used by gunman who attacked Pensacola Naval Air Station in December 2019
Researchers warn of weaknesses affecting all Bluetooth-compliant devices – just as governments roll out coronavirus apps reliant on the tech
Hackers break into academic high-performance computing clusters in Edinburgh, Germany and Switzerland to install Monero currency-mining software
Attackers gained access to customers’ websites last October, says hosting giant, but only via SSH, with ‘main accounts’ not affected
Attackers impersonate US self-regulatory body for brokerage firms in phishing email campaign that looks to harvest Office and SharePoint passwords
Microsoft patches security vulnerability that could have allowed attackers to take over Teams accounts and groups if users viewed a seemingly innocent GIF
UK’s intelligence agencies must use artificial intelligence to repel increasingly sophisticated cyber-attacks and disinformation campaigns, finds study
VictoryGate crypto-mining botnet infected at least 35,000 systems, mostly in Peru, and continues to spread via infected removable USB drives
As people around the world turn to online services during the pandemic, hackers seek profits from denial-of-service and ransomware attacks
Boston University proposal would involve tracking randomly generated IDs via short-range broadcasts as means to contain coronavirus infections
Cyber-criminals increasingly targeting organsiations’ computing and online infrastructure for extortion attempts as huge numbers of staff work remotely
Videoconferencing app employs custom encryption scheme and uses servers based in Beijing, researchers find as Zoom popularity soars
Team headed by University of Glasgow develops technique for generating and detecting entangled photons at wavelength less susceptible to solar interference