All news with #news tag

📂 Microsoft is investigating an ongoing incident that prevents some users from opening files in Office for the web and Microsoft Teams. Impacted apps include Excel and PowerPoint for the web, with affected users seeing an error stating "Office Online services aren't available right now." The company is analyzing service telemetry and has identified a potential cross-service issue while it works toward remediation.

🛡️ Dutch authorities and the National Cyber Security Center announced the takedown of a botnet that had enlisted millions of devices, including computers, smartphones, tablets, and IoT gear. The network reportedly comprised at least 17 million infected devices and relied on more than 200 servers in the Netherlands for backend infrastructure. Police seized a subset of those servers from a hosting provider, which then took the botnet offline after it was used for criminal activity. Local reporting linked the operation to proxy services such as Asocks, previously associated with proxyware campaigns affecting Android devices.

🎥 ESET Chief Security Evangelist Tony Anscombe reviews major cybersecurity stories from May 2026, focusing on industrial control system intrusions, an AI-directed data theft, a Google-reported AI-developed zero-day, and crypto kiosk scams. He outlines attack vectors such as weak passwords and internet-exposed systems, notes the partial failure of an IT-to-OT escalation, and previews mitigation advice for defenders. Watch Tony’s video for practical recommendations and refer to the April edition for additional context.

📰 The FBI's 2025 Internet Crime Report has been published, offering a range of statistics and findings on cybercrime trends. The author notes they only recently became aware of the report and references associated press releases and news articles. The post, dated May 27, 2026, points readers to additional coverage and commentary on the report's contents.

🔒 More than two-thirds of UK businesses plan to increase cybersecurity spending over the next 12 months as AI adoption and geopolitical uncertainty reshape budgets. The Q1 2026 Barclays Business Prosperity Index found 68% of leaders expect higher cyber investment and 46% say new technologies raise their exposure. Large firms have led the increase, with average cyber spend hitting £505,000 so far in 2026, and cloud, cyber and AI account for 44% of planned tech budgets.

🔍 Flare researchers analyzed ~700 underground posts on the "Lucifer DaaS" between Jan 2025 and early 2026 to reveal how modern crypto drainers evolved into professionalized, service-like platforms. The study highlights affiliate-driven distribution, automation, website cloning, Permit2 abuse, and multichain support, showing how DaaS lowers technical barriers and increases resilience. It also lists practical indicators to help users avoid wallet-draining scams.

🔎 Interpol coordinated a first-of-its-kind campaign, Operation Ramz, across 13 MENA countries from October 2025 to February 2026 to disrupt phishing, malware and scam networks. The campaign resulted in 201 arrests, identification of 382 additional suspects and 3,867 victims, and led to the seizure of 53 servers. Authorities also disseminated almost 8,000 pieces of data and intelligence to support follow-up investigations. Private-sector partners including Group-IB, Kaspersky, Team Cymru, Shadowserver and TrendAI supported operational visibility and takedown efforts.

🚀 Infosecurity Europe 2026 will introduce a new Cyber Startup competition and a dedicated Cyber Startups Zone, giving five emerging companies a platform to present technologies and connect with potential customers, partners and investors. The live pitching event takes place on Tuesday 2 June and will be judged by industry figures including Shlomo Kramer alongside CISOs Mun Valiji and Kirsty Kelly. The winner receives a prize package that includes a free exhibition stand at Infosecurity Europe 2027, PR support from Origin Communications and a brand workshop from Dusted.

🛠️ Microsoft has returned resizable taskbar and Start menu controls to Windows 11 with Insider Preview Build 26300.8493 in the Experimental channel. Users can choose smaller taskbar buttons and move the taskbar to the bottom, top, left, or right via Settings > Personalization > Taskbar > Taskbar behaviors. The update also adds Start menu toggles to hide Recommended content, resize the menu, hide profile details, and improve file relevance. No restart is required.

🏆 The Pwn2Own Berlin 2026 contest at OffensiveCon (May 14–16) awarded security researchers $1,298,250 for exploiting 47 zero-day vulnerabilities across browsers, enterprise apps, servers, virtualization, containers, LLMs and local privilege escalation. Competitors earned $523,000 on day one, $385,750 on day two, and $389,500 on day three. DEVCORE topped the leaderboard with $505,000 and 50.5 Master of Pwn points; Cheng‑Da Tsai secured the highest single payout of $200,000 for an Exchange RCE chain.

🎤 Bruce Schneier lists his upcoming speaking engagements through July 2026, including virtual and European events. He will give a virtual talk on “The Security of Trust in the Age of AI” for the Financial Women’s Association of New York at 6:00 PM ET on May 21, 2026. He is scheduled to speak at the Potsdam Conference on National Cybersecurity (evening of June 24), the Digital Humanism Conference in Vienna on June 26, and the Nuremberg Digital Festival on July 1. The list is maintained on this page.

⚠️ Dell confirmed that its SupportAssist Remediation update is causing blue-screen crashes on some Windows systems after user reports of random reboots began Friday. Dell says version 5.5.16.0 of the Dell SupportAssist Remediation or Alienware SupportAssist Remediation service can trigger 0xEF_DellSupportAss_BUGCHECK_CRITICAL_PROCESS errors and recommends disabling or uninstalling the service as a workaround. Uninstall via Windows Settings (Apps > Installed apps) but note this may remove repair points created by Dell OS SupportAssist Recovery; contact Dell Support if problems persist.

🚨 German authorities dismantled a relaunch of the criminal marketplace Crimenetwork and arrested its alleged operator after the reboot reportedly generated more than €3.6 million. The new instance had attracted roughly 22,000 users and over 100 vendors before investigators seized user and transaction data along with about €194,000 in assets. The arrest of a 35-year-old German was executed in Mallorca under a European arrest warrant, following coordinated actions by the Public Prosecutor's Office in Frankfurt am Main, the Central Office for Combating Cybercrime (ZIT), and the BKA.

⚠️Analysis by the Anti-Corruption Data Collective found significant insider activity on Polymarket. Long-shot wagers—bets of $2,500 or more at implied odds of 35% or less—had an average win rate of about 52% in markets on military and defense actions. By contrast, those long-shot bets won roughly 25% in politics-focused markets and only 14% platform-wide. Author Bruce Schneier warns that permitting such activity risks warping political and military outcomes far more severely than insider sports betting.

🔐 On May 5, 2026, DENIC began publishing incorrect DNSSEC signatures for the .de zone, causing validating resolvers to reject responses and return SERVFAIL—impacting .de domains worldwide and affecting Cloudflare’s 1.1.1.1. Many users were buffered by serve stale behavior, but Cloudflare deployed an override equivalent to a Negative Trust Anchor at 22:17 UTC to bypass validation and restore reachability while DENIC corrected the key rollover.

🔔 On June 02, 2026 at 12:00 PM ET, BleepingComputer will host a live webinar titled From alert to containment: Fixing the gaps in network incident response with Edgar Ortiz, Solutions Engineering Leader at Tines. The session explores why incidents escalate when response processes—triage, enrichment, and routing—break down, not because of a lack of alerts. Attendees will learn how intelligence workflows that combine automation and AI can enrich alerts, prioritize and route incidents, and coordinate containment across systems to reduce response times and prevent broader service disruption.

🎖️ The Hacker News has opened submissions for the Cybersecurity Stars Awards 2026, a global recognition program celebrating excellence across products, companies, industry solutions, and professionals. The initiative aims to highlight often unseen defensive achievements and deliver visibility to CISOs, security leaders, and enterprise buyers. Submissions are accepted through May 15, 2026, and entries will be assessed via a structured, impartial review. Winners will be announced on May 26, 2026.

🤖 At Google Cloud Next '26, public sector leaders and academics demonstrated how the agentic era is moving from experimentation to enterprise-scale adoption across government, transportation, healthcare, and research. Featured speakers — including leaders from Google Public Sector, the City of Los Angeles, the FDA, and the Department of Transportation — shared blueprints for scaling AI and treating agents as force multipliers to improve productivity and mission outcomes. Hands-on demos, 28 Mission Talks and an interactive Public Sector Hub enabled attendees to create and test hundreds of agents across diverse use cases. Google invited organizations to continue engagement through follow-up webinars and partner pathways to accelerate adoption.

⚠️ CISA is reportedly weighing a proposal to shorten the remediation window for critical government vulnerabilities from the current 14 days to just 72 hours. The Reuters-sourced report ties the consideration to concerns that AI tools such as Anthropic’s Claude Mythos could accelerate the discovery and weaponization of serious flaws, though CISA has not confirmed the discussion. Security practitioners warn the tighter window would strain testing, asset discovery, and patch deployment; others say it could be attainable with modern automation and processes.

🔒 CISA has launched the CI Fortify initiative to help critical infrastructure operators prepare to operate in isolation from the internet and third-party services during major cyber incidents. The program focuses on controlled isolation—distinct from traditional air-gapping—combined with local manual operations and rapid restoration. CISA will provide targeted assessments, guidance, and exercises during a pilot phase while urging operators to map dependencies and invest in resilient architectures.