The Justice Department has indicted three Iranian men, accusing them of ransomware and other cyber attacks against US targets, including municipal governments, regional utilities and a domestic violence shelter. The indictment unsealed Wednesday accuses Mansour Ahmadi, 34, Ahmad Khatibi Aghda, 45, and Amir Hossein Nickaein Ravari, 30, of hacking the computer systems of hundreds of …

Google on Monday closed its acquisition of Mandiant, one of the biggest players in the cybersecurity industry, for about $5.4 billion. The addition of Mandiant significantly expands Google’s security capabilities, Google said in a blog post. Mandiant will also boost its access to threat intelligence and allow it to offer customers more in the form of end-to-end security covering both cloud and …

What’s happening Researchers for the cybersecurity company Mandiant have identified what they say is likely an Iranian state-sponsored cyberespionage group. Why it matters The group has targeted opponents of the Iranian regime including think tanks, researchers, current and former government officials, journalists and members of the Iranian diaspora. What’s next Mandiant says that given the group’s past involvement in espionage …

Samsung said Friday that the personal information of some of its customers was stolen from its US computer systems earlier this year. In a notice to customers, the South Korea-based tech giant said that in July an unauthorized person acquired information from the systems. In early August, Samsung determined through its investigation that some customer data was compromised.  The company …

The San Francisco 49ers said the names and Social Security numbers of nearly 21,000 people were stolen in a breach of the NFL team’s computer systems earlier this year. The acknowledgement was made in a required data breach notification filed with the state of Maine. According to the filing, which references a notification made to consumers on Thursday, the breach occurred …

What’s happening McAfee researchers spotted five Chrome extensions that were tracking user browser activity without their knowledge. They were downloaded a combined 1.4 million times before Google removed them from its store. Why it matters Keeping malicious extensions completely out is a close-to-impossible task, so consumers need to be cautious when installing any kind of browser extension. Google removed a …

DoorDash said the personal information of some of its customers and delivery workers was compromised in a data breach that stemmed from a phishing attack against a company it does business with. The stolen data included customer names, email addresses, delivery addresses and phone numbers. A smaller number of customers also had basic order data and partial payment card information …

LastPass says cybercriminals breached its systems and stole part of its source code, but that no customer passwords were compromised in the incident. In a Thursday notice to customers, the popular password manager says it started investigating about two weeks ago after it detected some “unusual activity” within parts of its developer environment. It later determined that someone had gained …

One moment, security experts are expressing concerns about cyberattacks stemming from either Russia’s continued war against Ukraine or a military conflict between China and Taiwan. The next, Elijah Woods — yes, Frodo from Lord of the Rings — is spinning tunes at a party in Allegiant Stadium in Las Vegas.  Welcome to the Black Hat and Defcon computer hacking conferences …

TikTok’s in-app browser has the ability to monitor certain kinds of user activity on the external websites accessed with it, new research shows. According to research published Thursday by Felix Krause, a Vienna-based software researcher, when TikTok users access a website through a link in the TikTok app, the app inserts code into the website that allows TikTok to monitor …