Category: The Register – Security

For incentives remember the three Fs – finance, fame, and fixing it feature  Thirty years ago, Netscape kicked off the first commercial bug bounty program. Since then, companies large and small have bought into the idea, with mixed results.… This…

Read more →

Amazon, Apple, Google, and Microsoft among major customers Data I/O, a major electronics manufacturer whose customers include Amazon, Apple, Google, and Microsoft, notified federal regulators that it fell victim to a ransomware infection on August 16 that continues to disrupt…

Read more →

Health details, tax ID numbers, even images of checks were stolen, reportedly by the Interlock gang Ransomware scum breached kidney dialysis firm Davita’s labs database in April and stole about 2.4 million people’s personal and health-related information.… This article has…

Read more →

ClickFix tricks Microsoft’s security team has published an in-depth report into ClickFix, the social engineering attack which tricks users into executing malicious commands in the guise of proving their humanity.… This article has been indexed from The Register – Security…

Read more →

The attack first affected an upstream provider of bespoke software Exclusive  A leading UK provider of criminal record checks for employers is handling a data breach stemming from a third-party development company.… This article has been indexed from The Register…

Read more →

Crypto mines, BEC scams, fake passports, and a $300M fraud empire allegedly brought down during Serengeti 2.0 Interpol’s latest clampdown on cybercrime resulted in 1,209 arrests across the African continent, from ransomware crooks to business email compromise (BEC) scammers, the…

Read more →

Pro tip: When taking revenge, don’t use your real name A US court sentenced a former developer at power management biz Eaton to four years in prison after he installed malware on the company’s servers.… This article has been indexed…

Read more →

Because savvy terrorists always use public internet services to plan their mischief, right? Anthropic says it has scanned an undisclosed portion of conversations with its Claude AI model to catch concerning inquiries about nuclear weapons.… This article has been indexed…

Read more →

Better late than never after SharePoint assault? Microsoft has reportedly stopped giving Chinese companies proof-of-concept exploit code for soon-to-be-disclosed vulnerabilities following last month’s SharePoint zero-day attacks, which appear to be related to a leak in Redmond’s early-bug-notification program.… This article…

Read more →

Underground forums now recruiting English-speaking social engineers English speakers adept at social engineering are a hot commodity in the cybercrime job market.… This article has been indexed from The Register – Security Read the original article: ‘Impersonation as a service’…

Read more →

Google’s Gemini-powered tools tripped up by image-scaling prompt injection Security researchers with Trail of Bits have found that Google Gemini CLI and other production AI systems can be deceived by image scaling attacks, a well-known adversarial challenge for machine learning…

Read more →

Bill would let US President commission white hat hackers to go after foreign threats, seize assets on the online seas It’s been more than 200 years since the United States issued a letter of marque allowing privateers to attack the…

Read more →

Everything a criminal needs for targeted attacks exposed, but telco insists ‘no critical data compromised’ A significant data theft at Orange Belgium has opened hundreds of thousands of its customers to serious cybersecurity risks.… This article has been indexed from…

Read more →

Feds say Mirai-spawned botnet blasted 370K attacks before AWS and pals helped yank its servers RapperBot, a botnet-for-hire blamed for hundreds of thousands of DDoS attacks, has been yanked offline by the Feds, who also hauled in its alleged Oregon-based…

Read more →

Worried about your data? Not to worry, we’ll check the dark web for you! Yes really A week after its services were disrupted by a cyberattack, UK telco Colt Technology Services has gone back on its initial statement to confirm…

Read more →

Another ‘extremely sophisticated’ exploit chewing at Cupertino’s walled garden Apple has shipped emergency updates to fix an actively exploited zero-day in its ImageIO framework, warning that the flaw has already been abused in targeted attacks.… This article has been indexed…

Read more →

Researcher claims extension didn’t start out by exfiltrating info… while dev says its actions are ‘compliant’ Security boffins at Koi Security have warned of a shift in behavior of a popular Chrome VPN extension, FreeVPN.One, which recently appears to have…

Read more →

One fetcher bot seen smacking a website with 39,000 requests per minute Cloud services giant Fastly has released a report claiming AI crawlers are putting a heavy load on the open web, slurping up sites at a rate that accounts…

Read more →

Took out all traffic to port 443 at a time Beijing didn’t have an obvious need to keep its netizens in the dark China cut itself off from much of the global internet for just over an hour on Wednesday.……

Read more →

Redmond doesn’t bother informing customers about some security fixes Microsoft has chosen not to tell customers about a recently patched vulnerability in M365 Copilot.… This article has been indexed from The Register – Security Read the original article: Microsoft stays…

Read more →