Category: The Register – Security

Years later, he read about his antagonist doing time for murder On Call  Welcome to another installment of On Call, The Register’s weekly reader-contributed column that tells your tech support tales.… This article has been indexed from The Register –…

Read more →

Are you a good bot or a bad bot? More than 30 malicious Chrome extensions installed by at least 260,000 users purport to be helpful AI assistants, but they steal users’ API keys, email messages, and other personal data. Even…

Read more →

As if snooping on your workers wasn’t bad enough Your supervisor may like using employee monitoring apps to keep tabs on you, but crims like the snooping software even more. Threat actors are now using legit bossware to blend into…

Read more →

Flaw abused ”in an extremely sophisticated attack against specific targeted individuals’ Apple patched a zero-day vulnerability affecting every iOS version since 1.0, used in what the company calls an “extremely sophisticated attack” against targeted individuals.… This article has been indexed…

Read more →

Researchers say breaches link identity abuse, SaaS compromise, and ransomware into a cascading cycle Cybercriminals are turning supply chain attacks into an industrial-scale operation, linking breaches, credential theft, and ransomware into a “self-reinforcing” ecosystem, researchers say.… This article has been…

Read more →

Whoever gets it will steer UK department’s IT, AI strategy, and megabucks vendor deals The UK Ministry of Defence (MoD) is offering between £270,000 to £300,000 for a senior digital leader who will oversee more than £4.6 billion in spending…

Read more →

Meanwhile, IP-stealing ‘distillation attacks’ on the rise A Chinese government hacking group that has been sanctioned for targeting America’s critical infrastructure used Google’s AI chatbot, Gemini, to auto-analyze vulnerabilities and plan cyberattacks against US organizations, the company says.… This article…

Read more →

Businesses are embedding prompts that produce content they want you to read, not the stuff AI makes if left to its own devices Amid its ongoing promotion of AI’s wonders, Microsoft has warned customers it has found many instances of…

Read more →

Add-ons with 37M installs leak visited URLs to 30+ recipients, researcher says They know where you’ve been and they’re going to share it. A security researcher has identified 287 Chrome extensions that allegedly exfiltrate browsing history data for an estimated…

Read more →

The more you share online, the more you open yourself to social engineering If you’ve seen the viral AI work pic trend where people are asking ChatGPT to “create a caricature of me and my job based on everything you…

Read more →

Curious port filtering and traffic patterns suggest advisories weren’t the earliest warning signals sent Telcos likely received advance warning about January’s critical Telnet vulnerability before its public disclosure, according to threat intelligence biz GreyNoise.… This article has been indexed from…

Read more →

Attackers using social engineering to exploit business processes, rather than tunnelling in via tech Exclusive  When fraudsters go after people’s paychecks, “every employee on earth becomes a target,” according to Binary Defense security sleuth John Dwyer.… This article has been…

Read more →

Smug faces across all those who opposed the WordPad-ification of Microsoft’s humble text editor Just months after Microsoft added Markdown support to Notepad, researchers have found the feature can be abused to achieve remote code execution (RCE).… This article has…

Read more →

UK government grilled over progress made to prevent a second life-threatening leak Legacy IT issues are hampering key technical measures designed to prevent highly sensitive data leaks, UK government officials say.… This article has been indexed from The Register –…

Read more →

Roses are red, violets are blue … now get patching What better way to say I love you than with an update? Attackers exploited a whopping six Microsoft bugs as zero-days prior to Redmond releasing software fixes on February’s Patch…

Read more →

Zero-click prompt injection can leak data when AI agents meet messaging apps, researchers warn AI agents can shop for you, program for you, and, if you’re feeling bold, chat for you in a messaging app. But beware: attackers can use…

Read more →

Zero-click prompt injection can leak data when AI agents meet messaging apps, researchers warn AI agents can shop for you, program for you, and, if you’re feeling bold, chat for you in a messaging app. But beware: attackers can use…

Read more →

Operation Cyber Guardian involved 100-plus staff across government and industry Singapore spent almost a year flushing a suspected China-linked espionage crew out of its telecom networks in what officials describe as the country’s largest cyber defense operation to date.… This…

Read more →

HR outsourcer Conduent confirms intruders accessed benefits-related records tied to US personnel Nearly 17,000 Volvo employees had their personal data exposed after cybercriminals breached Conduent, an outsourcing giant that handles workforce benefits and back-office services.… This article has been indexed…

Read more →

Troops fitted with new comms kit as part of Project ASGARD British soldiers are to get an array of AI-ready kit that should mean they don’t have to wait to see the “whites of their eyes” before pulling the trigger.……

Read more →