Category: The Register – Security

PLUS: Juniper’s support portal leaks customer info; Canada moves to ban Flipper Zero; Critical vulns Infosec In Brief  Nearly half the citizens of France have had their data exposed in a massive security breach at two third-party healthcare payment servicers,…

Read more →

Some useful indicators of compromise right here More than 70,000 presumably legit websites have been hijacked and drafted into a network that crooks use to distribute malware, serve phishing pages, and share other dodgy stuff, according to researchers.… This article…

Read more →

Software company’s claim of there being no active exploits also being questioned In disclosing yet another vulnerability in its Connect Secure, Policy Secure, and ZTA gateways, Ivanti has confused the third-party researchers who discovered it.… This article has been indexed…

Read more →

An orchestra of fails for the security vendor We’ve had to write the word “Fortinet” so often lately that we’re considering making a macro just to make our lives a little easier after what the company’s reps will surely agree…

Read more →

Should you be paying more attention to securing your AI models from attack? Webinar  As artificial intelligence (AI) technology becomes increasingly complex so do the threats from bad actors. It is like a forever war.… This article has been indexed…

Read more →

Reserve Bank also wants a national 2FA framework The Reserve Bank of India (RBI) announced on Thursday it would make its digital currency programmable, and ensure it can be exchanged when citizens are offline.… This article has been indexed from…

Read more →

That listing for a gig that looked too good to be true may have been carrying SQL injection code Singapore-based infosec firm Group-IB has detected a group that spent the last two months of 2023 stealing personal info from websites…

Read more →

Honor among thieves about to be put to the test The US government has placed an extra $5 million bounty on Hive ransomware gang members – its second such reward in a year. And it also comes a little over…

Read more →

Never mind the court orders obtained to thwart Volt Typhoon botnet Analysis  The FBI’s latest PR salvo, as it fights to preserve its warrantless snooping powers on Americans via FISA Section 702, is more big talk of cyberattacks by the…

Read more →

No walled garden can keep out every weed, we suppose LastPass says a rogue application impersonating its popular password manager made it past Apple’s gatekeepers and was listed in the iOS App Store for unsuspecting folks to download and install.……

Read more →

One of most important malware loaders to cybercrims who are jumping on vulnerabilities faster than ever Researchers suspect the criminals behind the Raspberry Robin malware are now buying exploits for speedier cyberattacks.… This article has been indexed from The Register…

Read more →

Security researcher buddies allegedly tag team a four-month virtual gift card heist at Cupertino tech giant A cybersecurity researcher and his pal are facing charges in California after they allegedly defrauded an unnamed company, almost certainly Apple, out of $2.5…

Read more →

Security is a process, not a product. Nor a language Memory-safety flaws represent the majority of high-severity problems for Google and Microsoft, but they’re not necessarily associated with the majority of vulnerabilities that actually get exploited.… This article has been…

Read more →

Plan says to hand over keys to networks – and report intrusions within eight hours of discovery Organizations that sell IT services to Uncle Sam are peeved at proposed changes to procurement rules that would require them to allow US…

Read more →

Presumably American TLAs are all over Beijing’s infrastructure, too … right? Volt Typhoon isn’t the only Chinese spying crew infiltrating computer networks in America’s energy sector and other critical organizations with the aim of wrecking equipment and causing other headaches,…

Read more →

The other half paid attention in class? Half of infosec professionals polled by Kaspersky said any cybersecurity knowledge they picked up from their higher education is at best somewhat useful for doing their day jobs. On the other hand, half…

Read more →

12 international govt agencies sound the alarm, critical infrastructure at the heart of threats The US government today confirmed that China’s Volt Typhoon crew comprised “multiple” critical infrastructure org’s IT networks, and warned that the state-sponored hackers are readying “disruptive…

Read more →

Tactics are more sophisticated and supported in greater numbers Iran’s anti-Israel cyber operations are providing a window into the techniques the country may deploy in the run-up to the 2024 US Presidential elections, Microsoft says.… This article has been indexed…

Read more →

Windows encryption feature defeated by $10 and a YouTube tutorial We’re very familiar with the many projects in which Raspberry Pi hardware is used, from giving old computers a new lease of life through to running the animated displays so…

Read more →

Cloud version is safe, but no assurances offered about possible on-prem exploits JetBrains is encouraging all users of TeamCity (on-prem) to upgrade to the latest version following the disclosure of a critical vulnerability in the CI/CD tool.… This article has…

Read more →