Category: The Register – Security

How F5 Distributed Cloud Services seal security gaps in modern app development amid growing attack surface Partner Content  Application programming interfaces (APIs) play a significant role in today’s digital economy, but at the same time they can also represent a…

Read more →

Atlassian systen compromised via October Okta intrusion Cloudflare has just detailed how suspected government spies gained access to its internal Atlassian installation using credentials stolen via a security breach at Okta in October.… This article has been indexed from The…

Read more →

Senate, House can try but won’t make it past the Prez, says White House The Biden administration has expressed to congressional representatives its strong opposition to undoing the Securities and Exchange Commission’s (SEC) strict data breach reporting rule.… This article…

Read more →

Defenses need a rethink in face of increasing sophistication Cyber attacks using AI-generated deepfakes to bypass facial biometrics security will lead a third of organizations to doubt the adequacy of identity verification and authentication tools as standalone protections.… This article…

Read more →

Senate, House can try but won’t make it past the Prez, says White House The Biden administration has expressed to congressional representatives its strong opposition to undoing the Securities and Exchange Commission’s (SEC) strict data breach reporting rule.… This article…

Read more →

It even had the gall to set the ransom demand at $800K … for a nonprofit Ransomware gang LockBit is claiming responsibility for an attack on a Chicago children’s hospital in an apparent deviation from its previous policy of not…

Read more →

American public are way ahead of them Chinese attackers are preparing to “wreak havoc” on American infrastructure and “cause societal chaos” in the US, infosec, and law enforcement bosses told a US House committee on Wednesday.… This article has been…

Read more →

It’s almost like years of false assurances have made people realize payments are pointless Trusting a ransomware crew to honor a deal isn’t the greatest idea, and the world seems to be waking up to that. The number of victims…

Read more →

Remotely disinfects Cisco and Netgear routers to block Chinese critters China’s Volt Typhoon attackers used “hundreds” of outdated Cisco and NetGear routers infected with malware in an attempt to break into US critical infrastructure facilities, according to the Justice Department.……

Read more →

Evidence mounts of an exploit gatekept within Russia’s borders Security researchers believe the Akira ransomware group could be exploiting a nearly four-year-old Cisco vulnerability and using it as an entry point into organizations’ systems.… This article has been indexed from…

Read more →

This isn’t going to end well Volt Typhoon, the Chinese government-backed cyberspies whose infrastructure was at least partially disrupted by Uncle Sam, has been honing in on other US energy, satellite and telecommunications systems, according to Robert Lee, CEO of…

Read more →

Many versions still without fixes while sophisticated attackers bypass mitigations Ivanti has finally released the first round of patches for vulnerability-stricken Connect Secure and Policy Secure gateways, but in doing so has also found two additional zero-days, one of which…

Read more →

Invaders inveigle infrastructure The US Justice Department and FBI may have scored a win over Chinese state-sponsored snoops trying to break into American critical infrastructure.… This article has been indexed from The Register – Security Read the original article: US…

Read more →

Multiple publicly available exploits have since been published for the critical flaw The number of public-facing installs of Jenkins servers vulnerable to a recently disclosed critical vulnerability is in the tens of thousands.… This article has been indexed from The…

Read more →

Vendor gets tangled in its own web of undisclosed vulnerabilities Juniper Networks has disclosed separate vulnerabilities it was previously accused of concealing, and apologized to customers for the error in communication.… This article has been indexed from The Register –…

Read more →

Questionable institutional change and myriad IT issues pervade the governance landscape The farewell report written by the UK’s biometrics and surveillance commissioner highlights a litany of failings in the Home Office’s approach to governing the technology.… This article has been…

Read more →

18,000 customers, including the Pentagon and Microsoft, may have other thoughts SolarWinds – whose network monitoring software was backdoored by Russian spies so that the biz’s customers could be spied upon – has accused America’s financial watchdog of seeking to…

Read more →

ALSO: Samsung turns to Baidu for Galaxy AI in China; Terraform Labs files for bankruptcy; India’s supercomputing ambitions Asia In Brief  Indian infosec firm CloudSEK last week claimed it found records describing 750 million Indian mobile network subscribers on the…

Read more →

ALSO: SEC admits to X account negligence; New macOS malware family appears; and some critical vulns Infosec in brief  Trend Micro’s Zero Day Initiative (ZDI) held its first-ever automotive-focused Pwn2Own event in Tokyo last week, and awarded over $1.3 million…

Read more →

Step one, actually turn on MFA Microsoft, a week after disclosing that Kremlin-backed spies broke into its network and stole internal emails and files from its executives and staff, has now confirmed the compromised corporate account used in the genesis…

Read more →