Category: The Register – Security

It pays not to be Huawei, and the US military can be lucrative, too Comment  A vendor establishing a business unit dedicated to government sales is not new or unusual. But Finnish telecommunications giant Nokia’s decision to do so in…

Read more →

Infecting networks via years-old CVEs that should have been patched by now Crooks are exploiting years-old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet, according to the FBI and the Cybersecurity and Infrastructure Security Agency (CISA).… This…

Read more →

Watch this webinar to find out how Zero Trust fits into the edge security ecosystem Commissioned  Edge security is a growing headache. The attack surface is expanding as more operational functions migrate out of centralized locations and into distributed sites…

Read more →

You didn’t have anything else to do this Tuesday, right? VMware and Atlassian today disclosed critical vulnerabilities and, while neither appear to have been exploited by miscreants yet, admins should patch now to avoid disappointment.… This article has been indexed…

Read more →

You didn’t have anything else to do this Tuesday, right? VMware and Atlassian today disclosed critical vulnerabilities and, while neither appear to have been exploited by miscreants yet, admins should patch now to avoid disappointment.… This article has been indexed…

Read more →

Majority of public-facing devices still unpatched against critical vulns from as far back as 2022 More than 178,000 SonicWall firewalls are still vulnerable to years-old vulnerabilities, an infosec reseacher claims.… This article has been indexed from The Register – Security…

Read more →

Customers still patchless and mitigation only goes so far There’s a “reasonable chance” that Ivanti Connect Secure (ICS) VPN users are already compromised if they didn’t apply the vulnerability mitigation released last week, experts say.… This article has been indexed…

Read more →

‘Inaccessible and autonomous armed group territories’ host crooks who use tech to launder cash, run slave scam gangs, and more Global crime networks have set up shop in autonomous territories run by armed gangs across Southeast Asia, and are using…

Read more →

Yet more support for the argument to adopt memory-safe languages More than 11,500 Juniper Networks devices are exposed to a new remote code execution (RCE) vulnerability, and infosec researchers are pressing admins to urgently apply the patches.… This article has…

Read more →

The bug with a perfect 10 severity score has been ripe for exploitation since May GitLab admins should apply the latest batch of security patches pronto given the new critical account-bypass vulnerability just disclosed.… This article has been indexed from…

Read more →

Also, iOS spyware abused Apple’s own ECC, breach victim says it can’t figure out what hackers took, and some critical vulns Infosec in brief  The US Federal Trade Commission has secured its first data broker settlement agreement, prohibiting X-Mode Social…

Read more →

Infosec academic suggests Beijing’s warning that iThing owners aren’t anonymous deserves attention outside the great firewall too In June 2023 China made a typically bombastic announcement: operators of short-distance ad hoc networks must ensure they run according to proper socialist…

Read more →

Check out the top 12 must see Rubrik product demos of 2023 for tips on how to foil attacks in 2024 Sponsored Post  Rubrik has combed through its archive to find what it judges to be the top 12 must-see…

Read more →

Infosec academic suggests Beijing’s warning that iThing owners aren’t anonymous deserves attention outside the great firewall, too In June 2023 China made a typically bombastic announcement: operators of short-distance ad hoc networks must ensure they run according to proper socialist…

Read more →

Snoops had no fewer than five custom bits of malware to hand to backdoor networks Two zero-day bugs in Ivanti products were likely under attack by cyberspies as early as December, according to Mandiant’s threat intel team.… This article has…

Read more →

Phemedrone Stealer loots drives for passwords, cookies, login tokens, etc Criminals are exploiting a Windows Defender SmartScreen bypass vulnerability to infect PCs with Phemedrone Stealer, a malware strain that scans machines for sensitive information – passwords, cookies, authentication tokens, you…

Read more →

Phemedrone Stealer loots drives for passwords, cookies, login tokens, etc Criminals are exploiting a Windows Defender SmartScreen bypass vulnerability to infect PCs with Phemedrone Stealer, a malware strain that scans machines for sensitive information – passwords, cookies, authentication tokens, you…

Read more →

It’s taken months for crims to hack together a working exploit chain Security experts claim ransomware criminals have got their hands on a functional exploit for a nearly year-old critical Microsoft SharePoint vulnerability that was this week added to the…

Read more →

Criminal scored $2M in crypto proceeds but ends up in ‘cuffs following property raid The criminal thought to be behind a multimillion-dollar cryptojacking scheme is in custody following a Europol-led investigation.… This article has been indexed from The Register –…

Read more →

How to have zero trust connectivity and optimize the remote user experience Webinar  Remote working has rapidly become the norm for many organizations and isn’t ever going away. But it still needs to be secure if it’s to be a…

Read more →