Category: The Register – Security

What can be learned from MGM’s and Caesars’ infosec moves Feature  The same cybercrime crew broke into two high-profile Las Vegas casino networks over the summer, infected both with ransomware, and stole data belonging to tens of thousands of customers…

Read more →

‘This is no ordinary vulnerability’ sec pros explain Kaspersky’s Global Research and Analysis Team (GReAT) has exposed a previously unknown ‘feature’ in Apple iPhones that allows attackers to bypass hardware-based memory protection.… This article has been indexed from The Register…

Read more →

Also: International cops crackdown on credit card stealers and patch these critical vulns Iranian cyberspies are targeting defense industrial base organizations with a new backdoor called FalseFont, according to Microsoft.… This article has been indexed from The Register – Security…

Read more →

How do you break into the bad guys’ ranks? Master the lingo and research, research, research Feature  When AlphV/BlackCat’s website went dark this month, it was like Chrimbo came early for cybersecurity defenders, some of whom seemingly believed law enforcement…

Read more →

Arion Kurtaj will remain hospitalized until a mental health tribunal says he can leave Two British teens who were members of the Lapsus$ gang have been sentenced for their roles in a cyber-crime spree that included compromising Uber, Nvidia, and…

Read more →

Seriously, people – please check the stuff you fetch more carefully Security vendor Sonatype believes developers are failing to address the critical remote code execution (RCE) vulnerability in the Apache Struts 2 framework, based on recent downloads of the code.……

Read more →

DOM-XSS attacks have become scarce on Google websites since TT debuted Mozilla last week revised its position on a web security technology called Trusted Types, which it has decided to implement in its Firefox browser.… This article has been indexed…

Read more →

Privacy review finds breach response plan is a mess, training could be better, but protection regime mostly holds up NASA’s Office of Inspector General has run its eye over the aerospace agency’s privacy regime and found plenty to like –…

Read more →

Why keeping your PC secure and free of malware remains paramount IBM Security has dissected some JavaScript code that was injected into people’s online banking pages to steal their login credentials, saying 50,000 user sessions with more than 40 banks…

Read more →

Research highlights how major attacks like those exploiting Booking.com are executed Cybercriminals are preying on the inherent helpfulness of hotel staff during the sector’s busy holiday season.… This article has been indexed from The Register – Security Read the original…

Read more →

Enforcement notice issued months after data regulator schooled police force Greater Manchester Police (GMP) must clear the backlog of hundreds of Freedom of Information (FOI) Act requests – some years old – or find itself in contempt of court.… This…

Read more →

No need to panic, but grab those updates or mitigations anyway just to be safe A vulnerability in the SSH protocol can be exploited by a well-placed adversary to weaken the security of people’s connections, if conditions are right.… This…

Read more →

Alleged crims used AI to pose as friends, family, romantic partners – and sold dodgy NFTs A transnational police operation has resulted in the arrest of 3,500 alleged cybercriminals and the seizure of $300 million in cash and digital assets.……

Read more →

35M-plus Comcast user IDs accessed by intruder via Citrix Bleed Millions of Comcast Xfinity subscribers’ personal data – including potentially their usernames, hashed passwords, contact details, and secret security question-answers – was likely stolen by one or more miscreants exploiting…

Read more →

Microsoft bug hunters highlight weaknesses in source-wrangling suite Four vulnerabilities in Perforce Helix Core Server, including one critical remote code execution bug, should be patched “immediately,” according to Microsoft, which spotted the flaws and disclosed them to the software vendor.……

Read more →

Domain seized while gang shrugs at loss of ‘stupid old key’ The US Justice Department is passing a decryptor to more than 500 victims of AlphV/BlackCat’s ransomware following a disruption campaign.… This article has been indexed from The Register –…

Read more →

Domain seized while gang shrugs at loss of ‘stupid old key’ The US Justice Department is passing a decryptor to more than 500 victims of AlphV/BlackCat’s ransomware following a disruption campaign.… This article has been indexed from The Register –…

Read more →

Experts say malware strain make take years to die off completely Multiple sources are confirming the resurgence of Qakbot malware mere months after the FBI and other law enforcement agencies shuttered the Windows botnet.… This article has been indexed from…

Read more →

Predatory Sparrow previously knocked out railways and a steel plant Hacktivists reportedly disrupted services at about 70 percent of Iran’s gas stations in a politically motivated cyberattack.… This article has been indexed from The Register – Security Read the original…

Read more →

Mortgage lender says no evidence of identity theft (yet) after SSNs, DoBs, addresses, more swiped Mortgage lender Mr Cooper has now admitted almost 14.7 million people’s private information, including addresses and bank account numbers, were stolen in an earlier IT…

Read more →