Anyscale claims issue is ‘long-standing design decision’ – as users are raided by intruders Thousands of companies remain vulnerable to a remote-code-execution bug in Ray, an open-source AI framework used by Amazon, OpenAI, and others, that is being abused by…
Category: The Register – Security
Meta accused of snarfing people’s Snapchat data via traffic decryption
I ain’t afraid of no ghosts, but in this case… To spy on rival Snapchat and get data on how the app was being used, Meta – when it was operating as Facebook – allegedly initiated a program called Project…
Google reveals zero-day exploits in enterprise tech surged 64% last year
Crooks know where the big bucks are Zero-day exploits targeting enterprise-specific software and appliances are now outpacing zero-day bugs overall, according to Google’s threat hunting teams.… This article has been indexed from The Register – Security Read the original article:…
Street newspaper appears to have Big Issue with Qilin ransomware gang
The days of cybercriminals having something of a moral compass are over The parent company of The Big Issue, a street newspaper and social enterprise for homeless people, is wrestling with a cybersecurity incident claimed by the Qilin ransomware gang.……
The easy road to pervasive DLP
How Forcepoint Data Security Everywhere does what it says on the tin Sponsored Post The coronavirus pandemic appears to have changed the employment landscape forever, with estimates suggesting that up to a quarter of staff still spend some of their…
Uncle Sam’s had it up to here with ‘unforgivable’ SQL injection flaws
Software slackers urged to up their game The US has clearly had enough of software vendors shipping products with “unforgivable” vulnerabilities, and is now urging them to launch formal code reviews to stamp out SQL injection flaws.… This article has…
Ransomware can mean life or death at hospitals, but DEF CON hackers have a plan
ARPA-H joins the challenge, adds $20M to cash rewards Interview As ransomware gangs target critical infrastructure – especially hospitals and other healthcare organizations – DARPA has added another government agency partner to its Artificial Intelligence Cyber Challenge (AIxCC).… This article…
FreeBSD Foundation hands out Beacon gongs for safer software
Multiple CHERI-related projects win money for important research that prizes safety over speed The inaugural Beacon Awards has handed three prizes to projects working on safer software for CHERI-enabled hardware running on the CheriBSD operating system.… This article has been…
UK elections are unaffected by China’s cyber-interference, says deputy PM
Sanctions galore for APT31, which has been blamed for two major attacks on democracy The UK’s deputy prime minister, Oliver Dowden, says China has been unsuccessful in its attempts to undermine UK elections.… This article has been indexed from The…
Row breaks out over true severity of two DNSSEC flaws
Some of us would be happy being rated 7.5 out of 10, just sayin’ Two DNSSEC vulnerabilities were disclosed last month with similar descriptions and the same severity score, but they are not the same issue.… This article has been…
New Zealand to world: China attacked us, too!
Reveals 2021 incident that saw parliamentary agencies briefly probed The government of South Pacific island nation New Zealand has revealed that it, too, has been attacked by China.… This article has been indexed from The Register – Security Read the…
US charges Chinese nationals with cyber-spying on pretty much everyone for Beijing
Plus: Alleged front sanctioned, UK blames PRC for Electoral Commission theft, and does America need a Cyber Force? The United States on Monday accused seven Chinese men of breaking into computer networks, email accounts, and cloud storage belonging to numerous…
Chinese nationals charged with cyber-spying on US biz and more for Beijing
Plus: Alleged front sanctioned, UK blames PRC for Electoral Commission theft, and does America need a Cyber Force? The United States on Monday accused seven Chinese men of breaking into computer networks, email accounts, and cloud storage belonging to numerous…
Over 170K users caught up in poisoned Python package ruse
Supply chain attack targeted GitHub community of Top.gg Discord server More than 170,000 users are said to have been affected by an attack using fake Python infrastructure with “successful exploitation of multiple victims.”… This article has been indexed from The…
Over 170K users hit by poisoned Python package ruse
Supply chain attack targeted GitHub community of Top.gg Discord server More than 170,000 users have been affected by an attack using fake Python infrastructure with “successful exploitation of multiple victims.”… This article has been indexed from The Register – Security…
Tech trade union confirms cyberattack behind IT, email outage
Systems have been pulled offline as a precaution Exclusive The Communications Workers Union (CWU), which represents hundreds of thousands of employees in sectors across the UK economy including tech and telecoms, is currently working to mitigate a cyberattack.… This article…
Mozilla fixes $100,000 Firefox zero-days following two-day hackathon
Users may have to upgrade twice to protect their browsers Mozilla has swiftly patched a pair of critical Firefox zero-days after a researcher debuted them at a Vancouver cybersec competition.… This article has been indexed from The Register – Security…
GoFetch security exploit can’t be disabled on M1 and M2 Apple chips
For now, cryptographic work should be run on slower Icestorm cores The GoFetch vulnerability found on Apple M-series and Intel Raptor Lake CPUs has been further unpacked by the researchers who first disclosed it.… This article has been indexed from…
Time to examine the anatomy of the British Library ransomware nightmare
Mistakes years in the making tell a universal story that must not be ignored Opinion Quiz time: name one thing you know about the Library of Alexandria. Points deducted for “it’s a library. In Alexandria.” Looking things up is cheating…
That Asian meal you eat on holidays could launder money for North Korea
United Nations finds IT contract and crypto scams are just two of DPRK’s illicit menu items If you dine out at an Asian restaurant on your next holiday, the United Nations thinks your meal could help North Korea to launder…