Category: The Register – Security

Local corporate regulator warns boards that cyber is totally a directorial duty Australia will build “six cyber shields around our nation” declared home affairs minister Clare O’Neill yesterday, as part of a national cyber security strategy.… This article has been…

Read more →

Flaws fixed in August, admins seem to have taken the summer off About 79 percent of public-facing Juniper SRX firewalls remain vulnerable to a single security flaw can allow an unauthenticated attacker to remotely execute code on the devices, according…

Read more →

Now-NASA boffin not impressed Last October, Pennsylvania State University (Penn State) was sued by a former chief information officer for allegedly falsifying government security compliance reports.… This article has been indexed from The Register – Security Read the original article:…

Read more →

Included secrets, private keys, passwords, 30,000+ internal Teams messages A Microsoft employee accidentally exposed 38 terabytes of private data while publishing a bucket of open-source AI training data on GitHub, according to Wiz security researchers who spotted the leaky account…

Read more →

Also, LockBit gets a new second stringer, AirTag owners find yet another illicit use, and this week’s critical vulns Infosec in brief  Californians may be on their way to the nation’s first “do not broker” list with the passage of…

Read more →

AMBERSQUID operation takes AWS’s paths less travelled in search of compute As cloud native computing continues to gain popularity, so does the risk posed by criminals seeking to exploit the unwary. One newly spotted method targets services on the AWS…

Read more →

Oh s#!t, Sherlock Israeli software maker Insanet has reportedly developed a commercial product called Sherlock that can infect devices via online adverts to snoop on targets and collect data about them for the biz’s clients.… This article has been indexed…

Read more →

Mandiant warns casino raiders are doubling down on ‘monetization strategies’ Scattered Spider, the crew behind at least one of the recent Las Vegas casino IT security breaches, has already hit some 100 organizations during its so-far brief tenure in the…

Read more →

Half a percent of last quarter’s net income? That’ll teach ’em Google has been hit with another lawsuit alleging it deceived users about its collection, storage, and use of their location data, this time from the state of California. Yet it’s…

Read more →

Are you the weakest link? The UK’s Greater Manchester Police (GMP) has admitted that crooks have got their mitts on some of its data after a third-party supplier responsible for ID badges was attacked.… This article has been indexed from…

Read more →

NoEscape promises ‘colossal wave of problems’ if IJC doesn’t pay up The International Joint Commission, a body that manages water rights along the US-Canada border, has confirmed its IT security was targeted, after a ransomware gang claimed it stole 80GB…

Read more →

Zero-days are so 2022. Why not just social engineer the help desk? Casino giant Caesars Entertainment has confirmed miscreants stole a database containing customer info, including driver license and social security numbers for a “significant number” of its loyalty program…

Read more →

Company noticed data warehouse break-in via compromised account a month later Cloud-based bug tracking and monitoring platform Rollbar has warned users that attackers have rifled through their data.… This article has been indexed from The Register – Security Read the…

Read more →

Homeland Security told to mind costs, fix up privacy controls Twice delayed and over budget, the US Department of Homeland Security (DHS) has been told by the Government Accountability Office (GAO) that it needs to correct shortcomings in its biometric…

Read more →

No, you CEO is not on Teams asking you to transfer money Deepfakes are coming for your brand, bank accounts, and corporate IP, according to a warning from US law enforcement and cyber agencies.… This article has been indexed from…

Read more →

Ransomware group nicked info from employee of airline, say researchers Aerospace giant Airbus has fallen victim to a data breach, thanks in part to the inattention of a third party.… This article has been indexed from The Register – Security…

Read more →

Cut and shut is so last century, now it’s copy and clone Researchers have found almost 15,000 automotive accounts for sale online and pointed at a credential-stuffing attack that targeted car makers.… This article has been indexed from The Register…

Read more →

Fun technique – but how practical is it? Some smart cookies at institutions in China and Singapore have devised a technique for reading keystrokes and pilfering passwords or passcodes from Wi-Fi-connected mobile devices on public networks, without any hardware hacking.……

Read more →

Pensioners, employees and medical pros among those aiming to be compensated for data exposure The number of claimants signing up to a Class Action against Capita over the infamous March cyber security break-in and subsequent data exposure keeps going up,…

Read more →

Running unsupported and unpatched versions of Exchange Server will do that to a country Sri Lanka’s Computer Emergency Readiness Team (CERT) is currently investigating a ransomware attack on the government’s cloud infrastructure that affected around 5,000 email accounts, it revealed…

Read more →