Category: The Register – Security

Irony alerts: Open Web Application Security Project Foundation suffers lapse A misconfigured MediaWiki web server allowed digital snoops to access members’ resumes containing their personal details at the Open Web Application Security Project (OWASP) Foundation.… This article has been indexed…

Read more →

Nothing says ‘sorry’ like 10 percent off shipping for a month Ecommerce platform Pandabuy has apologized after two cybercriminals were spotted hawking personal data belonging to 1.3 million customers.… This article has been indexed from The Register – Security Read…

Read more →

Simple stuff like slapping on a logo fools more folks and travels further As hundreds of millions of voters around the globe prepare to elect their leaders this year, there’s no question that trolls will try to sway the outcomes…

Read more →

Cloud cyber resilience model could raise $700M despite $278M losses Cloud security provider Rubrik has filed for an IPO on the New York Stock Exchange following a flurry of similar flotations.… This article has been indexed from The Register –…

Read more →

Victims of the powerful surveillance tool will soon find out the truth Former Polish government officials may face criminal charges following an investigation into their use of the notorious spyware Pegasus to surveil political opponents and others.… This article has…

Read more →

This follows attack on NHS services in Scotland last week The cyber skids at INC Ransom are claiming responsbility for the ongoing cybersecurity incident at Leicester City Council, according to a post caught by eagle-eyed infosec watchers.… This article has…

Read more →

Senders of more than 5K messages a day are in the crosshairs It was 20 years ago on Monday that Google unleashed Gmail on the world, and the chocolate factory is celebrating with new rules that just might, hopefully, cut…

Read more →

Ye cannae change the laws of physics, but you can change your mind Opinion  Apple is good at security. It’s good at processors. Thus GoFetch, a major security flaw in its processor architecture, is a double whammy.… This article has…

Read more →

PLUS: Google Cloud ANZ boss departs; Japan revives airliner ambitions; China-linked attackers target Asian entities ASIA IN BRIEF  Singapore’s Monetary Authority on Monday launched an application, intuitively named “COllaborative Sharing of Money Laundering/TF Information & Cases” (COSMIC for short, obviously)…

Read more →

At least not until Redmond’s government edition is ready to roll Staff working at the US House Of Representatives have been barred from using Microsoft’s Copilot chatbot and AI productivity tools, pending the launch of a version tailored to the…

Read more →

This time, we got lucky. It mostly affected bleeding-edge distros. But that’s not a defense strategy Analysis  The discovery last week of a backdoor in a widely used open source compression library called xz could have been a security disaster…

Read more →

Also, TheMoon botnet back for EoL SOHO routers, Sellafield to be prosecuted for ‘infosec failures’, plus critical vulns Infosec in brief  Nearly a year on from the discovery of a massive data theft at healthcare biz Harvard Pilgrim, and the…

Read more →

Theresa Payton on why US needs a national privacy law Interview  Congress is mulling legislation that will require TikTok’s Chinese parent ByteDance to cut ties with the video-sharing mega-app, or the social network will be banned in the USA.… This…

Read more →

Time to update that password – and four-digit account pin, which was also among the pilfered records That rumored AT&T dark web customer data dump from mid-March has been confirmed, and it’s a whopper: A total of more than 73…

Read more →

Code shines up nicely in production, says Chocolate Factory’s Bergstrom Echoing the past two years of Rust evangelism and C/C++ ennui, Google reports that Rust shines in production, to the point that its developers are twice as productive using the…

Read more →

Red Hat in all caps says STOP USAGE OF ANY FEDORA RAWHIDE INSTANCES Red Hat on Friday warned that a malicious backdoor found in the widely used data compression library called xz may be present in Fedora Linux 40 and…

Read more →

Red Hat in all caps says STOP USAGE OF ANY FEDORA RAWHIDE INSTANCES Red Hat on Friday warned that a malicious backdoor found in the widely used data compression library called xz may be present in Fedora Linux 40, 41,…

Read more →

CVE-2024-1086 turns the page tables on system admins A Linux privilege-escalation proof-of-concept exploit has been published that, according to the bug hunter who developed it, typically works effortlessly on kernel versions between at least 5.14 and 6.6.14. … This article has…

Read more →

Vendor takes hardline approach to patch disclosure to new levels JetBrains TeamCity users are urged to apply the latest version upgrade this week after the vendor disclosed 26 new security issues in the CI/CD web application.… This article has been…

Read more →

Flaws enable privilege escalation and remote code execution Nvidia’s AI-powered ChatRTX app launched just six week ago but already has received patches for two security vulnerabilities that enabled attack vectors, including privilege escalation and remote code execution.… This article has…

Read more →