Category: The Register – Security

Untold harms of holding the corporate perimeter revealed in extensive series of interviews Ransomware attacks are being linked to a litany of psychological and physical illnesses reported by infosec professionals, and in some cases blamed for hospitalizations.… This article has…

Read more →

Just when you thought you had recovered from Bleed Two vulnerabilities in NetScaler’s ADC and Gateway products have been fixed – but not before criminals found and exploited them, according to the vendor.… This article has been indexed from The…

Read more →

The threat hunters believe COLDRIVER has used SPICA since at least November 2022 Russian cyberspies linked to the Kremlin’s Federal Security Service (FSB) are moving beyond their usual credential phishing antics and have developed a custom backdoor that they started…

Read more →

8-year-old op responsible for DDoS attacks and commandeering broadcasts to push war material Security researchers have pinned a DDoS botnet that’s infected potentially millions of smart TVs and set-top boxes to an eight-year-old cybercrime syndicate called Bigpanzi.… This article has…

Read more →

How an integrated platform can streamline the management overhead, improve cloud security and boost threat visibility Sponsored Post  Reports suggest that forward-looking organisations are ditching legacy point-based cloud security offerings and replacing them with more efficient integrated platforms which slash…

Read more →

Pen-tester accessed more than 650,000 sensitive messages, and still can, at Indian outfit using Toyota SaaS Toyota Tsusho Insurance Broker India (TTIBI), an Indo-Japanese joint insurance venture, operated a misconfigured server that exposed more than 650,000 Microsoft-hosted email messages to…

Read more →

So much for isolation A design flaw in GPU drivers made by Apple, Qualcomm, AMD, and likely Imagination can be exploited by miscreants on a shared system to snoop on fellow users.… This article has been indexed from The Register…

Read more →

Paying one that lied to you and only saved the first 20 rows of each table Publicly exposed PostgreSQL and MySQL databases with weak passwords are being autonomously wiped out by a malicious extortion bot – one that marks who…

Read more →

Uninstall the update or edit the Windows registry to restore order The latest Windows Server 2022 patch has broken the Chrome browser, and short of uninstalling the update, a registry hack is the only way to restore service for affected…

Read more →

ICO slaps penalties on two businesses that collectively made more than 3 million cold calls Another week and yet another couple of pesky cold callers face fines from the UK’s data privacy watchdog for “bombarding” unsuspecting households with marketing messages…

Read more →

.SBS gTLD once owned by Australian broadcaster is another source of strife Scammers are buying up cheap domain names to host sites that sell dodgy health products using fake articles, according to cybercrime disruption outfit Netcraft.… This article has been…

Read more →

It pays not to be Huawei, and the US military can be lucrative, too Comment  A vendor establishing a business unit dedicated to government sales is not new or unusual. But Finnish telecommunications giant Nokia’s decision to do so in…

Read more →

Infecting networks via years-old CVEs that should have been patched by now Crooks are exploiting years-old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet, according to the FBI and the Cybersecurity and Infrastructure Security Agency (CISA).… This…

Read more →

Watch this webinar to find out how Zero Trust fits into the edge security ecosystem Commissioned  Edge security is a growing headache. The attack surface is expanding as more operational functions migrate out of centralized locations and into distributed sites…

Read more →

You didn’t have anything else to do this Tuesday, right? VMware and Atlassian today disclosed critical vulnerabilities and, while neither appear to have been exploited by miscreants yet, admins should patch now to avoid disappointment.… This article has been indexed…

Read more →

You didn’t have anything else to do this Tuesday, right? VMware and Atlassian today disclosed critical vulnerabilities and, while neither appear to have been exploited by miscreants yet, admins should patch now to avoid disappointment.… This article has been indexed…

Read more →

Majority of public-facing devices still unpatched against critical vulns from as far back as 2022 More than 178,000 SonicWall firewalls are still vulnerable to years-old vulnerabilities, an infosec reseacher claims.… This article has been indexed from The Register – Security…

Read more →

Customers still patchless and mitigation only goes so far There’s a “reasonable chance” that Ivanti Connect Secure (ICS) VPN users are already compromised if they didn’t apply the vulnerability mitigation released last week, experts say.… This article has been indexed…

Read more →

‘Inaccessible and autonomous armed group territories’ host crooks who use tech to launder cash, run slave scam gangs, and more Global crime networks have set up shop in autonomous territories run by armed gangs across Southeast Asia, and are using…

Read more →

Yet more support for the argument to adopt memory-safe languages More than 11,500 Juniper Networks devices are exposed to a new remote code execution (RCE) vulnerability, and infosec researchers are pressing admins to urgently apply the patches.… This article has…

Read more →