Category: The Register – Security

At least two extortion gangs abusing CVE-2023-4966, we’re told Citrix Bleed, the critical information-disclosure bug that affects NetScaler ADC and NetScaler Gateway, is now under “mass exploitation,” as thousands of Citrix NetScaler instances remain vulnerable, according to security teams.… This…

Read more →

US unlikely to get a bite of them at this rate, though For a period of two years between September 2019 and September 2021, two Americans and two Russians allegedly compromising the taxi dispatch system at John F. Kennedy International…

Read more →

US outfit scrambles to repair operations, restore processing of online orders Ace Hardware appears to have been the latest organization to succumb to a cyberattack, judging by its website and a message from CEO John Venhuizen.… This article has been…

Read more →

Follows similar efforts from the SEC and DHS in recent months The US has approved mandatory data breach reporting requirements that impose a 30-day deadline for non-banking financial organizations to report incidents.… This article has been indexed from The Register…

Read more →

Internet, phone lines, websites, and more went down on Saturday morning The British Library has confirmed to The Register that a “cyber incident” is the cause of a “major” multi-day IT outage.… This article has been indexed from The Register…

Read more →

‘No question’ it will solve more crimes, Tory MP claims A UK minister for policing has called for forces to double their use of algorithmic-assisted facial recognition in a bid to snare more criminals.… This article has been indexed from…

Read more →

If you’re in the EU, EEA, or Switzerland From November, it will be possible to pay Meta to stop shoveling ads in your Instagram or Facebook feeds and slurping your data for marketing purposes so long as you live in…

Read more →

Risk of ‘significant data loss’ for on-prem customers Atlassian has told customers they “must take immediate action” to address a newly discovered flaw in its Confluence collaboration tool.… This article has been indexed from The Register – Security Read the…

Read more →

Not old enough to legally buy a beer, old enough for a 30-month term A 20-year-old Florida man has been sentenced to 30 months behind bars for his role in a SIM-swapping ring that stole nearly $1 million in cryptocurrency…

Read more →

Just tricks, no treats with these 3 vulns Three unpatched high-severity bugs in the NGINX ingress controller can be abused by miscreants to steal credentials and other secrets from Kubernetes clusters. … This article has been indexed from The Register –…

Read more →

Researchers just scratching surface of their understanding of campaign dating back to 2020 Security researchers have uncovered a multi-year cryptojacking campaign they claim autonomously clones GitHub repositories and steals their exposed AWS credentials.… This article has been indexed from The…

Read more →

This marks the third criminal intrusion at the institution in as many years Stanford University has confirmed it is “investigating a cybersecurity incident” after an attack last week by the Akira ransomware group.… This article has been indexed from The…

Read more →

ALSO: CISA begs for a consistent budget, Las Vegas school breach; Nigeria arrests six cyber princes, the week’s critical vulnerabilities Security In Brief  Notorious ransomware gang LockBit has reportedly exfiltrated “a tremendous amount of sensitive data from aerospace outfit Boeing.……

Read more →

Not exactly the MAC daddy Three years after Apple introduced a menu setting called Private Wi-Fi Address, a way to spoof network identifiers called MAC addresses, the privacy protection may finally work as advertised, thanks to a software fix.… This…

Read more →

Fixes came earlier than scheduled as vulnerability became known to outsiders F5 has issued a fix for a remote code execution (RCE) bug in its BIG-IP suite carrying a near-maximum severity score.… This article has been indexed from The Register…

Read more →

Gang thought to be behind attack on MGM Resorts has a skillset larger than most cybercrime groups in existence Microsoft’s latest report on “one of the most dangerous financial criminal groups” operating offers security pros an abundance of threat intelligence…

Read more →

It’s now up to Ofcom to sort out this messy legislation With the assent of King Charles, the United Kingdom’s Online Safety Act has become law, one that the British government says will “make the UK the safest place in…

Read more →

Researcher who publicized issue brands company’s communication ‘appalling’ ServiceNow is issuing a fix for a flaw that exposes data after a researcher published a method for unauthenticated attackers to steal an organization’s sensitive files.… This article has been indexed from…

Read more →

Russian have shifted tactics in the first half of 2023, with mixed results The Ukrainian State Service of Special Communications and Information Protection (SSSCIP) has claimed that Russian cyberspies are targeting its servers looking for data about alleged Kremlin-backed war…

Read more →

Progress Software vulnerability ID’d in enormous burglary at Ontario’s BORN Canada’s Better Outcomes Registry & Network (BORN) fears a MOVEit breach allowed cybercriminals to copy 3.4 million people’s childcare health records dating back more than a decade.… This article has…

Read more →