Category: The Register – Security

Miscreants mock Google-owned security house: ‘Change password please’ Miscreants took over security giant Mandiant’s Twitter account for several hours on Wednesday in an attempt to steal cryptocurrency, then trolled the Google-owned security shop, telling its admins to change the password.……

Read more →

Users apparently at fault after reusing credentials the company didn’t check were already compromised 23andMe users’ godawful password practices were supposedly to blame for the biotech company’s October data disaster, according to its legal reps.… This article has been indexed…

Read more →

No 2FA or special characters to prevent database takeover and BGP hijack A weak password exposed by infostealer malware is being blamed after a massive outage at Orange Spain disrupted around half of its network’s traffic.… This article has been…

Read more →

Headline-grabbing takedowns are nice, but long-term solutions require short-term sacrifices Comment  In some ways, the ransomware landscape in 2023 remained unchanged from the way it looked in previous years. Vendor reports continue to show a rise in attacks, major organizations…

Read more →

Also: Remember that balloon over the US last February? It might have used a US internet provider Four Chinese balloons have reportedly floated over the Taiwan Strait, three of them crossing over the island’s land mass and near its Ching-Chuan-Kang…

Read more →

Unpleasant Christmas package lets malware down the chimney Microsoft has disabled a protocol that allowed the installation of Windows apps after finding that miscreants were abusing the mechanism to install malware.… This article has been indexed from The Register –…

Read more →

Pay up, or just decline to submit One of America’s biggest private freight shippers, Estes Express Lines, has told more than 20,000 customers that criminals stole their personal information.… This article has been indexed from The Register – Security Read…

Read more →

IT service company’s latest move to clear its maturing debts French IT services provider Atos has entered talks with Airbus to sell its tech security division in an effort to ease its financial burdens.… This article has been indexed from…

Read more →

Company’s removal from ransomware gang’s leak blog could mean negotiations underway Xerox has officially confirmed that a cyber baddie broke into the systems of its US subsidiary – a week after INC Ransom claimed to have exfiltrated data from the…

Read more →

With the average demand hitting $1.5 million, something’s gotta change Emsisoft has called for a complete ban on ransom payments following another record-breaking year of digital extortion.… This article has been indexed from The Register – Security Read the original…

Read more →

Now every miscreant is jumping on Big G’s OAuth account security hole Security researchers say info-stealing malware can still access victims’ compromised Google accounts even after passwords have been changed.… This article has been indexed from The Register – Security…

Read more →

From legal proceedings to potential YouTube fodder The court system of Victoria, Australia, was subject to a suspected ransomware attack in which audiovisual recordings of court hearings may have been accessed.… This article has been indexed from The Register –…

Read more →

Cleaning up after hackers is easy compared to surviving the politics of consultancy On Call  It’s the last Friday of 2023, but because the need for tech support never goes away neither does On Call, The Register’s Friday column in…

Read more →

What can be learned from MGM’s and Caesars’ infosec moves Feature  The same cybercrime crew broke into two high-profile Las Vegas casino networks over the summer, infected both with ransomware, and stole data belonging to tens of thousands of customers…

Read more →

‘This is no ordinary vulnerability’ sec pros explain Kaspersky’s Global Research and Analysis Team (GReAT) has exposed a previously unknown ‘feature’ in Apple iPhones that allows attackers to bypass hardware-based memory protection.… This article has been indexed from The Register…

Read more →

Also: International cops crackdown on credit card stealers and patch these critical vulns Iranian cyberspies are targeting defense industrial base organizations with a new backdoor called FalseFont, according to Microsoft.… This article has been indexed from The Register – Security…

Read more →

How do you break into the bad guys’ ranks? Master the lingo and research, research, research Feature  When AlphV/BlackCat’s website went dark this month, it was like Chrimbo came early for cybersecurity defenders, some of whom seemingly believed law enforcement…

Read more →

Arion Kurtaj will remain hospitalized until a mental health tribunal says he can leave Two British teens who were members of the Lapsus$ gang have been sentenced for their roles in a cyber-crime spree that included compromising Uber, Nvidia, and…

Read more →

Seriously, people – please check the stuff you fetch more carefully Security vendor Sonatype believes developers are failing to address the critical remote code execution (RCE) vulnerability in the Apache Struts 2 framework, based on recent downloads of the code.……

Read more →

DOM-XSS attacks have become scarce on Google websites since TT debuted Mozilla last week revised its position on a web security technology called Trusted Types, which it has decided to implement in its Firefox browser.… This article has been indexed…

Read more →