Category: The Register – Security

AT&T and Verizon refused to hand over the security assessments, says Cantwell US Senator Maria Cantwell (D-WA) has demanded that Google-owned incident response firm Mandiant hand over the Salt Typhoon-related security assessments of AT&T and Verizon that, according to the…

Read more →

Malicious code lurking in over 5,000 downloads, says Socket researcher Developer freelancing platform Toptal has been inadvertently spreading malicious code after attackers broke into its systems and began distributing malware through developer accounts.… This article has been indexed from The…

Read more →

Under oath in French Senate, exec says it would be compelled – however unlikely – to pass local customer info to US admin Microsoft says it “cannot guarantee” data sovereignty to customers in France – and by implication the wider…

Read more →

Policy management not affected, but some personal data may have been snaffled Business insurance and employment status specialist Qdos has confirmed that an intruder has stolen some customers personal data, according to a communication to tech contractors that was seen…

Read more →

Nobody thinks of running a website without HTTPs. Safer DNS still seems optional Systems Approach  Last week I turned on DNSSEC (Domain Name System Security Extensions) for the systemsapproach.org domain. No need to applaud; I was just trying to get…

Read more →

Plus she has to cough up a slice of Pyongyang’s payday An Arizona woman who ran a laptop farm from her home – helping North Korean IT operatives pose as US-based remote workers – has been sentenced to eight and…

Read more →

Good luck getting an appointment with your doctor The AMEOS Group, which runs over 100 hospitals across Europe, has shut down its entire network after crims busted in.… This article has been indexed from The Register – Security Read the…

Read more →

Shadowserver claims miscreants were already poking at a critical hole in early July, long before Switchzilla patched it Threat actors have actively exploited a newly patched vulnerability in Cisco’s Identity Services Engine (ISE) software since early July, weeks before the…

Read more →

Boffins insist your deepfake tracking tech won’t work Computer scientists with the University of Waterloo in Ontario, Canada, say they’ve developed a way to remove watermarks embedded in AI-generated images.… This article has been indexed from The Register – Security…

Read more →

Let the games begin Ransomware has officially entered the Microsoft SharePoint exploitation ring.… This article has been indexed from The Register – Security Read the original article: Microsoft: SharePoint attacks now officially include ransomware infections

Read more →

Some coyotes hunt squirrels, this one hunts users’ financial apps A new variant of the Coyote banking trojan abuses Microsoft’s UI Automation (UIA), making it the first reported malware to use UIA for credential theft.… This article has been indexed…

Read more →

Palantir, data brokers, and judicial overreach are all on the horizon, executive director Cindy Cohn warns Interview  In July 1990, before the World Wide Web even existed, an unusual alliance was formed to fight for the rights of the emerging…

Read more →

Malicious actor reportedly sought to expose AWS ‘security theater’ The official Amazon Q extension for Visual Studio Code (VS Code) was compromised to include a prompt to wipe the user’s home directory and delete all their AWS resources.… This article…

Read more →

French fashion house dishes out notices after hackers raided a client database – ShinyHunters suspected Fashion house Dior has begun dropping data breach notices after cybercrooks with a taste for high-end targets made off with customer data.… This article has…

Read more →

The “is” package was infected with cross-platform malware after a scam targeting maintainers The popular npm package “is” was infected with cross-platform malware, around the same time that linting utility packages used with the prettier code formatter were infected with…

Read more →

From scams to violence, the crimes extend beyond the digital realm A subset of an online group that recruits children and teens for contract shootings, kidnappings, and other real-life violent crimes poses a growing threat to youth, according to the…

Read more →

No screenshots for you! In an effort to protect user privacy, Brave browser 1.81 will prevent Microsoft Recall from screenshotting it by default.… This article has been indexed from The Register – Security Read the original article: Nothing to see…

Read more →

US DOE among breached government agencies More than 400 organizations have been compromised in the Microsoft SharePoint attack, according to Eye Security, which initially sounded the alarm on the mass exploitation last Friday, even before Redmond confirmed the critical vulnerabilities.……

Read more →

Despite pledging help for those who don’t sign for subs, Broadcom says validating their entitlements will delay support Exclusive  Some customers of Broadcom’s VMware business currently cannot access security patches, putting them at greater risk of attack.… This article has…

Read more →

All security questions are hard to answer, but these three are non-negotiable Partner content  We’ve all seen those seemingly straightforward security questions that snowball into multi-day research projects across dozens of consoles, spreadsheets, and manual queries. The reality is that…

Read more →