Category: The Register – Security

Rackspace racks up $12M bill in ransomware raid recovery

And that’s not counting the incoming lawsuits Rackspace’s costs from last year’s ransomware infection continue to mount: the cloud hosting biz told America’s financial watchdog, the SEC, its total expenses to date regarding that cyberattack have reached $12 million –…

BlackCat plays with malvertising traps to lure corporate victims

Ads for Slack and Cisco AnyConnect actually downloaded Nitrogen malware Affiliates of the ALPHV/BlackCat ransomware-as-a-service operation are turning to malvertising campaigns to establish an initial foothold in their victims’ systems.… This article has been indexed from The Register – Security…

Google Workspace weaknesses allow plaintext password theft

Exploits come with caveats, but Google says no fixes as user security should do the heavy lifting here Novel weaknesses in Google Workspace have been exposed by researchers, with exploits potentially leading to ransomware attacks, data exfiltration, and password decryption.……

How cyber training can help you beat the bad guys

No matter what stage your security career is at, SANS has resources that will add to your knowledge Sponsored Post  Fighting cybercrime demands constant vigilance and can be a huge drain on time and resources. So it’s good to know…

AMD SEV OMG: Trusted execution undone by cache meddling

Let’s do the CacheWarp again Boffins based in Germany and Austria have found a flaw in AMD’s SEV trusted execution environment that makes it less than trustworthy.… This article has been indexed from The Register – Security Read the original…

Intel out-of-band patch addresses privilege escalation flaw

Sapphire Rapids, Alder Lake, and Raptor Lake chip families treated for ‘Redundant Prefix’ Intel on Tuesday issued an out-of-band security update to address a privilege escalation vulnerability in recent server and personal computer chips.… This article has been indexed from…

Ransomware royale: US confirms Royal, BlackSuit are linked

Royal alone scored $275M in past year as FBI, other agencies hot on merging trail The US’ Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) have released fresh guidance on the Royal ransomware operation, saying that…

Introducing the tech that keeps the lights on

Genuinely new ideas are rare in IT – this superhero is ready to make a real difference Opinion  Cybersecurity has many supremely annoying aspects. It soaks up talent, time, and money like the English men’s football squad, and like that…

ICBC hit by ransomware impacting global trades

CitrixBleed patch has been available for around a month China’s largest bank, ICBC, was hit by ransomware that resulted in disruption of financial services (FS) systems on Thursday Beijing time, according to a notice on its website.… This article has…

Preventing data theft with ADX technology

Ensuring data stays secure even after cyberattack infiltration Webinar  Daily incursions are underway with the aim of removing every bit of data that you’ve got – the cyber criminals’ aim is to break in and get out again laden with…

Securing frontline Operational Technology environments

How Britvic outlawed security blind spots Webinar  Organisations in multiple industries often face risks which can severely impact their operational resilience. Cyber criminals like to use ransomware and vulnerable third-party connections to hijack operational technology (OT) systems which can stop…

Ex-GCHQ software dev jailed for stabbing NSA staffer

Terrorist ideology suspected to be motivation A former software developer for Britain’s cyberspy agency is facing years in the slammer after being sentenced for stabbing a National Security Agency (NSA) official multiple times.… This article has been indexed from The…

Boeing acknowledges cyberattack on parts and distribution biz

Won’t say if it’s LockBit, but LockBit appears to have claimed credit. Maybe payment, too Boeing has acknowledged a cyber incident just days after ransomware gang LockBit reportedly exfiltrated sensitive data from the aerospace defence contractor.… This article has been…

Cybercrooks amp up attacks via macro-enabled XLL files

Neither Excel nor PowerPoint safe as baddies continue to find ways around protections Cybercriminals are once again abusing macro-enabled Excel add-in (XLL) files in malware attacks at a vastly increased rate, according to new research.… This article has been indexed…

Meeting the challenge of OT security

Learn how Britvic eliminates blind spots in Operational Technology systems Webinar  Cyberattacks on industrial control systems are becoming more common, and there isn’t likely to be a let up any time soon.… This article has been indexed from The Register…

Ace holed: Hardware store empire felled by cyberattack

US outfit scrambles to repair operations, restore processing of online orders Ace Hardware appears to have been the latest organization to succumb to a cyberattack, judging by its website and a message from CEO John Venhuizen.… This article has been…

Cryptojackers steal AWS credentials from GitHub in 5 minutes

Researchers just scratching surface of their understanding of campaign dating back to 2020 Security researchers have uncovered a multi-year cryptojacking campaign they claim autonomously clones GitHub repositories and steals their exposed AWS credentials.… This article has been indexed from The…

LockBit alleges it boarded Boeing, stole ‘sensitive data’

ALSO: CISA begs for a consistent budget, Las Vegas school breach; Nigeria arrests six cyber princes, the week’s critical vulnerabilities Security In Brief  Notorious ransomware gang LockBit has reportedly exfiltrated “a tremendous amount of sensitive data from aerospace outfit Boeing.……

F5 hurriedly squashes BIG-IP remote code execution bug

Fixes came earlier than scheduled as vulnerability became known to outsiders F5 has issued a fix for a remote code execution (RCE) bug in its BIG-IP suite carrying a near-maximum severity score.… This article has been indexed from The Register…

A fortified data vault to give you peace of mind

Watch our webinar to hear more about comprehensive data protection from Zerto and HPE Webinar  It’s a challenge to maintain the availability and security of mission critical data in today’s environment. As IT teams know only too well, there’s no…