Category: The Register – Security

Sni5Gect research crew targets sweet spot during device / network handshake pause Security boffins have released an open source tool for poking holes in 5G mobile networks, claiming it can do up- and downlink sniffing and a novel connection downgrade…

Read more →

When you’re asking AI chatbots for answers, they’re data-mining you Opinion  Recently, OpenAI ChatGPT users were shocked – shocked, I tell you! – to discover that their searches were appearing in Google search. You morons! What do you think AI…

Read more →

If you wanted to hurt Putin’s ransomware racketeers, these info-stealing npm packages are one way to do it Researchers at software supply chain security outfit Safety think they’ve found malware that targets Russian cryptocurrency developers, and perhaps therefore Russia’s state-linked…

Read more →

PLUS: Kryptos solution up for auction; Canadian parliament springs a leak; Fake crypto lawyers; And more Infosec In Brief  New York State is suing bank-owned peer-to-peer payment app Zelle, claiming that the banks behind it knew fraud was rampant on…

Read more →

‘Hope for the best, but prepare for the worst,’ one tells The Reg Feature  Bill Gates, an Arizona election official and former Maricopa County supervisor, says that the death threats started shortly after the 2020 presidential election.… This article has…

Read more →

Is that a JuicyPotato on your network? A suspected Chinese-government-backed cyber crew recently broke into a Taiwanese web hosting provider to steal credentials and plant backdoors for long-term access, using a mix of open-source and custom software tools, Cisco Talos…

Read more →

Switchzilla’s summer of perfect 10s Cisco has issued a patch for a maximum-severity bug in its Secure Firewall Management Center (FMC) software that could allow an unauthenticated, remote attacker to inject arbitrary shell commands on vulnerable systems.… This article has…

Read more →

Who knew zero-days could be so useful to highway speedsters? The lingering effects of a cyberattack on the Public Prosecution Service of the Netherlands are preventing it from reactivating speed cameras across the country.… This article has been indexed from…

Read more →

London-based multinational takes customer portal and Voice API platform offline as ‘protective measure’ following breach Multinational telco Colt Technology Services says a “cyber incident” is to blame for its customer portal and other services being down for a number of…

Read more →

System prompt engineering turns benign AI assistants into ‘investigator’ and ‘detective’ roles that bypass privacy guardrails A team of boffins is warning that AI chatbots built on large language models (LLM) can be tuned into malicious agents to autonomously harvest…

Read more →

As £9 billion MoU sparks debate about value for money, it’s time to have your say Register debate series  It’s a lot of money, £9 billion ($12 billion). Especially for a government which finds itself — for whatever reason —…

Read more →

Some custom malware, some legit software tools At least a dozen ransomware gangs have incorporated kernel-level EDR killers into their malware arsenal, allowing them to bypass almost every major endpoint security tool on the market, escalate privileges, and ultimately steal…

Read more →

Government and police employee credentials sold at bargain-basement prices on underground forums Criminals are selling access to FBI and other law enforcement and government email accounts to other criminals via dark web marketplaces for as little as $40.… This article…

Read more →

Researchers had to notify over 100 vendors of flaw that builds on 2023’s Rapid Reset with neat twist past usual mitigations Security researchers Gal Bar Nahum, Anat Bremler-Barr, and Yaniv Harel have published details of a “common design flaw” in…

Read more →

The agency offered some tips for operational technology environments, where attacks are rising CISA is urging companies with operational technology environments to set a better cybersecurity posture, and not just by adopting some new best practices and purchasing some new…

Read more →

Turkish exchange is the latest victim of a recent spate of major crypto thefts Turkish cryptocurrency exchange BtcTurk is halting all deposits and withdrawals amid fears that blockchain bandits succeeded in significantly compromising its hot wallets.… This article has been…

Read more →

Moscow-linked miscreants accused of swiping sealed US court files and fiddling with a Norwegian dam’s floodgates Russian attackers reportedly spent months rummaging through the US federal court’s creaky case-management system, while Norway reckons the same Kremlin-friendly miscreants took control of…

Read more →

Nearly 100,000 records allegedly up for sale after apparent breach at booking system Italy’s digital agency (AGID) says a cybercriminal’s claims concerning a spate of data thefts affecting various hotels across the country are genuine.… This article has been indexed…

Read more →

Intruders accessed important systems but tells customers their data is safe A UK-based multinational that provides tech stock availability tools is telling customers that its website outage is due to a cyber attack.… This article has been indexed from The…

Read more →

Are UK taxpayers getting real value from SPA24 — or just high cost convenience? Register debate series  The UK government’s five-year Strategic Partnership Agreement (SPA24) with Microsoft is set to see public sector bodies spend around £1.9 billion each year—nearly…

Read more →