Category: The Register – Security

Ailing scaling blamed by Windows-maker for unreadable missives Microsoft’s update to harden Remote Desktop against phishing attacks has arrived. When users open a Remote Desktop (.rdp) file, they should now see a warning listing all requested connection settings – or…

Read more →

Missed flights and more means something has got to give at the border Greece is taking a flexible approach to introducing the European Union’s biometric Entry/Exit System (EES), after some British passport holders missed flights home following the system’s implementation…

Read more →

Nothing says ‘We want honest opinions’ like a 36,000-letter mailshot with no awkward questions allowed Members of the UK government’s People’s Panel on Digital ID will spend two weekends in Birmingham and three evenings on Zoom discussing how Britain should…

Read more →

FAST16 could be the first cyberweapon, and its effects could be with us today Black Hat Asia  Infosec outfit SentinelOne found malware that tries to induce errors in engineering and physics simulation software and therefore represents an attempt at sabotage,…

Read more →

Demonstrated in China, probably applicable elsewhere Black Hat Asia  Developers of rented internet of things infrastructure – stuff like public EV chargers and shared e-bikes – are prioritizing user convenience over security, and leaving themselves exposed to wide-scale denial of…

Read more →

Legit-looking website, camera-on interviews, jokes about backdoors … it worked EXCLUSIVE  It all started with a LinkedIn message, as so many employment scams do these days.… This article has been indexed from The Register – Security Read the original article:…

Read more →

All the Typhoons, everywhere, all at once A majority of China-linked threat actors are using compromised routers and IoT devices worldwide, turning this gear into proxy networks to carry out further intrusions, steal sensitive data, and disrupt victim organizations’ operations,…

Read more →

Push to protect minors risks hitting everyone online Proton’s boss has waded into the age verification fight with a warning that sounds less like child safety and more like an identity checkpoint for the entire internet.… This article has been…

Read more →

Wins $300M deal over Salesforce, IBM because of ‘integration with existing USDA systems,’ among other things Palantir has won a $300 million contract from the US Department of Agriculture (USDA) to support the National Farm Security Action Plan (NFSAP) and…

Read more →

World’s largest biomedical dataset lifted and shifted on Chinese mega marketplace Breaking  Details of volunteers of UK-based Biobank, which describes itself as the custodian of the world’s most comprehensive biomedical dataset, are for sale on Chinese ecommerce site Alibaba.… This…

Read more →

Windows Admin Center flaws mean on-prem can attack cloud, and vice-versa Black Hat Asia  Israeli researchers found a series of flaws in Microsoft’s Windows Admin Center (WAC) and suggest this shows hybrid cloud management tools are a two-way attack surface…

Read more →

Orgs can now buy UK cyber agency engineered commercial gadget, but details are slim GCHQ’s cyber arm has entered the hardware game with its first device designed to prevent cyberattacks on display devices.… This article has been indexed from The…

Read more →

Keeping it simple for the developers can lead to very complex headaches later PWNED  Welcome back to PWNED, the column where we celebrate the people who’ve taught us how not to secure a server. If you’ve ever tied your own…

Read more →

NCSC passes judgment: passkeys pass muster, passwords fail The UK’s National Cyber Security Centre (NCSC) has officially endorsed passkeys as the default authentication standard, marking the first time the agency has told consumers to move away from passwords entirely.… This…

Read more →

Plus, the payload references ‘TeamPCP/LiteLLM method’ Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as it moves through developers’ environments, and it shares significant overlap with the open source infections attributed…

Read more →

And that unauthorized access? ‘A nothing burger,’ hacking startup CEO tells El Reg Anthropic’s Mythos model is purportedly so good at finding vulnerabilities that the Claude-maker is afraid to make it available to the general public for fear that criminals…

Read more →

Along with a bunch of new services to make sure those same agents don’t cause chaos Google Cloud chief operating officer Francis deSouza has summed up his company’s security strategy du jour as follows: “You need to use AI to…

Read more →

Gov admits ‘incident’ as forum sellers boast of fresh haul covering up to a third of the population France’s National Agency for “Secure” Documents is explaining a potential data spill just as crooks online claim they’ve nicked a third of…

Read more →

Judges say cops face-slurping not a problem under current human rights laws London’s Metropolitan Police Service (MPS) has survived a legal challenge that attempted to curb its rollout of live facial recognition (LFR) technology across the capital.… This article has…

Read more →

Gartner sees accelerating growth in IT spending, powered by cloud and AI infrastructure investment A day after the International Energy Agency (IEA) said the US/Israel/Iran war was creating the worst energy crisis ever faced by the ‌world, Gartner increased its…

Read more →