Category: The Register – Security

Kimsuky gang proves that with the right wording, you can turn generative AI into a counterfeit factory North Korean spies used ChatGPT to generate a fake military ID for use in an espionage campaign against a South Korean defense-related institution,…

Read more →

Chip giant accused of breaching conditions of $6.9B Mellanox takeover China has dealt Nvidia another blow, finding the chipmaker in violation of the country’s anti-monopoly Law and escalating a long-running regulatory headache into a full investigation.… This article has been…

Read more →

As post-cyberattack layoffs begin, labor org argues UK goverment should step in The UK’s chief automotive workers’ union is calling on the government to establish a Covid-esque furlough scheme for the thousands of individuals who face losing their jobs due…

Read more →

Peers will quiz campaigners on whether Ofcom’s new measures will actually work, or just add more compliance pain The House of Lords is about to put the latest child-protection plans of UK regulator the Office of Communications (Ofcom) under the…

Read more →

PLUS: Japan woos Micron, again; China launches chip dumping probe; Mitsubishi expands opsec empire; and more! Criminals appear to be moving cyber-scam centers to vulnerable countries.… This article has been indexed from The Register – Security Read the original article:…

Read more →

PLUS: China’s Great Firewall springs a leak; FBI issues rare ‘Flash Alert’ of Salesforce attacks; $10m bounty for alleged Russian hacker; and more Infosec In Brief  15 ransomware gangs, including Scattered Spider and Lapsus$, have announced that they are going…

Read more →

Doing a simple system reset may not be enough to save you from fines and lawsuits With the end of Windows 10’s regular support cycle fast approaching, and a good five years since the COVID pandemic spurred a wave of…

Read more →

Although it hasn’t been seen in the wild yet A new ransomware strain dubbed HybridPetya was able to exploit a patched vulnerability to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot on unrevoked Windows systems, making it the fourth publicly…

Read more →

Get ready for a fight over who steers the global standard for vulnerability identification The Cybersecurity and Infrastructure Security Agency (CISA) nearly let the Common Vulnerabilities and Exposures (CVE) program lapse earlier this year, but a new “vision” document it…

Read more →

A similar vuln on Apple devices was used against ‘specific targeted users’ Samsung has fixed a critical flaw that affects its Android devices – but not before attackers found and exploited the bug, which could allow remote code execution on…

Read more →

Dorm management refuses to cover costs after payment system borked More than a thousand university students in the Netherlands must continue to travel to wash their clothes after their building management company failed to bring its borked smart laundry machines…

Read more →

UK data watchdog says students behind most education cyberattacks The UK’s data protection watchdog says more than half of cyberattacks in schools are caused by students, and that parents should act early to prevent their offspring from falling into the…

Read more →

Big Brother Watch says a so-called BritCard could turn daily life into one long identity check – and warn that Whitehall can’t be trusted to run A national digital ID could hand the government the tools for population-wide surveillance –…

Read more →

Ethical concerns raised after crook offered themselves up on silver platter Security outfit Huntress has been forced onto the defensive after its latest research – described by senior staff as “hilarious” – split opinion across the cybersecurity community.… This article…

Read more →

Atlantic Council warns US investors are fueling a market that undermines national security After years of being dominated by outsiders, the computer surveillance software industry is booming in the United States as investors rush into the ethically dodgy but highly…

Read more →

Okta uncovers new phishing-as-a-service operation with ‘multiple entities’ falling victim Multiple attackers using a new phishing service dubbed VoidProxy to target organizations’ Microsoft and Google accounts have successfully stolen users’ credentials, multi-factor authentication codes, and session tokens in real time,…

Read more →

Shady, China-based company, all the apps needed for a fully automated attack – sounds totally legit Villager, a new penetration-testing tool linked to a suspicious China-based company and described by researchers as “Cobalt Strike’s AI successor,” has been downloaded about…

Read more →

FastNetMon says 1.5 Gpps deluge from hijacked routers, IoT kit nearly drowned scrubbing shop A DDoS mitigation provider was given a taste of the poison it tries to prevent, after being smacked by one of the largest packet-rate attacks ever…

Read more →

AMD Zen hardware and Intel Coffee Lake affected If you thought the world was done with side-channel CPU attacks, think again. ETH Zurich has identified yet another Spectre-based transient execution vulnerability that affects AMD Zen CPUs and Intel Coffee Lake…

Read more →

Ron Wyden urges FTC to probe failure to secure Windows after attackers used Kerberoasting to cripple Ascension Microsoft is back in the firing line after US Senator Ron Wyden accused Redmond of shipping “dangerous, insecure software” that helped cybercrooks cripple…

Read more →