‘Near-global’ initial access campaign active since 2021 An initial-access subgroup of Russia’s Sandworm last year wriggled its way into networks within the US, UK, Canada and Australia, stealing credentials and data from “a limited number of organizations,” according to Microsoft.……
Category: The Register – Security
Crimelords and spies for rogue states are working together, says Google
Only lawmakers can stop them. Plus: software needs to be more secure, but what’s in it for us? Google says the the world’s lawmakers must take action against the increasing links between criminal and state-sponsored cyber activity.… This article has…
February’s Patch Tuesday sees Microsoft offer just 63 fixes
Don’t relax just yet: Redmond has made some certificate-handling changes that could trip unprepared admins Patch Tuesday Microsoft’s February patch collection is mercifully smaller than January’s mega-dump. But don’t get too relaxed – some deserve close attention, and other vendors…
Probe finds US Coast Guard has left maritime cybersecurity adrift
Numerous systemic vulnerabilities could scuttle $5.4T industry Despite the escalating cyber threats targeting America’s maritime transportation system, the US Coast Guard still lacks a comprehensive strategy to secure this critical infrastructure – nor does it have reliable access to data…
Yup, AMD’s Elba and Giglio definitely sound like they work corporate security
Which is why Cisco is adding these Pensando DPUs to more switches Cisco is cramming into more of its switches Pensando data processing units (DPUs) from AMD, which will be dedicated to handling security, storage, and other tasks.… This article…
‘Key kernel maintainers’ still back Rust in the Linux kernel, despite the doubters
Rustaceans could just wait for unwelcoming C coders to slowly SIGQUIT… The Rust for Linux project is alive and well, despite suggestions to the contrary, even if not every Linux kernel maintainer is an ally.… This article has been indexed…
Triplestrength hits victims with triple trouble: Ransomware, cloud hijacks, crypto-mining
These crooks have no chill A previously unknown gang dubbed Triplestrength poses a triple threat to organizations: It infects victims’ computers with ransomware, then hijacks their cloud accounts to illegally mine for cryptocurrency.… This article has been indexed from The…
UK, US, Oz blast holes in LockBit’s bulletproof hosting provider Zservers
UK foreign secretary says Putin is running a ‘corrupt mafia state’ One of the bulletproof hosting (BPH) providers used by the LockBit ransomware operation has been hit with sanctions in the US, UK, and Australia (AUKUS), along with six of…
AUKUS blasts holes in LockBit’s bulletproof hosting provider
UK foreign secretary says Putin is running a ‘corrupt mafia state’ One of the bulletproof hosting (BPH) providers used by the LockBit ransomware operation has been hit with sanctions in the US, UK, and Australia (AUKUS), along with six of…
Man who SIM-swapped the SEC’s X account pleads guilty
Said to have asked search engine ‘What are some signs that the FBI is after you?’ An Alabama man is pleading guilty after being charged with SIM swapping the Securities and Exchange Commission’s (SEC) X account in January last year.……
I’m a security expert, and I almost fell for a North Korea-style deepfake job applicant …Twice
Remote position, webcam not working, then glitchy AI face … Red alert! Twice, over the past two months, Dawid Moczadło has interviewed purported job seekers only to discover that these “software developers” were scammers using AI-based tools — likely to…
Apple warns ‘extremely sophisticated attack’ may be targeting iThings
Cupertino mostly uses bland language when talking security, so this sounds nasty Apple has warned that some iPhones and iPads may have been targeted by an “extremely sophisticated attack” and has posted patches that hopefully prevent it.… This article has…
All your 8Base are belong to us: Ransomware crew busted in global sting
Dark web site seized, four cuffed in Thailand An international police operation spanning the US, Europe, and Asia has shuttered the 8Base ransomware crew’s dark web presence and resulted in the arrest of four European suspects accused of stealing $16…
US news org still struggling to print papers a week after ‘cybersecurity event’
Publications across 25 states either producing smaller issues or very delayed ones US newspaper publisher Lee Enterprises is one week into tackling a nondescript “cybersecurity event,” saying the related investigation may take “weeks or longer” to complete.… This article has…
UK armed forces fast-tracking cyber warriors to defend digital front lines
High starting salaries promised after public sector infosec pay criticized The UK’s Ministry of Defence (MoD) is fast-tracking cybersecurity specialists in a bid to fortify its protection against increasing attacks.… This article has been indexed from The Register – Security…
Judge says US Treasury ‘more vulnerable to hacking’ since Trump let the DOGE out
Order requires destruction of departmental data accessed by Musky men Trump administration policies that allowed Elon Musk’s Department of Government Efficiency to access systems and data at the Bureau of the Fiscal Service (BFS) have left the org “more vulnerable…
India’s banking on the bank.in domain cleaning up its financial services sector
With over 2,000 banks in operation, a domain only they can access has clear potential to make life harder for fraudsters India’s Reserve Bank last week announced a plan to use adopt dedicated second-level domains – bank.in and fin.in –…
India wants all banking to happen at dedicated bank.in domain
With over 2,000 banks in operation, the potential to make life harder for fraudsters is obvious India’s Reserve Bank last week announced a plan to use adopt dedicated second-level domains – bank.in and fin.in – in the hope it improves…
DeepSeek’s iOS app is a security nightmare, and that’s before you consider its TikTok links
PLUS: Spanish cops think they’ve bagged NATO hacker; HPE warns staff of data breach; Lazy Facebook phishing, and more! Infosec In Brief DeepSeek’s iOS app is a security nightmare that you should delete ASAP, according to researchers at mobile app…
Huawei revenue growing fast, suggesting China’s scoffing at sanctions
PLUS: Japan shifts to pre-emptive cyber-defense; Thailand cuts cords connecting scam camps; China to launch ‘moon hopper’ in 2026; and more! Asia In Brief Huawei chair Liang Hua last week told a conference in China that the company expects to…