Category: The Register – Security

ENGlobal customers include the Pentagon as well as major oil and gas producers American energy contractor ENGlobal disclosed that access to its IT systems remains limited following a ransomware infection in late November.… This article has been indexed from The…

Read more →

National cyber emergencies increased threefold this year The number of security threats in the UK that hit the country’s National Cyber Security Centre’s (NCSC) maximum severity threshold has tripled compared to the previous 12 months.… This article has been indexed…

Read more →

No exaggeration – literally a ton. Plus, 15 co-conspirators also put behind bars A Russian court has handed a life sentence to the head of the infamous online drugs souk Hydra, and 15 of his co-conspirators will also spend many…

Read more →

Yet another result of the MOVEit mess Hundreds of thousands of employees from major corporations including Xerox, Nokia, Koch, Bank of America, Morgan Stanley and others appear to be the latest victims in a massive data breach linked to last…

Read more →

Tap into the infinite scalability… of pricing Re:Invent  Amazon Web Services has a new incident response service that combines automation and people to protect customers’ AWS accounts – at a hefty price.… This article has been indexed from The Register…

Read more →

Explore open source strategies to safeguard critical systems and data Webinar  Linux security is a component that sits at the heart of today’s IT landscape.… This article has been indexed from The Register – Security Read the original article: Discover…

Read more →

The latest in an unusual change of fortune for group once protected by the Kremlin An alleged former affiliate of the LockBit and Babuk ransomware operations, who also just happens to be one of the most wanted cybercriminals in the…

Read more →

The politics of cybersecurity are too important to be left to the politicians Opinion  Here’s a front-page headline you won’t see these days: CHINA’S SPIES ARE TAPPING OUR PHONES. Not that they’re not – they are – but, like the…

Read more →

Also, script kiddies still a threat, Tornado Cash is back, UK firms lose billions to avoidable attacks, and more Infosec in brief  Interpol and its financial supporters in the South Korean government are back with another round of anti-cybercrime arrests…

Read more →

Crooks say they have stolen sensitive files on managers and players Italian professional football club Bologna FC is allegedly a recent victim of the RansomHub cybercrime gang, according to the group’s dark web postings.… This article has been indexed from…

Read more →

US agencies blasted ‘unforgivable’ SQLi flaws earlier this year Open-source enterprise network and application monitoring provider Zabbix is warning customers of a new critical vulnerability that could lead to full system compromise.… This article has been indexed from The Register…

Read more →

Second alleged intrusion on English NHS org systems this week Yet another of the UK’s National Health Service (NHS) systems appears to be under attack, with a ransomware gang threatening to leak stolen data it says is from one of…

Read more →

A reason to celebrate SANS and its 35 years of cyber security training Sponsored Post  Cybercrime never sleeps. As threats continue to evolve and attack surfaces become broader and harder to defend, it has never been more important for the…

Read more →

Systems are isolated and pulled offline, while scheduled procedures are canceled The ongoing cybersecurity incident affecting a North West England NHS group has forced sites to fall back on pen-and-paper operations, according to a statement.… This article has been indexed…

Read more →

Scumbags play on victims’ worst fears in phishing campaign referencing UK Employment Tribunal A current phishing campaign scares recipients into believing they’ve been sacked, when in reality they’ve been hacked – and infected with infostealers and other malware that means…

Read more →

Plus, a brand-new backdoor, GhostSpider, is linked to the cyber-spy crew’s operations The reach of the China-linked Salt Typhoon gang extends beyond American telecommunications giants, and its arsenal includes several backdoors, including a brand-new malware dubbed GhostSpider, according to Trend…

Read more →

Funny what putting more effort and resources into IT security can do Attackers – possibly China’s Salt Typhoon cyber-espionage crew – compromised an unnamed wireline provider’s network and used this access to try to break into T-Mobile US systems multiple…

Read more →

Watch this webinar to learn why cybersecurity leaders can trust the MITRE ATT&CK Evaluations Partner Content  In today’s dynamic threat landscape, security leaders are under constant pressure to make informed choices about which solutions and strategies they employ to protect…

Read more →

Researcher spotted open database before criminals … we hope Exclusive  More than 600,000 sensitive files containing thousands of people’s criminal histories, background checks, vehicle and property records were exposed to the internet in a non-password protected database belonging to data…

Read more →

Bootkitty doesn’t bite… yet Security researchers say they’ve stumbled upon the first-ever UEFI bootkit targeting Linux, illustrating a key moment in the evolution of such tools.… This article has been indexed from The Register – Security Read the original article:…

Read more →

Addressing the challenges of patching and vulnerability remediation Webinar  Managing endpoints efficiently has perhaps never been more important or more complex. … This article has been indexed from The Register – Security Read the original article: Automating endpoint management

Read more →

Cracked Labs report explores the use of motion sensors and wireless networking kit to monitor offices Office buildings have become like web browsers – they’re full of tracking technology, a trend documented in a report out this week by Cracked…

Read more →

Thinks customers may have forgiven it after revenue hits a record CrowdStrike can’t yet confidently predict the financial impact of the failed update to its Falcon software that crashed millions of computers around the world last July, but is confident…

Read more →

Provides insight to how China gets inside US systems, perhaps at Verizon and Infosys A 59 year-old Florida telco engineer was sentenced to 48 months in prison after he served as a spy for China and provided Beijing with details…

Read more →

Complaint claims he trespassed, gave himself discounts, and sorted CCTV access… A Kansas City man who stands accused of having a disregard for basic opsec made his first court appearance on Friday over a series of alleged cybercrimes.… This article…

Read more →

In case anyone forgot about Change Healthcare American hospitals and healthcare organizations would be required to adopt multi-factor authentication (MFA) and other minimum cybersecurity standards under new legislation proposed by a bipartisan group of US senators. … This article has been…

Read more →

How cyber resilient storage hardware can defeat ransomware Sponsored Feature  Ransomware is everywhere. The FBI and CISA just issued yet another advisory about it.… This article has been indexed from The Register – Security Read the original article: Fortify your…

Read more →

Microsoft free tool snooping on users? Surely not! If you’ve been tempted to download the Bing Wallpaper app to spice up your Windows 11 desktop backgrounds, you may want to think twice.… This article has been indexed from The Register…

Read more →

Third time this year an NHS unit’s IT systems have come under attack A UK hospital is declaring a “major incident,” cancelling all outpatient appointments due to “cybersecurity reasons.”… This article has been indexed from The Register – Security Read…

Read more →

Just what you want to find when you start a new week Taiwanese NAS maker QNAP addressed 24 vulnerabilities across various products over the weekend.… This article has been indexed from The Register – Security Read the original article: QNAP…

Read more →

‘Be in no doubt: the UK and others in this room are watching Russia’ The government of the United Kingdom on Monday announced the formation of a Laboratory for AI Security Research (LASR) to make the nation more resilient to…

Read more →

And it looks like major UK retailers that rely on it are feeling the pinch US-based supply chain SaaS vendor Blue Yonder has revealed a service disruption caused by ransomware, and its customers are reportedly struggling to get goods onto…

Read more →

Did we say CrowdStrike? We meant, er, The July Incident… IGNITE  The sound of cyber security professionals spraying their screens with coffee could be heard this week as Microsoft claimed, “security is our top priority,” as it talked up its…

Read more →

Senate Intelligence Committee chair says his ‘hair is on fire’ as execs front the White House The Biden administration on Friday hosted telco execs to chat about China’s recent attacks on the sector, amid revelations that US networks may need…

Read more →

Beijing’s propaganda buddies aren’t just using social media Google’s Threat Intelligence Group has blocked a network China-related firms from its search results for operating fake news services and websites.… This article has been indexed from The Register – Security Read…

Read more →

China is trying to become that land, with a government crackdown on the things that make the internet no fun Internet echo chambers and nasty e-commerce tricks that analyze your behavior to milk you for more cash are set to…

Read more →

Plus: Microsoft seizes phishing domains; Helldown finds new targets; Illegal streaming with Jupyter, and more Infosec in brief  Not to make you paranoid, but that business across the street could, under certain conditions, serve as a launching point for Russian…

Read more →

Six sites targeted for security clean-up, just 49,994 to go A plan for hackers to help secure America’s critical infrastructure has kicked off with six US water companies signing up to let coders kick the tires of their computer systems…

Read more →

Meanwhile, CISA chief Jen Easterly will step down prior to inauguration Analysis  President-elect Donald Trump has announced several unorthodox nominations for his cabinet over the last two weeks, including South Dakota Governor Kristi Noem, whom he tapped to serve as…

Read more →

He’ll just have to take this one on the chin The website of self-proclaimed misogynist and alleged sex trafficker and rapist Andrew Tate has been compromised and data on its paying subscribers stolen.… This article has been indexed from The…

Read more →

PAN-PAN! Intruders inject web shell backdoors, crypto-coin miners, more Thousands of Palo Alto Networks firewalls were compromised by attackers exploiting two recently patched security bugs. The intruders were able to deploy web-accessible backdoors to remotely control the equipment as well…

Read more →

Get some advice from this discussion with a Kaseya expert Webinar  Want to access the key takeaways from the recent “Secure Everything for Every Endpoint” webinar?… This article has been indexed from The Register – Security Read the original article:…

Read more →

Fledgling band of crooks says it stole 1.2 TB of data The new SafePay ransomware gang has claimed responsibility for the attack on UK telematics biz Microlise, giving the company less than 24 hours to pay its extortion demands before…

Read more →

Organized crime types tend not to be kind to those who go against them, so this is nasty A local Japanese government agency dedicated to preventing organized crime has apologized after experiencing an incident it fears may have led to…

Read more →

TL;DR: Attackers will break in and pwn you, as a US government red team demonstrated The US Cybersecurity and Infrastructure Agency often breaks into critical organizations’ networks – with their permission, of course – to simulate real-world cyber attacks and…

Read more →

Digital end of life planning saves your loved ones from a little extra anguish Japan’s National Consumer Affairs Center on Wednesday suggested citizens start “digital end of life planning” and offered tips on how to do it.… This article has…

Read more →

Draft doc struggles to describe how theoretically encryption-busting powers might be used The UK government has set out plans detailing how it will use the new law it has created to control online platforms and social media – with one…

Read more →

Update now: Qualys says flaws give root to local users, are ‘easily exploitable’ Researchers at Qualys refuse to release exploit code for five bugs in the Linux world’s needrestart utility that allow unprivileged local attackers to gain root access without…

Read more →

Danish military confirms it is monitoring as Swedish police investigate. Cloudflare says impact was ‘minimal’ The Danish military has confirmed it is tracking a Chinese ship that is under investigation after two optical fiber internet cables under the Baltic Sea…

Read more →

VotingWorks, developer of the system, disputes critics’ claims An electronic voting project backed by DARPA – Uncle Sam’s boffinry nerve center – to improve the process of absentee voting for American military personnel stationed abroad has been slammed by security…

Read more →

Get hands-on cybersecurity training this seasonal challenge Sponsored Post  Are you ready to pit your wits against the cyber exercises featured in the Holiday Hack Challenge 2024: Snow-maggedon?… This article has been indexed from The Register – Security Read the…

Read more →

Security researcher’s reverse engineering effort reveals undocumented reboot timer that will make life harder for attackers Apple’s latest mobile operating system, iOS 18, appears to have added an undocumented security feature that reboots devices if they’re not used for 72…

Read more →

Plus: Maxar Space Systems confirms employee info stolen in digital intrusion Ford Motor Company says it is looking into allegations of a data breach after attackers claimed to have stolen an internal database containing 44,000 customer records and dumped the…

Read more →

If you didn’t fix this a month ago, your to-do list probably needs a reshuffle Two VMware vCenter server bugs, including a critical heap-overflow vulnerability that leads to remote code execution (RCE), have been exploited in attacks after Broadcom’s first…

Read more →

Un-carrier said to be among those hit by Salt Typhoon, including AT&T, Verizon T-Mobile US said it is “monitoring” an “industry-wide” cyber-espionage campaign against American networks – amid fears Chinese government-backed spies compromised the un-carrier among with various other telecommunications…

Read more →

First in six years is nearly three times the size of the older, pre-NATO version Residents of Sweden are to receive a handy new guide this week that details how to prepare for various types of crisis situations or wartime…

Read more →

Event  The security landscape is constantly shifting. If you’re running Linux, staying ahead may rely on understanding the challenges – and opportunities – unique to Linux environments.… This article has been indexed from The Register – Security Read the original…

Read more →

PLUS: Cost of Halliburton hack disclosed; Time to dump old D-Link NAS; More UN cybercrime convention concerns; and more Infosec in brief  A teenager has pleaded guilty to calling in more than 375 fake threats to law enforcement, and now…

Read more →

Here’s why they really should Systems Approach  I have been playing around with passkeys, or as they are formally known, discoverable credentials.… This article has been indexed from The Register – Security Read the original article: Will passkeys ever replace…

Read more →

It’s memory-safe, with a few caveats Developers looking to continue working in the C and C++ programming languages amid the global push to promote memory-safe programming now have another option that doesn’t involve learning Rust.… This article has been indexed…

Read more →

QR codes arrive via an age-old delivery system Switzerland’s National Cyber Security Centre (NCSC) has issued an alert about malware being spread via the country’s postal service.… This article has been indexed from The Register – Security Read the original…

Read more →

Digital money laundering pays, until it doesn’t An Ohio man, who operated the Grams dark-web search engine and the Helix cryptocurrency money-laundering service associated with it, has been sentenced to three years in prison.… This article has been indexed from…

Read more →

LLM-controlled droids easily jailbroken to perform mayhem, researchers warn Science fiction author Isaac Asimov proposed three laws of robotics, and you’d never know it from the behavior of today’s robots or those making them.… This article has been indexed from…

Read more →

Yank access to management interface, stat A critical zero-day vulnerability in Palo Alto Networks’ firewall management interface that can allow an unauthenticated attacker to remotely execute code is now officially under active exploitation.… This article has been indexed from The…

Read more →

Names and social security numbers of folks looking for the biggest loan of their lives exposed A major US mortgage lender has told customers looking to make the biggest financial transaction of their lives that an intruder broke into its…

Read more →

Names and social security numbers of folks looking for the biggest loan of their lives exposed A major US mortgage lender has told customers looking to make the biggest financial transaction of their lives that an intruder broke into its…

Read more →