Category: The Register – Security

Not a great look when the iGiant just launched its first password manager Apple just fixed a duo of security bugs in iOS 18.0.1 and iPadOS 18.0.1, one of which might cause users’ saved passwords to be read aloud. It’s…

Read more →

Get together with the European cybersecurity community at a two-day conference in London this December Sponsored Post  This year’s CyberThreat returns to London to provide a place for cybersecurity professionals to share experiences, new tools and techniques to help organisations…

Read more →

‘You can build this in a few days – even as a very naïve developer’ A pair of inventive Harvard undergraduates have created what they believe could be one of the most intrusive devices ever built – a wake-up call,…

Read more →

Gangs hit 5% of all Adobe Commerce, Magento-powered stores, Sansec says Ray-Ban, National Geographic, Whirlpool, and Segway are among thousands of brands whose web stores were reportedly compromised by criminals exploiting the CosmicSting flaw in hope of stealing shoppers’ payment…

Read more →

Best way to boost your package is to leave, or pretend to A survey of nearly 700 CISOs in the US and Canada has found their pay has risen over the past year to an average of $565,000 and a…

Read more →

Winter is coming The US Department of Justice and Microsoft have seized 107 websites used by Russian cyberspies in a phishing campaign to steal sensitive information from US government agencies, think tanks, and other victims.… This article has been indexed…

Read more →

Best way to boost your package is to leave, or pretend to A survey of nearly 700 CISOs in the US and Canada has found that salaries have risen over the last year to an average of $565,000 and a…

Read more →

Fraudsters targeted local government, colleges, and construction firms in Texas and North Carolina Two British-Nigerian men were sentenced for serious business email compromise schemes in the US this week, netting them millions of dollars from local government entities, construction companies,…

Read more →

Crooks ‘like a sysadmin, with a malicious slant’ Exclusive  An extortionist armed with a new variant of MedusaLocker ransomware has infected more than 100 organizations a month since at least 2022, according to Cisco Talos, which recently discovered a “substantial”…

Read more →

Managing the endless stream of cookie banners leaves little energy for anything else Fewer than one in five Brits report being happy with the way their personal data is handled by big tech companies, yet the furthest many will go…

Read more →

With 14 serious security flaws found, what a gift for spies and crooks Fourteen bugs in DrayTek routers — including one critical remote-code-execution flaw that received a perfect 10 out of 10 CVSS severity rating — could be abused by…

Read more →

Poor use of PHP include() strikes again Two trivial but critical security holes have been found in Optigo’s Spectra Aggregation Switch, and so far no patch is available.… This article has been indexed from The Register – Security Read the…

Read more →

Logjam ‘hurting infosec processes world over’ one expert tells us as US body blows its own Sept deadline NIST has made some progress clearing its backlog of security vulnerability reports to process – though it’s not quite on target as…

Read more →

Attacks began the day after public disclosure “Patch yesterday” is the advice from infosec researchers as the latest critical vulnerability affecting Zimbra mail servers is now being mass-exploited.… This article has been indexed from The Register – Security Read the…

Read more →

Strategies for securing intellectual property in AI systems Webinar  As enterprises increasingly incorporate AI, the challenge of protecting private intellectual property (IP) often becomes more difficult.… This article has been indexed from The Register – Security Read the original article:…

Read more →

Bother, given the White House has bet big on RPKI – just like we all rely on immature internet infrastructure that usually works The Resource Public Key Infrastructure (RPKI) protocol has “software vulnerabilities, inconsistent specifications, and operational challenges” according to…

Read more →

And also: What looks like proof that stolen data was never deleted even after ransom was paid Building on the success of what’s known around here as LockBit Leak Week in February, the authorities say they’ve arrested a further four…

Read more →

Ransomware criminals believed to have taken orders from intel services The relationship between infamous cybercrime outfit Evil Corp and the Russian state is thought to be extraordinarily close, so close that intelligence officials allegedly ordered the criminals to carry out…

Read more →

Aleksandr Ryzhenkov alleged to have extorted around $100M from victims, built 60 LockBit attacks The latest installment of the National Crime Agency’s (NCA) series of ransomware revelations from February’s LockBit Leak Week emerges today as the agency identifies a man…

Read more →

At least seven intrusions in five years? Yeah, those promises of improvement more than ‘long overdue’ T-Mobile US has agreed to fork out $31.5 million to improve its cybersecurity and pay a fine after a string of network intrusions affected…

Read more →