Tag: The Register – Security

tldr; boffins did it interview  It all started as an idea for a research paper. … This article has been indexed from The Register – Security Read the original article: The crazy, true story behind the first AI-powered ransomware

Read more →

Pro tip, don’t install PowerShell commands without approval A team of data thieves has doubled down by developing its CastleRAT malware in both Python and C variants. Both versions spread by tricking users into pasting malicious commands through a technique…

Read more →

9.9-rated flaw on the loose, so patch now A critical code-injection bug in SAP S/4HANA that allows low-privileged attackers to take over your SAP system is being actively exploited, according to security researchers.… This article has been indexed from The…

Read more →

Affinity Learning Partnership warns staff after Intradev breach A major UK education trust has warned staff that their personal information may have been compromised following a cyberattack on software developer Intradev in August.… This article has been indexed from The…

Read more →

You cut and pasted the machine key from the official documentation? Ouch Unknown miscreants are exploiting a configuration vulnerability in multiple Sitecore products to achieve remote code execution via a publicly exposed key and deploy snooping malware on infected machines.……

Read more →

AI agent system said to have found more than 100 zero-day flaws in production apps AI models get slammed for producing sloppy bug reports and burdening open source maintainers with hallucinated issues, but they also have the potential to transform…

Read more →

Defrauding search with custom malware, Potato-family exploits A new China-aligned cybercrime crew named GhostRedirector has compromised at least 65 Windows servers worldwide – spotted in a June internet scan – using previously undocumented malware to juice gambling sites’ rankings in…

Read more →

Nexthink estimates ESU bills could top $7.3B as millions of devices set to miss upgrade deadline Free support is ending for many editions of Windows 10 on October 14, and enterprises unable to make the jump are on the hook…

Read more →

Privacy campaigners cry foul as grocer joins Asda, Iceland, and others in retail surveillance boom Sainsbury’s, Britain’s second-largest supermarket chain, has caught the attention of privacy campaigners by launching an eight-week trial of live facial recognition (LFR) tech in two…

Read more →

Web giant and Chinese e-tailer whacked for dropping trackers without permission France’s data protection authority levied massive fines against Google and SHEIN for dropping cookies on customers without securing their permission, and also whacked Google for showing ads in email…

Read more →

Seven-year-old Cisco vuln that remains inexplicably unpatched is their way in The US State Department has put a $10 million bounty on the heads of three Russians accused of being intelligence agents hacking America’s critical infrastructure – primarily via old…

Read more →

Clock is ticking US security leaders have urged lawmakers to reauthorize two key pieces of cyber legislation, including one that facilitates threat-intel sharing between the private sector and federal government, before they expire at the end of the month.… This…

Read more →

September bundle the largest this year, and possibly the most serious Patch Tuesday is next week, but Android is ahead of the game, dropping its biggest patch bundle this year while attackers actively exploit two of the now-fixed flaws.… This…

Read more →

LLMs and 0-days – what could possibly go wrong? Attackers on underground forums claimed they were using HexStrike AI, an open-source red-teaming tool, against Citrix NetScaler vulnerabilities within hours of disclosure, according to Check Point cybersecurity evangelist Amit Weigman.… This…

Read more →

AI-powered ransomware, extortion chatbots, vibe hacking … just wait until agents replace affiliates It’s no secret that AI tools make it easier for cybercriminals to steal sensitive data and then extort victim organizations. But two recent developments illustrate exactly how…

Read more →

Engineers wrangle 55 TB restore and traffic replay as millions of messages queue up A RAID failure has taken the Matrix.org homeserver offline, leaving users of the decentralized messaging service unable to send or receive messages while engineers attempt a…

Read more →

‘Universities are being used to proxy offensive government operations, turning research access decisions political’ Censys Inc, vendor of the popular Censys internet-mapping tool, has revealed that state-based actors are trying to abuse its services by hiding behind academic researchers.… This…

Read more →

Show of hands: who WASN’T targeted? The list of victims keeps growing, as yet another company — Cloudflare — today disclosed that some of its customers’ data was also compromised in the Salesloft Drift breach.… This article has been indexed from…

Read more →

Enough governments love it and it’s highly lucrative Governments can’t get enough of hacking services to use against their citizens, despite their protestations that elements of the trade need sanctioning.… This article has been indexed from The Register – Security…

Read more →

Joins Google, Palo Alto Networks in the ever-growing supply chain compromise Zscaler is the latest company to disclose some of its customers’ data was exposed in the recent spate of Salesloft Drift attacks affecting Salesforce databases.… This article has been…

Read more →

Security firm’s Salesforce instance accessed using credentials stolen from Salesloft’s Drift platform breach Palo Alto Networks is writing to customers that may have had commercially sensitive data exposed after criminals used stolen OAuth credentials lifted from the Salesloft Drift break-in…

Read more →

Brit limb books just £188M in revenue – down 85% since 2019 Huawei’s business in Britain has dwindled in the half-decade since the UK acquiesced to demands from the US to ban the Chinese networking giant from local telco networks.……

Read more →

Major flaws uncovered in Copeland controllers: Patch now Ten vulnerabilities in Copeland controllers, which are found in thousands of devices used by the world’s largest supermarket chains and cold storage companies, could have allowed miscreants to manipulate temperatures and spoil…

Read more →

As government says £9B could end up in Redmond, poll says it’s time for new thinking Register debate series  Register readers are backing a shift away from Microsoft software as a default across the UK public sector after the government…

Read more →

Bloc working on anti-jamming measures and plans extra sat to help A plane carrying European Commission (EC) president Ursula von der Leyen to Bulgaria was forced to resort to manual navigation techniques after GPS jamming that authorities have pinned on…

Read more →

Cisco finds hundreds of Ollama servers open to unauthorized access, creating various nasty risks Cisco’s Talos security research team has found over 1,100 Ollama servers exposed to the public internet, where miscreants can use them to do nasty things.… This…

Read more →

BAE’s sub hunter production line warms up – shame it’s not for Britain Norway has ordered British-made Type 26 frigates in a contract valued at roughly £10 billion to the UK economy, but this may delay the introduction of the…

Read more →

Don’t worry, there’s a twist at the end Opinion  Agatha Christie stuck a dagger in the notion that crime doesn’t pay. With sales of between two and four billion books – fittingly, the exact number is a mystery – she…

Read more →

Trust and believe – AI models trained to see ‘legal’ doc as super legit Researchers at security firm Pangea have discovered yet another way to trivially trick large language models (LLMs) into ignoring their guardrails. Stick your adversarial instructions somewhere…

Read more →

Sites at yourcountry.gov may also not bother with HTTPs Internet traffic to government domains often flows across borders, relies on a worryingly small number of network connections, or does not require encryption, according to new research.… This article has been…

Read more →

PLUS: Microsoft ends no-MFA Azure access; WorkDay attack diverts payments; FreePBX warns of CVSS 10 flaw; and more Infosec In brief  A flaw in Meta’s WhatsApp app “may have been exploited in a sophisticated attack against specific targeted users.”… This…

Read more →

The admin controls were left wide open on Pudu’s robots A researcher caught the world’s leading supplier of commercial service robots using shoddy admin security that let attackers redirect the delivery machines to anywhere and make them follow any command.……

Read more →

Look who’s visiting the watering hole these days Amazon today said it disrupted an intel-gathering attempt by Russia’s APT29 to trick Microsoft users into unwittingly granting the Kremlin-backed cyberspies access to their accounts and data.… This article has been indexed…

Read more →

Up to 29,000 organizations and potentially 370,000 security and IT pros affected Australian development house Click Studios has warned users of its Passwordstate enterprise password management platform to update immediately if not sooner, following the discovery of an authentication bypass…

Read more →

Senior officials summoned to science and tech committee to explain further Senior officials are being summoned to the UK’s Science, Innovation and Technology Committee to explain why the government has not fully implemented the security recommendations made in a secret…

Read more →

Plus millions of other people across 80+ countries China’s Salt Typhoon cyberspies hoovered up information belonging to millions of people in the United States over the course of the years-long intrusion into telecommunications networks, according to a top FBI cyber…

Read more →

Web browsing belongs to the people, not the bots Jon von Tetzchner, CEO of Norway-based browser maker Vivaldi, believes the tech industry’s efforts to automate web browsing using generative AI models have gone too far.… This article has been indexed…

Read more →

Our drones are OK, but those other drones? The US Department of Homeland Security has revealed plans to spend more than $100 million on systems designed to take out hostile drones.  … This article has been indexed from The Register –…

Read more →

$6.4M VerifTools marketplace offline The FBI and Dutch police today said that they seized two domains and a blog tied to VerifTools, an international criminal marketplace that sold identity documents for as little as $9.… This article has been indexed…

Read more →

‘The homeland is no longer secure,’ says Defense Counterintelligence and Security Agency leader The Pentagon outfit responsible for preventing foriegn agents from infiltrating defense agencies says the US isn’t doing a very good job of preventing state secrets from falling…

Read more →

Your passwords may already be at risk. Partner Content  Ever felt that gut punch after losing something important, like your house keys? Now picture those, along with 184 million others, resting in plain sight at the wildest equivalent of Comic-Con…

Read more →

Regulator points to lack of ‘basic access controls’ between internet-facing systems, internal network South Korea’s privacy watchdog has slapped SK Telecom with a record ₩134.5 billion ($97 million) fine after finding that the mobile giant left its network wide open…

Read more →

Shadowserver counts more than 13,000 appliances still wide open – including thousands in US, Germany, and UK Thousands of Citrix NetScaler appliances remain exposed to a trio of security flaws that the vendor patched this week, one of which is…

Read more →

Credit agency offers own services as compensation Credit scoring and monitoring biz TransUnion says that it recently suffered a breach affecting nearly 4.5 million individuals.… This article has been indexed from The Register – Security Read the original article: TransUnion…

Read more →

Miljödata meltdown leaves 200 local authorities scrambling over 1.5 BTC Sweden’s municipal governments have been knocked offline after ransomware crooks hit IT supplier Miljödata, reportedly demanding the bargain-basement sum of $168,000.… This article has been indexed from The Register –…

Read more →

US payments platform back in action, says it’s informing affected customers Shoppers and merchants in Germany found themselves dealing with billions of euros in frozen transactions this week, thanks to an apparent failure in PayPal’s fraud-detection systems.… This article has…

Read more →

Apology issued after names tied to redress scheme revealed in mass mailing A London law firm leaked the details of nearly 200 people who requested to receive updates about the redress scheme set up for victims of abuse at the…

Read more →

13 governments sound the alarm about ongoing unpleasantness China’s Salt Typhoon cyberspies continue their years-long hacking campaign targeting critical industries around the world, according to a joint security alert from cyber and law enforcement agencies across 13 countries.… This article…

Read more →

Harvard researchers find model guardrails tailor query responses to user’s inferred politics and other affiliations OpenAI’s ChatGPT appears to be more likely to refuse to respond to questions posed by fans of the Los Angeles Chargers football team than to…

Read more →

There’s also a rogue Russian on the list The US Treasury Department has announced sanctions against two Asian companies and two individuals for allegedly helping North Korean IT workers fake their way into US jobs.… This article has been indexed…

Read more →

AI lowers the bar for cybercrime, Anthropic admits comment  Anthropic, a maker of AI tools, says that AI tools are now commonly used to commit cybercrime and facilitate remote worker fraud.… This article has been indexed from The Register –…

Read more →

Fast-glob is widely used in government, security lab says A Node.js utility used by thousands of public projects – and more than 30 Department of Defense ones – appears to have a sole maintainer whose online profiles identify him as…

Read more →

Stolen dev credentials posted to GitHub as attackers abuse CLI tools for recon Nx is the latest target of a software supply chain attack in the NPM ecosystem, with multiple malicious versions being uploaded to the NPM registry on Tuesday…

Read more →

Don’t let it happen to you Storm-0501, a financially motivated cybercrime crew, recently broke into a large enterprise’s on-premises and cloud environments, ultimately exfiltrating and destroying data within the org’s Azure environment. The criminals then contacted the victim via a…

Read more →

Attackers steal OAuth tokens to access third-party sales platform, then CRM data in ‘widespread campaign’ Google says a recent spate of Salesforce-related breaches was caused by attackers stealing OAuth tokens from the third-party Salesloft Drift app.… This article has been…

Read more →

Vendor insists passkeys are the future, but getting workers on board is proving difficult Infosec pros are losing confidence in their identity providers’ ability to keep attackers out, with Cisco-owned Duo warning that the industry is facing what it calls…

Read more →

Securing internet infrastructure remains a challenging endeavour Systems Approach  I’ve been working on a chapter about infrastructure security for our network security book.… This article has been indexed from The Register – Security Read the original article: BGP’s security problems…

Read more →

Suspects this was Beijing-backed Typhoon and/or Panda crew targeting diplomats in Asia Google has warned customers of a suspected state-backed attack after observing a web traffic hijacking campaign.… This article has been indexed from The Register – Security Read the…

Read more →

From hardware security chips and trusted execution pipelines to open source Root of Trust modules Hot Chips  Microsoft is one of the biggest names in cybersecurity, but it has a less-than-stellar track record in the department. Given its reputation, Redmond…

Read more →

Oh, look, a use case for OpenAI’s gpt-oss-20b model ESET malware researchers Anton Cherepanov and Peter Strycek have discovered what they describe as the “first known AI-powered ransomware,” which they named PromptLock. … This article has been indexed from The Register…

Read more →

‘Many dozens’ targeted in ongoing campaign, CheckPoint researcher tells The Reg Cybercriminals are targeting critical US manufacturers and supply-chain companies, looking to steal sensitive IP and other data while deploying ransomware. Their attack involves a novel twist on phishing —…

Read more →

Remember that cost-cutting group once led by Elon Musk? Federal employees are still dealing with it A Social Security Administration employee has filed a whistleblower complaint alleging that Donald Trump’s DOGE cost-cutting unit has put the records of every single…

Read more →

Criminals already abusing its latest zero-days Citrix has pushed out fixes for three fresh NetScaler holes – and yes, they’ve already been used in the wild before the vendor got around to patching.… This article has been indexed from The…

Read more →

Remy Ra St Felix led a vicious international crime ring A violent home invader and gunpoint cryptocurrency thief will now spend more than 50 years behind bars after being found guilty of assaulting a witness.… This article has been indexed…

Read more →

Crims raided third-party systems and lifted personal data, including license numbers and partial SSNs US insurance giant Farmers Insurance says more than a million customers had personal data nicked after a third-party vendor was compromised.… This article has been indexed…

Read more →

Everything’s fine, the ad slinger assures us Cloud security vendor Zscaler says customers of Google’s Play Store have downloaded more than 19 million instances of malware-laden apps that evaded the web giant’s security scans.… This article has been indexed from…

Read more →

PLUS: India bans ‘money’ games; SK Hynix cranks out 321-layer SSDs; Fastly re-thinking CDNs for Asia; and more! Asia In Brief  Australia’s University of Melbourne last year used Wi-Fi location data to identify student protestors.… This article has been indexed…

Read more →

PLUS: Comet AI browser fooled; Microsoft sets sail for quantum safety; Sailor sent down for espionage Infosec in brief  PLUS… This article has been indexed from The Register – Security Read the original article: AWS, Cloudflare, Digital Ocean, and Google…

Read more →

For incentives remember the three Fs – finance, fame, and fixing it feature  Thirty years ago, Netscape kicked off the first commercial bug bounty program. Since then, companies large and small have bought into the idea, with mixed results.… This…

Read more →

Amazon, Apple, Google, and Microsoft among major customers Data I/O, a major electronics manufacturer whose customers include Amazon, Apple, Google, and Microsoft, notified federal regulators that it fell victim to a ransomware infection on August 16 that continues to disrupt…

Read more →

Health details, tax ID numbers, even images of checks were stolen, reportedly by the Interlock gang Ransomware scum breached kidney dialysis firm Davita’s labs database in April and stole about 2.4 million people’s personal and health-related information.… This article has…

Read more →

ClickFix tricks Microsoft’s security team has published an in-depth report into ClickFix, the social engineering attack which tricks users into executing malicious commands in the guise of proving their humanity.… This article has been indexed from The Register – Security…

Read more →

The attack first affected an upstream provider of bespoke software Exclusive  A leading UK provider of criminal record checks for employers is handling a data breach stemming from a third-party development company.… This article has been indexed from The Register…

Read more →

Crypto mines, BEC scams, fake passports, and a $300M fraud empire allegedly brought down during Serengeti 2.0 Interpol’s latest clampdown on cybercrime resulted in 1,209 arrests across the African continent, from ransomware crooks to business email compromise (BEC) scammers, the…

Read more →

Pro tip: When taking revenge, don’t use your real name A US court sentenced a former developer at power management biz Eaton to four years in prison after he installed malware on the company’s servers.… This article has been indexed…

Read more →

Because savvy terrorists always use public internet services to plan their mischief, right? Anthropic says it has scanned an undisclosed portion of conversations with its Claude AI model to catch concerning inquiries about nuclear weapons.… This article has been indexed…

Read more →

Better late than never after SharePoint assault? Microsoft has reportedly stopped giving Chinese companies proof-of-concept exploit code for soon-to-be-disclosed vulnerabilities following last month’s SharePoint zero-day attacks, which appear to be related to a leak in Redmond’s early-bug-notification program.… This article…

Read more →

Underground forums now recruiting English-speaking social engineers English speakers adept at social engineering are a hot commodity in the cybercrime job market.… This article has been indexed from The Register – Security Read the original article: ‘Impersonation as a service’…

Read more →

Google’s Gemini-powered tools tripped up by image-scaling prompt injection Security researchers with Trail of Bits have found that Google Gemini CLI and other production AI systems can be deceived by image scaling attacks, a well-known adversarial challenge for machine learning…

Read more →

Bill would let US President commission white hat hackers to go after foreign threats, seize assets on the online seas It’s been more than 200 years since the United States issued a letter of marque allowing privateers to attack the…

Read more →

Everything a criminal needs for targeted attacks exposed, but telco insists ‘no critical data compromised’ A significant data theft at Orange Belgium has opened hundreds of thousands of its customers to serious cybersecurity risks.… This article has been indexed from…

Read more →

Feds say Mirai-spawned botnet blasted 370K attacks before AWS and pals helped yank its servers RapperBot, a botnet-for-hire blamed for hundreds of thousands of DDoS attacks, has been yanked offline by the Feds, who also hauled in its alleged Oregon-based…

Read more →

Worried about your data? Not to worry, we’ll check the dark web for you! Yes really A week after its services were disrupted by a cyberattack, UK telco Colt Technology Services has gone back on its initial statement to confirm…

Read more →

Another ‘extremely sophisticated’ exploit chewing at Cupertino’s walled garden Apple has shipped emergency updates to fix an actively exploited zero-day in its ImageIO framework, warning that the flaw has already been abused in targeted attacks.… This article has been indexed…

Read more →

Researcher claims extension didn’t start out by exfiltrating info… while dev says its actions are ‘compliant’ Security boffins at Koi Security have warned of a shift in behavior of a popular Chrome VPN extension, FreeVPN.One, which recently appears to have…

Read more →

One fetcher bot seen smacking a website with 39,000 requests per minute Cloud services giant Fastly has released a report claiming AI crawlers are putting a heavy load on the open web, slurping up sites at a rate that accounts…

Read more →

Took out all traffic to port 443 at a time Beijing didn’t have an obvious need to keep its netizens in the dark China cut itself off from much of the global internet for just over an hour on Wednesday.……

Read more →

Redmond doesn’t bother informing customers about some security fixes Microsoft has chosen not to tell customers about a recently patched vulnerability in M365 Copilot.… This article has been indexed from The Register – Security Read the original article: Microsoft stays…

Read more →

Move along, nothing to see here Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to leak secrets, including API keys from a developer’s machine,…

Read more →

Snarfing up config files for ‘thousands’ of devices…just for giggles, we’re sure The FBI and security researchers today warned that Russian government spies exploited a seven-year-old bug in end-of-life Cisco networking devices to snoop around in American critical infrastructure networks…

Read more →

Researchers disclosing their findings said ‘it’s as bad as it sounds’ Researchers at watchTowr just published working proof-of-concept exploits for two unauthenticated remote code execution bug chains in backup giant Commvault.… This article has been indexed from The Register –…

Read more →

iiNet breach blamed on single stolen login, with emails, phone numbers, and addresses exposed Aussie telco giant TPG Telecom has opened an investigation after confirming a cyberattack at subsidiary iiNet.… This article has been indexed from The Register – Security…

Read more →

Burger slinger gets a McRibbing, reacts by firing staffer who helped A white-hat hacker has discovered a series of critical flaws in McDonald’s staff and partner portals that allowed anyone to order free food online, get admin rights to the…

Read more →

Reconfigure local app settings via a ‘simple’ POST request A now-patched flaw in popular AI model runner Ollama allows drive-by attacks in which a miscreant uses a malicious website to remotely target people’s personal computers, spy on their local chats,…

Read more →

Intruders hoped no one would notice their presence Criminals exploiting a critical vulnerability in open source Apache ActiveMQ middleware are fixing the flaw that allowed them access, after establishing persistence on Linux servers.… This article has been indexed from The…

Read more →

Toronto company says weekend cyber raid hit internal IT, not punters’ wallets Canadian casino software slinger Bragg Gaming Group has disclosed a “cybersecurity incident,” though it’s adamant the intruders never got their hands on customer data.… This article has been…

Read more →

Tulsi Gabbard boasts Washington forced Blighty to drop iPhone encryption fight The UK government has reportedly abandoned its attempt to strong-arm Apple into weakening iPhone encryption after the White House forced Blighty into a quiet climb-down.… This article has been…

Read more →

Developer demand for sovereign cloud from tech giant is on the rise, says exec Interview  Google’s President of Customer Experience, Hayete Gallot, offered some words of comfort to developers who are looking nervously at the rise of AI assistants while…

Read more →

CEO says if you buy all your infosec stuff from him, life under assault from bots will be less painful Brace for a new round of browser wars, according to Palo Alto Networks CEO Nikesh Arora.… This article has been…

Read more →

High accuracy scores come from conditions that don’t reflect real-world usage Facial recognition technology has been deployed publicly on the basis of benchmark tests that reflect performance in laboratory settings, but some academics are saying that real-world performance doesn’t match…

Read more →