Tag: The Register – Security

Letters from CISO Ethan Steiger suggest the data related to job applications Advance Auto Parts’ CISO just revealed for the first time the number of individuals affected when criminals broke into its Snowflake instance – a hefty 2.3 million.… This…

Read more →

Scumbag targeted many victims – and those who tried to help them A scumbag who used to work as a privacy consultant has been put behind bars for nine years for a “grotesque” cyberstalking campaign against more than a dozen…

Read more →

LockBit variant targets backup software – which you may remember is supposed to help you recover from ransomware Yet another new ransomware gang, this one dubbed EstateRansomware, is exploiting a Veeam vulnerability that was patched more than a year ago…

Read more →

Multiple malware attack saw personal data acessed, but rocket science remained safe The Japanese Space Exploration Agency (JAXA) discovered it was under attack using zero-day exploits while working with Microsoft to probe a 2023 cyberattack on its systems.… This article…

Read more →

Company announces intent following Ticketmaster, Santander break-ins A month after incident response giant Mandiant suggested the litany of data thefts linked to Snowflake account intrusions had the common component of lacking multi-factor authentication (MFA) controls, the cloud storage and data…

Read more →

Company says data exfiltration was extremely difficult to detect Fujitsu Japan says an unspecified “advanced” malware strain was to blame for a March data theft, insisting the strain was “not ransomware”, yet it hasn’t revealed how many individuals are affected.……

Read more →

BlackByte, LockBit among the criminals using bespoke tools As ransomware crews increasingly shift beyond just encrypting victims’ files and demanding a payment to unlock them, instead swiping sensitive info straight away, some of the more mature crime organizations are developing…

Read more →

Fixes have been made, it appears, but disclosure or discussion is invisible Column  Found a bug? It turns out that reporting it with a story in The Register works remarkably well … mostly. After publication of my “Kryptonite” article about…

Read more →

Freeware AutoIt also used to hide entire PowerShell environments in scripts A rapidly-changing infostealer malware known as ViperSoftX has evolved to become more dangerous, according to security researchers at threat detection vendor Trellix.… This article has been indexed from The…

Read more →

If someone can do a little MITM’ing and hash cracking, they can log in with no valid password needed Cybersecurity experts at universities and Big Tech have disclosed a vulnerability in a common client-server networking protocol that allows snoops to…

Read more →

Citrix, SAP also deserve your attention – because miscreants are already thinking about Exploit Wednesday Patch Tuesday  Clear your Microsoft system administrator’s diary: The bundle of fixes in Redmond’s July Patch Tuesday is a doozy, with at least two bugs…

Read more →

Citrix, SAP also deserve your attention – because miscreants are already thinking about Exploit Wednesday Patch Tuesday  Clear your Microsoft system administrator’s diary: The bundle of fixes in Redmond’s July Patch Tuesday is a doozy, with at least two bugs…

Read more →

RT News snarks back after it’s accused of building social nyet-work for Kremlin The FBI and cybersecurity agencies in Canada and the Netherlands say they have taken down an almost 1,000-strong Twitter bot farm set up by Russian state-run RT…

Read more →

Understanding the power needs of the UK begins with knowing when renewals are due Certificate Watch  Demonstrating that Microsoft is not alone in its inability to keep track of certificates is UK power market biz Elexon.… This article has been…

Read more →

Making cyberattack among the largest ever recorded in finance industry Evolve Bank & Trust says the data of more than 7.6 million customers was stolen during the LockBit break-in in late May, per a fresh filing with Maine’s attorney general.……

Read more →

Fairly ‘low budget’, unsophisticated malware, say researchers, but it can collect the same data as Pegasus Interview  When it comes to surveillance malware, sophisticated spyware with complex capabilities tends to hog the limelight – for example NSO Group’s Pegasus, which…

Read more →

Google’s absence creates software distribution issues not even mighty Microsoft can handle Microsoft China will provide staff with Apple devices so they can log on to the software giant’s systems.… This article has been indexed from The Register – Security…

Read more →

Scum keep databases of the people they’ve already skimmed Australia’s Competition and Consumer Commission has warned that scammers are targeting scam victims with fake offers to help them recover from scams.… This article has been indexed from The Register –…

Read more →

Lax patching and vulnerable small biz kit make life easy for Beijing’s secret-stealers Law enforcement agencies from eight nations, led by Australia, have issued an advisory that details the tradecraft used by China-aligned threat actor APT40 – aka Kryptonite Panda,…

Read more →

Lax patching and vulnerable small biz kit make life easy for Beijing’s secret-stealers Law enforcement agencies from eight nations, led by Australia, have issued an advisory that details the tradecraft used by China-aligned threat actor APT40 – aka Kryptonite Panda,…

Read more →