Tag: The Register – Security

Plus: Netscaler brute force barrage; BeyondTrust API key stolen; and more Infosec in brief  There’s a problem of titanic proportions brewing for users of the Prometheus open source monitoring toolkit: hundreds of thousands of servers and exporters are exposed to…

Read more →

IOCONTROL targets IoT and OT devices from a ton of makers, apparently An Iranian government-linked cybercriminal crew used custom malware called IOCONTROL to attack and remotely control US and Israel-based water and fuel management systems, according to security researchers.… This…

Read more →

‘Today’s sentencing is more than just a punishment. It’s a message’ A Texan who ran a forum on the dark web where depraved netizens could swap child sex abuse material (CSAM), and chat freely about abusing kids, has been sentenced…

Read more →

Privacy measure leaves some mourning lost memories A year ago, Google announced plans to save people’s Location History, which it now calls Timeline, locally on devices rather than on its servers.… This article has been indexed from The Register –…

Read more →

How Cynet delivered 100 percent Protection and 100 percent Detection Visibility in 2024 MITRE ATT&CK Evaluation Partner Content  Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders is to keep IT environments up and…

Read more →

GitGuardian takes on enterprise secrets sprawl Partner Content  With Non-Human Identities (NHIs) now outnumbering human users 100 to one in enterprise environments, managing secrets across multiple vaults has become a significant security concern.… This article has been indexed from The…

Read more →

DoJ thinks it’s found the folks that ran it, and some of the ‘IT warriors’ sent out to fleece employers North Korea’s fake IT worker scams netted the hermit kingdom $88 million over six years, according to the US Department…

Read more →

More details released after devs allowed weeks to apply fixes We now know the remote code execution vulnerability in Apache Struts 2 disclosed back in November carries a near-maximum severity rating following the publication of the CVE.… This article has…

Read more →

Holiday cheer comes in the form of three arrests and 27 shuttered domains The Europol-coordinated Operation PowerOFF struck again this week as cross-border cops pulled the plug on 27 more domains tied to distributed denial of service (DDoS) criminality.… This…

Read more →

High-energy weapon proves its mettle in testing The British Army has successfully destroyed flying drones for the first time using a high-energy laser mounted on an armored vehicle. If perfected, the technology could form an effective counter-measure against drone attacks.… This article…

Read more →

Few websites actually respect the option, says Mozilla When Firefox 135 is released in February, it’ll ship with one less feature: Mozilla plans to remove the Do Not Track toggle from its Privacy and Security settings. … This article has been…

Read more →

Acquires two companies that offer stuff for those on the nice list to keep naughty list types at bay Citrix has gone on a European shopping trip, and come home with its bag of gifts bulging thanks to a pair…

Read more →

Sen. Wyden blasts FCC’s ‘failure’ amid Salt Typhoon hacks US telecoms carriers would be required to implement minimum cyber security standards and ensure their systems are not susceptible to hacks by nation-state attackers – like Salt Typhoon – under legislation…

Read more →

Belly-busting biz says it’s been hit by cowardly custards Doughnut slinger Krispy Kreme has admitted to an attack that has left many customers unable to order online.… This article has been indexed from The Register – Security Read the original…

Read more →

Patch up, everyone – that admin portal is mighty attractive to your friendly cyberattacker Ivanti just put out a security advisory warning of three critical vulnerabilities in its Cloud Services Application (CSA), including a perfect 10.… This article has been…

Read more →

Also sanctions his employer – an outfit called Sichuan Silence linked to Ragnarok ransomware The US Departments of Treasury and Justice have named a Chinese business and one of its employees as the actors behind the 2020 exploit of a…

Read more →

Twas the night before Christmas, and all through the house, patching was done with the click of a mouse Microsoft hasn’t added too much coal to the stocking this Patch Tuesday, with just 72 fixes, only one of which scored…

Read more →

Boeing-Bell V-22 can’t outfly its checkered past, it seems The US Navy, Air Force, and Marine Corps have grounded their fleet of Boeing-Bell-made Osprey V-22s on safety grounds.… This article has been indexed from The Register – Security Read the…

Read more →

Boffins devise BadRAM attack to pilfer secrets from SEV-SNP encrypted memory Researchers have found that the security mechanism AMD uses to protect virtual machine memory can be bypassed with $10 of hardware – and perhaps not even that.… This article…

Read more →

Thousands of servers targeted while customers wait for patches Researchers at security shop Huntress are seeing mass exploitation of a vulnerability affecting three Cleo file management products, even on patched systems.… This article has been indexed from The Register –…

Read more →