Tag: The Register – Security

Also, industry begs Uncle Sam for infosec reg harmony, dueling container-compromise campaigns, and crit vulns infosec in brief  Cloud data analytics platform Snowflake said it is going to begin forcing customers to implement multi-factor authentication to prevent more intrusions. … This…

Read more →

Thousands of dodgy SMS messages bypassed network filters in UK-first case British police have arrested two individuals following an investigation into illegal homebrew phone masts used for SMS-based phishing campaigns.… This article has been indexed from The Register – Security…

Read more →

Scott Small tells us gang’s ‘intent and capability’ should get the attention of CSOs Interview  It might not be as big a name as BlackCat or LockBit, but the Akira ransomware is every bit as dangerous, says one cybersecurity researcher…

Read more →

Lessons learned from the infosec chief convicted and punished for covering up theft of data from taxi app maker Interview  Joe Sullivan – the now-former Uber chief security officer who was found guilty of covering-up a theft of data from…

Read more →

Breaking breaking-news news A 4chan user claims to have leaked 270GB of internal New York Times data, including source code, via the notorious image board.… This article has been indexed from The Register – Security Read the original article: ‘New…

Read more →

How’s your RPKI-based security plan coming along? Feds want to know US broadband providers will soon have to provide proof to Uncle Sam that they are taking steps to prevent Border Gateway Protocol (BGP) hijacking and locking down internet routing…

Read more →

Windows maker acknowledges ‘clear signal’ from everyone, then mostly ignores it Microsoft is not giving up on its controversial Windows Recall, though says it will give customers an option to opt in instead of having it on by default, and…

Read more →

Company says just names and SSNs affected, watering down RansomHub’s claims Frontier Communications has confirmed more than 750,000 individuals were affected in an April cyberattack on its systems, according to a regulatory filing.… This article has been indexed from The…

Read more →

Researchers were able to glean data from 10,000 meetings held by top Dutch gov officials Cisco squashed some bugs this week that allowed anyone to view WebEx meeting information and join them, potentially opening up security and privacy concerns for…

Read more →

Meeting the challenges of managing risk for cyber-physical systems Webinar  The risk of cyber attack hangs over every digital environment but cyber physical systems (CPS) tend to be more vulnerable – after all, they weren’t usually designed with security in…

Read more →

But do they get to wear ‘I DDoSed’ stickers? A Russian hacktivist crew has threatened to attack European internet infrastructure as four days of EU elections begin on Thursday.… This article has been indexed from The Register – Security Read…

Read more →

Spammers will probably bid to buy it, so community is trying to find a better home for decades-old service Exclusive  The Spam and Open Relay Blocking System (SORBS) – a longstanding source of info on known sources of spam widely…

Read more →

You upgraded when this was fixed in April, right? Right?? If you haven’t yet upgraded to version 1.3.0 of Apache HugeGraph, now’s a good time because at least two proof-of-concept exploits for a CVSS 9.8-rated remote command execution bug in…

Read more →

The bad news? Gang wasn’t deleting victim data after payments LockBit victims who are still trying to clean up their encrypted files are in luck: the FBI has a big set of decryption keys it would love to let you…

Read more →

Funds are currently seized after being sent to offshore accounts The US Justice Department is seeking permission to recover more than $5 million worth of funds stolen from a trade union by business email compromise (BEC) scammers.… This article has…

Read more →

Time to get moving if you still rely on this deprecated feature Microsoft has finally decided to add the venerable NTLM authentication protocol to the Deprecated Features list.… This article has been indexed from The Register – Security Read the…

Read more →

Experts say Big Red will probably re-release patch in an upcoming cycle A seven-year-old Oracle vulnerability is the latest to be added to CISA’s Known Exploited Vulnerability (KEV) catalog, meaning the security agency considers it a significant threat to federal…

Read more →

As tool emerges to probe OS feature’s SQLite-based store of user activities Asked to explore the data privacy issues arising from Microsoft Recall, the Windows maker’s poorly received self-surveillance tool, Jaime Teevan, chief scientist and technical fellow at Microsoft Research,…

Read more →

Beware of zero-click malware sliding into your DMs Miscreants exploited a zero-day in TikTok to compromised the accounts of CNN and other big names. The app maker has confirmed there was a cyberattack, and that it has scrambled to secure…

Read more →

Malware code potentially sold off, tweaked, back at it infecting victims RansomHub, a newish cyber-crime operation that has claimed to be behind the theft of data from Christie’s auction house and others, is “very likely” some kind of rebrand of…

Read more →