Tag: The Register – Security

It took 13 months to notice 40 million voters’ data was compromised The UK’s Electoral Commission has received a formal slap on the wrist for a litany of security failings that led to the theft of personal data belonging to…

Read more →

For the want of an underscore DigiCert has given some unlucky customers 24 hours to replace their SSL/TLS security certificates it previously issued them – due to a five-year-old blunder in its backend software.… This article has been indexed from…

Read more →

Oh, Boies, here we go again Delta Air Lines lost hundreds of millions of dollars due to the CrowdStrike outage earlier this month – and it has hired a high-powered law firm to claw some of those lost funds back,…

Read more →

Leaves a trail of ransomware infections, data theft, business email compromise in its wake Insight  The developers of EvilProxy – a phishing kit dubbed the “LockBit of phishing” – have produced guides on using legitimate Cloudflare services to disguise malicious…

Read more →

Get those patches applied – all the big dogs are abusing it Do you have your VMware ESXi hypervisor joined to Active Directory? Well, the latest news from Microsoft serves as a reminder that you might not want to do…

Read more →

They DKIM here, they DKIM there A huge phishing campaign exploited a security blind-spot in Proofpoint’s email filtering systems to send an average of three million “perfectly spoofed” messages a day purporting to be from Disney, IBM, Nike, Best Buy,…

Read more →

Follows requirement for social media and messaging platforms to get a license Legislation for an internet “kill switch” will reach Malaysia’s Parliament in October, according to the country’s minister for Law and Institutional Reform.… This article has been indexed from…

Read more →

‘Ignore previous instructions’ thwarts Prompt-Guard model if you just add some good ol’ ASCII code 32 Meta’s machine-learning model for detecting prompt injection attacks – special prompts to make neural networks behave inappropriately – is itself vulnerable to, you guessed…

Read more →

Do we really want to bother SCOTUS with this, friends? Surely they’re way too busy to take a look US border agents must obtain a warrant, in New York at least, to search anyone’s phone and other electronic device when…

Read more →

Do we really want to bother SCOTUS with this, friends? Surely they’re way too busy right now to take a look US border agents must obtain a warrant, in New York at least, to search anyone’s phone and other electronic…

Read more →

No mention of malware or ransomware – somewhat of a rarity these days HealthEquity, a US fintech firm for the healthcare sector, admits that a “data security event” it discovered at the end of June hit the data of a…

Read more →

Happy Sysadmin Day Google celebrated Sysadmin Day last week by apologizing for breaking its password manager for millions of Windows users – just as many Windows admins were still hard at work mitigating the impact of the faulty CrowdStrike update.……

Read more →

Promises to discourage use of kernel drivers – so they don’t crash the world again Microsoft has admitted that its estimate of 8.5 million machines crashed by CrowdStrike’s faulty software update was almost certainly too low, and vowed to reduce…

Read more →

Because clearly it’s better for Beijing to know who you are than for every ISP and social service to keep its own records Beijing may soon issue “cyberspace IDs” to its citizens, after floating a proposal for the scheme last…

Read more →

Plus: More stalkerware exposure; a $16M TracFone fine; Ransomware victims don’t use MFA, and more Infosec in brief  Protecting computers’ BIOS and the boot process is essential for modern security – but knowing it’s important isn’t the same as actually…

Read more →

And boy, did last Friday’s Windows fiasco ever prove that yet again Opinion  CrowdStrike’s recent Windows debacle will surely earn a prominent place in the annals of epic tech failures. On July 19, the cybersecurity giant accomplished what legions of…

Read more →

These are the kinds of bugs APTs thrive on, just ask the Feds Progress Software’s latest security advisory warns customers about the second critical vulnerability targeting its Telerik Report Server in as many months.… This article has been indexed from…

Read more →

Microsoft, Mandiant, weigh in with info about methods used by Andariel gang alleged to have made many, many, heists The US Department of Justice on Thursday charged a North Korean national over a series of ransomware attacks on stateside hospitals…

Read more →

Microsoft, Mandiant, weigh in with info about methods used by Andariel gang alleged to have made many, many, heists The US Department of Justice on Thursday charged a North Korean national over a series of ransomware attacks on stateside hospitals…

Read more →

Microsoft, Mandiant, weigh in with info about methods used by Andariel gang alleged to have made many, many, heists The US Department of Justice on Thursday charged a North Korean national over a series of ransomware attacks on stateside hospitals…

Read more →