Tag: The Register – Security

Also, LockBit gets a new second stringer, AirTag owners find yet another illicit use, and this week’s critical vulns Infosec in brief  Californians may be on their way to the nation’s first “do not broker” list with the passage of…

Read more →

AMBERSQUID operation takes AWS’s paths less travelled in search of compute As cloud native computing continues to gain popularity, so does the risk posed by criminals seeking to exploit the unwary. One newly spotted method targets services on the AWS…

Read more →

Oh s#!t, Sherlock Israeli software maker Insanet has reportedly developed a commercial product called Sherlock that can infect devices via online adverts to snoop on targets and collect data about them for the biz’s clients.… This article has been indexed…

Read more →

Mandiant warns casino raiders are doubling down on ‘monetization strategies’ Scattered Spider, the crew behind at least one of the recent Las Vegas casino IT security breaches, has already hit some 100 organizations during its so-far brief tenure in the…

Read more →

Half a percent of last quarter’s net income? That’ll teach ’em Google has been hit with another lawsuit alleging it deceived users about its collection, storage, and use of their location data, this time from the state of California. Yet it’s…

Read more →

Are you the weakest link? The UK’s Greater Manchester Police (GMP) has admitted that crooks have got their mitts on some of its data after a third-party supplier responsible for ID badges was attacked.… This article has been indexed from…

Read more →

NoEscape promises ‘colossal wave of problems’ if IJC doesn’t pay up The International Joint Commission, a body that manages water rights along the US-Canada border, has confirmed its IT security was targeted, after a ransomware gang claimed it stole 80GB…

Read more →

Zero-days are so 2022. Why not just social engineer the help desk? Casino giant Caesars Entertainment has confirmed miscreants stole a database containing customer info, including driver license and social security numbers for a “significant number” of its loyalty program…

Read more →

Company noticed data warehouse break-in via compromised account a month later Cloud-based bug tracking and monitoring platform Rollbar has warned users that attackers have rifled through their data.… This article has been indexed from The Register – Security Read the…

Read more →

Homeland Security told to mind costs, fix up privacy controls Twice delayed and over budget, the US Department of Homeland Security (DHS) has been told by the Government Accountability Office (GAO) that it needs to correct shortcomings in its biometric…

Read more →

No, you CEO is not on Teams asking you to transfer money Deepfakes are coming for your brand, bank accounts, and corporate IP, according to a warning from US law enforcement and cyber agencies.… This article has been indexed from…

Read more →

Ransomware group nicked info from employee of airline, say researchers Aerospace giant Airbus has fallen victim to a data breach, thanks in part to the inattention of a third party.… This article has been indexed from The Register – Security…

Read more →

Cut and shut is so last century, now it’s copy and clone Researchers have found almost 15,000 automotive accounts for sale online and pointed at a credential-stuffing attack that targeted car makers.… This article has been indexed from The Register…

Read more →

Fun technique – but how practical is it? Some smart cookies at institutions in China and Singapore have devised a technique for reading keystrokes and pilfering passwords or passcodes from Wi-Fi-connected mobile devices on public networks, without any hardware hacking.……

Read more →

Pensioners, employees and medical pros among those aiming to be compensated for data exposure The number of claimants signing up to a Class Action against Capita over the infamous March cyber security break-in and subsequent data exposure keeps going up,…

Read more →

Running unsupported and unpatched versions of Exchange Server will do that to a country Sri Lanka’s Computer Emergency Readiness Team (CERT) is currently investigating a ransomware attack on the government’s cloud infrastructure that affected around 5,000 email accounts, it revealed…

Read more →

‘Obtaining a disruptive capability could be one possible motivation behind this surge in attacks’ Espionage-ware thought to have been developed by China has once again been spotted within the power grid of a neighboring nation.… This article has been indexed…

Read more →

Plus: Adobe and Android also tackle abused-in-the-wild flaws Patch Tuesday  It’s every Windows admin’s favorite day of the month: Patch Tuesday. Microsoft emitted 59 patches for its September update batch, including two for bugs that have already been exploited.… This…

Read more →

$50k to breathe new life into its corpse. The rest of us must move on to OpenSSL 3.0 OpenSSL 1.1.1 has reached the end of its life, making a move to a later version essential for all, bar those with…

Read more →

Exploit observed in the wild as Mountain View pushes out updates Google has rushed out a fix for a vulnerability in its Chrome browser, noting that an exploit already exists in the wild.… This article has been indexed from The…

Read more →