Tag: The Register – Security

Apparently no one thought to check if this D-Link router ‘issue’ was actually exploitable A security vulnerability previously added to CISA’s Known Exploited Vulnerability catalog (KEV), which was recognized by CVE Numbering Authorities (CNA), and included in reputable threat reports…

Read more →

Why we need the confidence to deploy secure, compliant AI-powered applications and workloads Sponsored Feature  Every organisation must prioritise the protection of mission critical data, applications and workloads or risk disaster in the face of an ever-widening threat landscape.… This…

Read more →

Limited options will be available into 2028, for an undisclosed price Microsoft on Tuesday warned that full security support for Windows 10 will end on October 14, 2025, but offered a lifeline for customers unable or unwilling to upgrade two…

Read more →

Bitbucket, Confluence and Jira all in danger, again. Sigh Atlassian has emailed its customers to warn of four critical vulnerabilities, but the message had flaws of its own – the links it contained weren’t live for all readers at the…

Read more →

Predicts cybercrims will find binary brainboxes harder to battle Cisco’s executive veep for security Jeetu Patel has predicted that AI will change the infosec landscape, but that end users will eventually pay for the privilege of having a binary brainbox…

Read more →

GRU-linked crew going after our code warns Microsoft – Outlook not good Fancy Bear, the Kremlin’s cyber-spy crew, has been exploiting two previously patched bugs for large-scale phishing campaigns against high-value targets – like government, defense, and aerospace agencies in the…

Read more →

Tardy IT admins likely to get a chilly reception over the lack of updates CISA has released details about a federal agency that recently had at least two public-facing servers compromised by attackers exploiting a critical Adobe ColdFusion vulnerability.… This…

Read more →

To maintain a strong data security posture, you must protect the data where it lives Partner Content  There are plenty of technology acronyms in the alphabet soup of the cybersecurity industry, but DSPM is the latest one leading the charge;…

Read more →

Accounting software firm Tipalti says it’s investigating alleged break-in of its systems The AlphV/BlackCat ransomware group said it plans to “go direct” to the clients of a firm it allegedly attacked to extort them, claiming to have infiltrated the systems…

Read more →

Won’t somebody think of the children? The UK’s communications regulator has laid out guidance on how online services might perform age checks as part of the Online Safety Act.… This article has been indexed from The Register – Security Read…

Read more →

Report suggests Sellafield compromised since 2015, response seems worryingly ignorant of Stuxnet The government of the United Kingdom has issued a strongly worded denial of a report that the Sellafield nuclear complex has been compromised by malware for years.… This…

Read more →

There’s a war on and critical infrastructure operators are still using default passwords Iran-linked cyber thugs have exploited Israeli-made programmable logic controllers (PLCs) used in “multiple” water systems and other operational technology environments at facilities across the US, according to…

Read more →

Stealing Kit Kat maker’s data?! Give me a break There’s no sugarcoating this news: The Hershey Company has disclosed cyber crooks gobbled up 2,214 people’s financial information following a phishing campaign that netted the chocolate maker’s data.… This article has…

Read more →

Version 2.2.2 and also 2.1.14, showing that this wasn’t a new issue in the latest release The bug that was very occasionally corrupting data on file copies in OpenZFS 2.2.0 has been identified and fixed, and there’s a fix for…

Read more →

With more than 1,500 tokens exposed, research highlights importance of securing supply chains in AI and ML The API tokens of tech giants Meta, Microsoft, Google, VMware, and more have been found exposed on Hugging Face, opening them up to…

Read more →

Ongoing investigation found evidence of stolen employee creds and social engineering Nine days after issuing a vaguely worded warning about a possible cyber security incident, web tracking and analytics outfit New Relic has revealed a two-front attack.… This article has…

Read more →

PLUS: Montana TikTok ban ruled unconstitutional; Dollar Tree employee data stolen; critical vulnerabilities Infosec in brief  The European Union’s Parliament and Council have reached an agreement on the Cyber Resilience Act (CRA), setting the long-awaited security regulation on a path…

Read more →

Supply chain attacks: The gift that keeps on giving A ransomware infection at a cloud IT provider has disrupted services for 60 or so credit unions across the US, all of which were relying on the attacked vendor. … This article…

Read more →

Supply chain attacks: The gift that keeps on giving A ransomware infection at a cloud IT provider has disrupted services for 60 or so credit unions across the US, all of which were relying on the attacked vendor. … This article…

Read more →

Two CVEs can be abused to steal sensitive info or execute code Apple has issued emergency fixes to plug security flaws in iPhones, iPads, and Macs that may already be under attack.… This article has been indexed from The Register…

Read more →