Advocate General urges rethink of PSD2 to speed compensation after scams Analysis One of the European Union’s top legal advisors is trying to change how banks treat cybercrime victims – meaning they could enjoy greater financial protections sooner than expected.……
Tag: The Register – Security
Building the UK’s next generation of cyber talent
Reflecting on the relaunch of the UK Cyber Team and introducing the next phase of leadership PC The UK Cyber Team is a government initiative led by the Department for Science, Innovation and Technology in partnership with SANS Institute. Its…
Critical Microsoft Excel bug weaponizes Copilot Agent for zero-click information disclosure attack
Could steal sensitive personal and financial data After a whopper of a Patch Tuesday last month, with six Microsoft flaws exploited as zero-days, March didn’t exactly roar in like a lion. Just two of the 83 Microsoft CVEs released on…
Cybercrime isn’t just a cover for Iran’s government goons – it’s a key part of their operations
Ransomware, malware-as-a-service, infostealers benefit MOIS, too Iranian government-backed snoops are increasingly using cybercrime malware and ransomware infrastructure in their operations – not just hiding behind criminal masks as a cover for destructive cyber activity, according to security researchers.… This article…
Crooks compromise WordPress sites to push infostealers via fake CAPTCHA prompts
Rapid7 says crims compromised more than 250 sites globally, including a US Senate candidate’s campaign page Cyber baddies quietly compromised legitimate WordPress websites, including the campaign site of a US Senate candidate, turning them into launchpads for a global infostealer…
Fake job applications pack malware that kills EDR before stealing data
Russian-speaking attackers lure HR staff into downloading ISO files that disable defenses A Russian-speaking cyber criminal is targeting corporate HR teams with fake CVs that quietly install malware which can disable security tools before stealing data from infected machines.… This…
Protecting democracy means democratizing cybersecurity. Bring on the hackers
Digital freedom needs a Kali Linux for the rest of us Opinion The hacker mind is a curious way to be. To have it means to embody endless analytical curiosity, an awareness of any given rule set as just one…
Ericsson blames vendor vishing slip-up for breach exposing thousands of records
Crooks used simple phone scam to compromise vendor account, spilling personal and financial data belonging to more than 15,000 people A voice-phishing scam targeting one of Ericsson’s service providers has exposed the personal data of more than 15,000 individuals after…
Polish cops bust alleged teen DDoS kit sellers – youngest just 12
Kids profited from tools used to attack popular websites, say officials Polish police have referred seven suspected juvenile cybercriminals to family court over an alleged scheme to flog DDoS kits online.… This article has been indexed from The Register –…
AI vs AI: Agent hacked McKinsey’s chatbot and gained full read-write access in just two hours
David and Goliath…but with AI agents Researchers at red-team security startup CodeWall say their AI agent hacked McKinsey’s internal AI platform and gained full read and write access to the chatbot in just two hours.… This article has been indexed…
ShinyHunters claims more high-profile victims in latest Salesforce customers data heist
And they abused a Mandiant-developed open source tool in the attacks ShinyHunters told The Register that it has stolen data from about 100 high-profile companies in its latest Salesforce customer data heist, including Salesforce itself.… This article has been indexed…
EV charger biz ELECQ zapped by ransomware crooks, customer contact data stolen
An attack on the company’s AWS platform may have exposed customers’ names and home addresses Exclusive ELECQ, maker of smart electric vehicle (EV) chargers, is warning customers that their personal details may have been stolen in a ransomware attack that…
Dutch cops warn 100 alleged scammers: Turn yourselves in or we tell Grandma
Two-week deadline to fraudsters to fess up or have their faces plastered across every screen in the country Dutch national police are taking a novel stand against scammers – 100 suspects now have less than two weeks to hand themselves…
Russian cybercrims phish their way into officials’ Signal and WhatsApp accounts
Dutch spies flag large-scale campaign to hijack secure messaging accounts Russian-linked hackers are trying to break into the Signal and WhatsApp accounts of government officials, journalists, and military personnel globally – not by cracking encryption, but by simply tricking people…
Microsoft Azure CTO set Claude on his 1986 Apple II code, says it found vulns
This isn’t just a nostalgia trip – billions of legacy microcontrollers may be at risk AI can reverse engineer machine code and find vulnerabilities in ancient legacy architectures, says Microsoft Azure CTO Mark Russinovich, who used his own Apple II…
Royal Navy races to arm ships against drone threat
Britain’s Ministry of Defence wants a counter-drone system designed, contracted, and delivered within weeks Britain’s Royal Navy is urgently seeking a ship-based counter-drone system and recent world events likely explain why.… This article has been indexed from The Register –…
Iran is the first out-loud cyberwar the US has fought
Cyber is no longer the hush-hush thing it used to be, as team Trump invades Iran with hackers taking the lead Kettle Unlike previous military conflicts, the cyber domain has been front and center since the Trump administration invaded Iran,…
FBI is investigating breach that may have hit its wiretapping tools
PLUS: Europol takes down two crime gangs; LastPass users phished (again); Crooks increase crypto hauls; And more Infosec In Brief The FBI is investigating a breach of its systems which reportedly affected systems related to wiretapping and surveillance.… This article…
AI agents now help attackers, including North Korea, manage their drudge work
Crims ‘will do what gets them their objective easiest and fastest,’ Microsoft threat intel boss tells The Reg interview AI agents allow cybercriminals and nation-state hackers to outsource the “janitorial-type work” needed to plan and carry out cyberattacks, according to…
Firefox taps Anthropic AI bug hunter, but rancid RAM still flipping bits
Now if only device makers would deliver higher quality components Thanks to Anthropic’s AI and its bug-detecting abilities, Firefox users can now enjoy stronger security. Unfortunately, if browser crashes rather than security flaws are the problem, Claude probably can’t help.……