Tag: The Register – Security

Department director admits Welsh capital’s council still trying to get heads around threat of dark web leaks Cardiff City Council’s director of children’s services says data was leaked or stolen from the organization, although she did not clarify how or…

Read more →

Single click on a phishing link in Google browser blew up sandbox on Windows Google pushed out an emergency patch for Chrome on Windows this week to stop attackers exploiting a sandbox-breaking zero-day vulnerability, seemingly used by snoops to target…

Read more →

WOW! DID! SOMEONE! REALLY! STEAL! DATA! ON! 400K! USERS?! A cyber-crime ring calling itself Arkana has made a cringe music video to boast of an alleged theft of subscriber account data from Colorado-based cableco WideOpenWest (literally, WOW!)… This article has…

Read more →

Crew also cooked up two fresh SparrowDoor backdoor variants, says ESET The China-aligned FamousSparrow crew has resurfaced after a long period of presumed inactivity, compromising a US financial-sector trade group and a Mexican research institute. The gang also likely targeted…

Read more →

Researchers say ‘proactive’ approach is needed to combat global cybercrime Here’s one you don’t see every day: A cybersecurity vendor is admitting to breaking into a notorious ransomware crew’s infrastructure and gathering data it relayed to national agencies to help…

Read more →

Screenshot shows company head unhappy, claiming ‘real CVE is pending’ CrushFTP’s CEO is not happy with VulnCheck after the CVE numbering authority (CNA) released an unofficial ID for the critical vulnerability in its file transfer tech disclosed almost a week…

Read more →

As if living in Croydon wasn’t bad enough The Metropolitan Police has confirmed its first permanent installation of live facial recognition (LFR) cameras is coming this summer and the lucky location will be the South London suburb of Croydon.… This…

Read more →

Data stolen included checklist for medics on how to get into vulnerable people’s homes The UK’s data protection watchdog is dishing out a £3.07 million ($3.95 million) fine to Advanced Computer Software Group, whose subsidiary’s security failings led to a…

Read more →

So F-18 launch times, weapons, drone support aren’t classified now … who knew? The Atlantic’s editor-in-chief who was inadvertently added to a Signal group in which the US Secretary of Defense, Vice President, and others discussed secret military plans has…

Read more →

MORSE to pay — .. .-.. .-.. .. — -. … for failing to meet cyber-grade A US defense contractor will cough up $4.6 million to settle complaints it failed to meet cybersecurity requirements on military contracts and knowingly submitted…

Read more →

Victims’ details at risk after criminals download 9,000 files from court database Australian police are currently investigating the theft of “sensitive” data from a New South Wales court system after they confirmed approximately 9,000 files were stolen.… This article has…

Read more →

Bad news about the Linux system monitor may be on the way Veteran sysadmin and tech blogger Rachel Kroll posted a cryptic warning yesterday about a popular Linux system monitoring tool. Maybe it’s better to be safe than sorry.… This…

Read more →

Who knew social media stars had a role to play in building national cyber resilience? The world’s biggest brands have benefited from influencer marketing for years – now the UK’s National Cyber Security Centre (NCSC) has hopped on the bandwagon…

Read more →

Customers come forward claiming info was swiped from prod Oracle Cloud’s denial of a digital break-in is now in clear dispute. A infosec researcher working on validating claims that the cloud provider’s login servers were compromised earlier this year says…

Read more →

16,000 stolen records pertain to former and active mail subscribers Infosec veteran Troy Hunt of HaveIBeenPwned fame is notifying thousands of people after phishers scooped up his Mailchimp mailing list.… This article has been indexed from The Register – Security…

Read more →

Just an FYI, like Generative AI assistants packaged up as browser extensions harvest personal data with minimal safeguards, researchers warn.… This article has been indexed from The Register – Security Read the original article: You know that generative AI browser…

Read more →

There’s only one rule – don’t attack Russia, duh Check Point has spotted a fresh ransomware-as-a-service crew in town: VanHelsing, touting a cross-platform locker targeting Microsoft Windows, Linux, and VMware ESXi systems, among others. But so far, only Windows machines…

Read more →

Time to update your firmware, if you can, to one with the security fixes, cough cough DrayTek router owners in the UK and beyond had a pretty miserable weekend after some ISPs began to notice a lot of their customers’…

Read more →

How many K8s systems are sat on the internet front porch like that … Oh, thousands, apparently Cloudy infosec outfit Wiz has discovered serious vulnerabilities in the admission controller component of Ingress-Nginx Controller that could allow the total takeover of…

Read more →

Kari, OK, we’ll see you in court An organization that bankrolls various internet security projects has asked a Washington DC court to prevent the Trump administration from cancelling its federal funding – and expressed fears that if the cash stops…

Read more →