Tag: The Register – Security

What used to be a serious issue mainly in Southeast Asia is now the world’s problem Scam call centers are metastasizing worldwide “like a cancer,” according to the United Nations, which warns the epidemic has reached a global inflection point…

Read more →

10 other certificates ‘were mis-issued and have now been revoked’ Certificate issuer SSL.com’s domain validation system had an unfortunate bug that was exploited by miscreants to obtain, without authorization, digital certs for legit websites.… This article has been indexed from…

Read more →

Erlang? Er, man, no problem. ChatGPT, Claude to go from flaw disclosure to actual attack code in hours The time from vulnerability disclosure to proof-of-concept (PoC) exploit code can now be as short as a few hours, thanks to generative…

Read more →

It’s now hitting govt, enterprise targets On March 11 – Patch Tuesday – Microsoft rolled out its usual buffet of bug fixes. Just eight days later, miscreants had weaponized one of the vulnerabilities, using it against government and private sector…

Read more →

AI-spoofed Mark joins fellow billionaires as the voice of the street – here’s how it was probably done Video  Crosswalk buttons in various US cities were hijacked over the past week or so to – rather than robotically tell people…

Read more →

Using LLMs to pick programs, people, contracts to cut is bad enough – but doing it with Musk’s Grok? Yikes A group of 48 House Democrats is concerned that Elon Musk’s cost-trimmers at DOGE are being careless in their use…

Read more →

Some in the infosec world definitely want to see Big Red crucified CISA – the US government’s Cybersecurity and Infrastructure Security Agency – has issued an alert for those who missed Oracle grudgingly admitting some customer data was stolen from…

Read more →

MITRE, EUVD, GCVE … WTF? Comment  The splintering of the global system for identifying and tracking security bugs in technology products has begun.… This article has been indexed from The Register – Security Read the original article: CVE fallout: The…

Read more →

Illegitimi non carborundum? Nice password, Mr Ex-CISA Chris Krebs, the former head of the US Cybersecurity and Infrastructure Security Agency (CISA) and a longtime Trump target, has resigned from SentinelOne following a recent executive order that targeted him and revoked…

Read more →

Illegitimi non carborundum? Nice password, Mr Ex-CISA Chris Krebs, the former head of the US Cybersecurity and Infrastructure Security Agency (CISA) and a longtime Trump target, has resigned from SentinelOne following a recent executive order that targeted him and revoked…

Read more →

Truck-mounted demonstration weapon costs 10p a pop, says MOD British soldiers have successfully taken down drones with a radio-wave weapon.… This article has been indexed from The Register – Security Read the original article: Brit soldiers tune radio waves to…

Read more →

Ignored infosec rules, exfiltrated data … then the mysterious login attempts from a Russian IP address began – claim Democratic lawmakers are calling for an investigation after a tech staffer at the US National Labor Relations Board (NLRB) blew the…

Read more →

Extraordinary rendition of data, or just dropped it out of a helicopter? CIA Director John Ratcliffe’s smartphone has almost no trace left of the infamous Signalgate chat – the one in which he and other top US national security officials…

Read more →

Microsoft rewards those who patch early with bricks hurled through its operating system Keeping with its rich history of updates that break Windows in unexpected ways, Microsoft has warned that two recent patches for Windows 11 24H2 are triggering blue…

Read more →

From noise to clarity: Why CISOs are shifting to adversarial exposure validation Partner content  A vast majority of security teams are overwhelmed by the large number of security alerts and vulnerabilities.… This article has been indexed from The Register –…

Read more →

Feds extend vulnerability nerve-center contract at 11th hour In an 11th-hour reprieve, the US government last night agreed to continue funding the globally used Common Vulnerabilities and Exposures (CVE) Program.… This article has been indexed from The Register – Security…

Read more →

DPP Law is appealing against data watchdog’s conclusions A law firm is appealing against a £60,000 fine from the UK’s data watchdog after 32 GB of personal information was stolen from its systems.… This article has been indexed from The…

Read more →

Vintage phishing varietal has improved with age Russia never stops using proven tactics, and its Cozy Bear, aka APT 29, cyber-spies are once again trying to lure European diplomats into downloading malware with a phony invitation to a lux event.……

Read more →

It involves a number close to three or six depending on the fiend Ransomware operators jack up their ransom demands by a factor of 2.8x if they detect a victim has cyber-insurance, a study highlighted by the Netherlands government has…

Read more →

Because vulnerability management has nothing to do with national security, right? US government funding for the world’s CVE program – the centralized Common Vulnerabilities and Exposures database of product security flaws – ends Wednesday.… This article has been indexed from…

Read more →