Tag: The Register – Security

Stolen credentials edge out email tricks for cloud break-ins because they’re so easy to get Criminals used stolen credentials more frequently than email phishing to gain access into their victims’ IT systems last year, marking the first time that compromised…

Read more →

Bake in security now or pay later, says Mike Rogers AI engineers should take a lesson from the early days of cybersecurity and bake safety and security into their models during development, rather than trying to bolt it on after…

Read more →

The CVE system nearly dying shows that someone has lost the plot Opinion  We almost lost the Common Vulnerabilities and Exposures (CVE) database system, but that’s only the tip of the iceberg of what President Trump and company are doing…

Read more →

Chrome will keep third-party cookies, a loss for privacy but a win for web ad rivals After six years of work, Google’s Privacy Sandbox, technology for delivering ads while protecting privacy, looks like dust in the wind.… This article has…

Read more →

As cyber-agency faces cuts, makes noises about switching up program Two top officials have resigned from Uncle Sam’s Cybersecurity and Infrastructure Security Agency, aka CISA, furthering fears of a brain drain amid White House cuts to the federal workforce.… This…

Read more →

In effect: ‘Ha ha – the government is borked and so are you’ Ransomware scumbags – potentially those behind the Fog gang – are channeling their inner Elon Musk with their latest ransom note, spotted by researchers at Trend Micro.……

Read more →

Security bods can earn up to $10K per report Ransomware threat hunters can now collect rewards of $10,000 for each piece of intel they file under a new bug bounty that aims to squash extortionists.… This article has been indexed…

Read more →

Retailer tight-lipped on details as digital hiccup disrupts customer orders UK high street mainstay Marks & Spencer told the London Stock Exchange this afternoon it has been managing a “cyber incident” for “the past few days.”… This article has been…

Read more →

What used to be a serious issue mainly in Southeast Asia is now the world’s problem Scam call centers are metastasizing worldwide “like a cancer,” according to the United Nations, which warns the epidemic has reached a global inflection point…

Read more →

10 other certificates ‘were mis-issued and have now been revoked’ Certificate issuer SSL.com’s domain validation system had an unfortunate bug that was exploited by miscreants to obtain, without authorization, digital certs for legit websites.… This article has been indexed from…

Read more →

Erlang? Er, man, no problem. ChatGPT, Claude to go from flaw disclosure to actual attack code in hours The time from vulnerability disclosure to proof-of-concept (PoC) exploit code can now be as short as a few hours, thanks to generative…

Read more →

It’s now hitting govt, enterprise targets On March 11 – Patch Tuesday – Microsoft rolled out its usual buffet of bug fixes. Just eight days later, miscreants had weaponized one of the vulnerabilities, using it against government and private sector…

Read more →

AI-spoofed Mark joins fellow billionaires as the voice of the street – here’s how it was probably done Video  Crosswalk buttons in various US cities were hijacked over the past week or so to – rather than robotically tell people…

Read more →

Using LLMs to pick programs, people, contracts to cut is bad enough – but doing it with Musk’s Grok? Yikes A group of 48 House Democrats is concerned that Elon Musk’s cost-trimmers at DOGE are being careless in their use…

Read more →

Some in the infosec world definitely want to see Big Red crucified CISA – the US government’s Cybersecurity and Infrastructure Security Agency – has issued an alert for those who missed Oracle grudgingly admitting some customer data was stolen from…

Read more →

MITRE, EUVD, GCVE … WTF? Comment  The splintering of the global system for identifying and tracking security bugs in technology products has begun.… This article has been indexed from The Register – Security Read the original article: CVE fallout: The…

Read more →

Illegitimi non carborundum? Nice password, Mr Ex-CISA Chris Krebs, the former head of the US Cybersecurity and Infrastructure Security Agency (CISA) and a longtime Trump target, has resigned from SentinelOne following a recent executive order that targeted him and revoked…

Read more →

Illegitimi non carborundum? Nice password, Mr Ex-CISA Chris Krebs, the former head of the US Cybersecurity and Infrastructure Security Agency (CISA) and a longtime Trump target, has resigned from SentinelOne following a recent executive order that targeted him and revoked…

Read more →

Truck-mounted demonstration weapon costs 10p a pop, says MOD British soldiers have successfully taken down drones with a radio-wave weapon.… This article has been indexed from The Register – Security Read the original article: Brit soldiers tune radio waves to…

Read more →

Ignored infosec rules, exfiltrated data … then the mysterious login attempts from a Russian IP address began – claim Democratic lawmakers are calling for an investigation after a tech staffer at the US National Labor Relations Board (NLRB) blew the…

Read more →