Login
Who, Me? Ah, gentle reader, welcome back once again to the comfortable backwater of The Register we call Who, Me? in which readers' tales of not-quite-rightness are immortalized for the ages.β¦
The US Department of Commerce added six more entities to its blacklist on Friday on grounds of national security after an errant Chinese surveillance balloon was shot down over the US last week.β¦
Several California medical groups have sent security breach notification letters to more than three million patients alerting them that crooks may have stolen a ton of their sensitive health and personal information during a ransomware infection in December.β¦
The US and UK have sanctioned seven Russians for their alleged roles in disseminating Conti and Ryuk ransomware and the Trickbot banking trojan.β¦
The Chinese surveillance balloon that drifted across the US last week looks set to spark a new round of sanctions against Middle Kingdom tech firms.β¦
Australia's Defence Department removed all Chinese manufactured surveillance cameras after an audit detailed the number of Hikvision and Dahua devices installed in various government facilities.β¦
As Valentine's Day approaches, if your offshore oil rig worker "boyfriend" β who looks like Bradley Cooper in his online pics and has hinted at proposing to you for months, but you've never met in real life β suddenly needs money for "hospital bills" β¦ Just. Don't. Do. It.β¦
Colorful web forum Reddit has revealed it has suffered a security breach.β¦
A team of codebreakers discovered β and then cracked βΒ more than 50 secret letters written by Mary Stuart, Queen of Scots while she was imprisoned in England by her cousin, Queen Elizabeth I.Β β¦
The US National Institute of Standards and Technology wants to protect all devices great and small, and is getting closer to settling on next-gen cryptographic algorithms suitable for systems at both ends of that spectrum β the very great and the very small.β¦
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a recovery script to help companies whose servers were scrambled in the recent ESXiArgs ransomware outbreak.β¦
Ahad Shams, the co-founder of Web3 metaverse gaming engine startup Webaverse, discovered in late November 2022 that someone had stolen $4 million of his cryptocurrency β during a real world interaction.β¦
French police have arrested a 25-year-old Finnish man accused of hacking a psychotherapy clinic, stealing more than 22,000 patients' therapy notes, demanding ransom payments from them and also leaking this very private info on a Tor website.β¦
An encrypted messaging service that has been on law enforcement's radar since a 2019 raid on an old NATO bunker has been shut down after a sweeping series of raids across Europe last week.Β β¦
A top US cyber diplomat said his Twitter account was compromised over the weekend.β¦
A free tool aims is helping organizations defend against KillNet distributed-denial-of-service (DDoS) bots and comes as the US government issued a warning that the Russian cybercrime gang is stepping up its network flooding attacks against hospitals and health clinics.β¦
Webinar There was a time when data was stored in cardboard files inside metal filing cabinets. The drawers were locked with a little key in the corner of the cabinet, which generally meant there was no getting in unless you had that key or at least some time to spare with a crowbar.β¦
Opinion The tech sector is failing at cybersecurity. Global spending on the stuff is at $190 billion a year, a quarter of the US defense budget. That hasn't stemmed an estimated $7 trillion in annual cybercriminal damages. People are fond of saying that the Wild West days of the internet are over, but on those numbers an 1875 Dodge City bank vault looks like Fort Knox.β¦
When a Texas school district sold some old laptops at auction last year, it probably didn't expect to end up in a public legal fight with a local computer repair shop β but a debate over what to do with district data found on the liquidated machines has led to precisely that.β¦
France's Computer Emergency Response Team has issued a Bulletin D'Alerte regarding a campaign to infect VMwareβs ESXI hypervisor with ransomware.β¦
The hack of SolarWinds' software more than two years ago pushed the threat of software supply chain attacks to the front of security conversations, but is anything being done?.β¦
Microsoft believes the gang who boasted it had stolen and leaked more than 200,000 Charlie Hebdo subscribers' personal information is none other than a Tehran-backed criminal group.β¦
A sneaky botnet dubbed HeadCrab that uses bespoke malware to mine for Monero has infected at least 1,200 Redis servers in the last 18 months.β¦
The reasons businesses and consumers like contactless payment transactions β high security and speed β are what make those systems bad for cybercriminals.β¦
The man accused of bringing down decentralized crypto exchange Mango Markets through market manipulation has made his first appearance in court in connection with the theft of millions in cryptocurrency.β¦
Updated A Chinese high-altitude spy balloon, spotted drifting over America, has caused concern about national security β though the US Department of Defense says it will not be shot down by F22s at this time.β¦
A former employee of RAC, one of Britain's major roadside recovery service operators, has pleaded guilty to data theft after he stored traffic accident information on his personal device that was passed onto claims companies.β¦
UK regulators are investigating a cyberattack against financial technology firm ION, while the LockBit ransomware gang has threatened to publish the stolen data on February 4 if the software provider doesn't pay up.β¦
A former Ubiquiti Networks employee accused of hatching an elaborate plot to first steal nearly $2 million from his employer, extort more, then later orchestrating a smear campaign against the company pleaded guilty to multiple felony charges Thursday.β¦
Malvertising attacks are being used to distribute virtualized .NET loaders that are highly obfuscated and dropping info-stealer malware.β¦
Super Bock Group, Portugal's largest beverage biz, is warning of potential interruption to supplies as it manages the fallout from cybercrooks attacking its tech infrastructure.β¦
Google sweetened the potential pot to $30,000 for bug hunters in its open source OSS-Fuzz code testing project.β¦
Microsoft this week rolled out fixes to issues caused by security updates released in December 2022 that botched how XPS documents are displayed in various versions of .NET and .NET Framework.β¦
Miscreants using malicious OAuth applications abused Microsoft's "verified publisher" status to gain access to organizations' cloud environments, then steal data and pry into to users' mailboxes, calendars, and meetings.β¦
Organizations using Microsoft's Defender for Endpoint will now be able to isolate Linux devices from their networks to contain intrusions and whatnot.β¦
Webinar If your IT team is making new year resolutions, one of them might be to ramp up safeguarding measures for the increasing amount of unstructured data being captured by businesses and organizations.β¦
Collapsed crypto exchange FTX's Japanese outpost has told customers it will permit them to withdraw assets in February.β¦
South Korea's Ministry of Justice will create a "Virtual Currency Tracking System" to crack down on money laundering facilitated by cryptocurrencies, and rated the establishment of the facility among its priorities for the year.β¦
Users of enterprise-managed Chromebooks now, for better or worse, have a way to break the shackles of administrative control through an exploit called SHI1MMER.β¦
Malware developers and penetration testers are in high demand across dark web job posting sites, with a few astonishing - but mostly average - wages.β¦
The operators of the Windows Gootloader malware β a crew dubbed UNC2565 β have upgraded the code in cunning ways to make it more intrusive and harder to find.β¦
Sports fashion retailer JD Sports has confirmed miscreants broke into a system that contained data on a whopping 10 million customers, but no payment information was among the mix.β¦
Webinar It's a startling truth but 45 percent of workers in the US believe using public Wi-Fi is safe.β¦
in brief Russian hackers have proved yet again how quickly cyber attacks can be used to respond to global events with a series of DDoS attacks on German infrastructure and government websites in response to the country's plan to send tanks to Ukraine.β¦
A French citizen was scheduled to appear before a US court on Friday on a nine-count indictment related to his alleged involvement in the ShinyHunters cybercrime gang that trafficked in identity and corporate data theft and sometimes extortion.β¦
Microsoft is urging organizations to protect their Exchange servers from cyberattacks by keeping them updated and hardened, since online criminals are still going after valuable data in the email system.β¦
Uncle Sam has put up a $10 million reward for intel on Hive ransomware criminals' identities and whereabouts, while Russia has blocked the FBI and CIA websites, along with the Rewards for Justice site offering the bounty.β¦
The FBI said it has shut down the Hive's ransomware network, seizing control of the notorious gang's servers and websites, and thwarting the pesky criminals' ability to sting future victims.β¦
The FBI has confirmed what cybersecurity researchers have been saying for months: the North Korean-sponsored Lazarus Group was behind the theft last year of $100 million in crypto assets from blockchain startup Harmony.β¦
Sponsored Post They say there's no such thing as a free lunch, but in fact there's a veritable feast of valuable resources online for infosec professionals which won't cost you anything.β¦
The UK's National Cyber Security Centre (NCSC) has warned of two similar spear-phishing campaigns, one originating from Russia, the other from Iran.β¦
Google's Threat Analysis Group (TAG) has burned more than 50,000 spammy fake news stories and other content posted by the pro-China 'Dragonbridge' gang.β¦
A man suspected of stealing personal data belonging to tens of millions of people worldwide and selling that info on cybercrime forums has been arrested by Dutch police.β¦
Most Windows-powered datacenter systems and applications remain vulnerable to a spoofing bug in CryptoAPI that was disclosed by the NSA and the UK National Cyber Security Center (NCSC) and patched by Microsoft last year, according to Akamai's researchers.β¦
Microsoft in March will start blocking Excel XLL add-ins from the internet to shut down an increasingly popular attack vector for miscreants.β¦
Webinar The implementation of lockdowns during the maelstrom of the Coronavirus pandemic led to fast track changes to traditional work practices. To meet the challenges of operating in a global emergency, businesses and organizations of every kind had to urgently find a way to keep operating.β¦
Sponsored Post The scale of cybersecurity threats facing Latin America was brought into focus by recently when it published details of NICKEL, a "China-based threat actor". The malware was used to attack global organisations with "a large amount of activity" targeting Central and South America, including Mexico and Brazil.β¦
Remote access outfit GoTo has admitted that a threat actor exfiltrated an encryption key that allowed access to "a portion" of encrypted backup files.β¦
VMware has issued fixes for four vulnerabilities, including two critical 9.8-rated remote code execution bugs, in its vRealize Log Insight software.Β β¦
Apple has issued an emergency patch for older kit to fix a WebKit security flaw that Cupertino warns is under active attack.β¦
FreshRSS