UK councils bat away DDoS barrage from pro-Russia keyboard warriors
Local authority websites downed in response to renewed support for Ukraine
Cyber-crime01 Nov 2024 | 16
Security
Hack Nintendo's alarm clock to show cat pics? Let's-a-go!
How 'Gary' defeated Bowser broke into the interactive alarm clock
Security01 Nov 2024 | 21
Gang gobbles 15K credentials from cloud and email providers' garbage Git configs
Emeraldwhale looked sharp – until it made a common S3 bucket mistake
Research31 Oct 2024 | 1
LottieFiles supply chain attack exposes users to malicious crypto wallet drainer
A scary few Halloween hours for team behind hugely popular web plugin
Cyber-crime31 Oct 2024 | 11
Tower PC case used as 'creative cavity' by drug importer
Motherboard missing, leaving space for a million hits of meth
Cyber-crime31 Oct 2024 | 55
Chinese attackers accessed Canadian government networks – for five years
India makes it onto list of likely threats for the first time
Cybersecurity Month31 Oct 2024 | 13
Windows Themes zero-day bug exposes users to NTLM credential theft
Plus a free micropatch until Redmond fixes the flaw
Security30 Oct 2024 | 5
Fired Disney staffer accused of hacking menu to add profanity, wingdings, removes allergen info
If you're gonna come at the mouse, you need to be better at hiding your tracks
Security30 Oct 2024 | 57
Russian spies use remote desktop protocol files in unusual mass phishing drive
The prolific Midnight Blizzard crew cast a much wider net in search of scrummy intel
Cyber-crime30 Oct 2024 | 17
Beijing claims it's found 'underwater lighthouses' that its foes use for espionage
Release the Kraken!
Security30 Oct 2024 | 66
Uncle Sam outs a Russian accused of developing Redline infostealing malware
Or: why using the same iCloud account for malware development and gaming is a bad idea
Cyber-crime29 Oct 2024 | 4
Cast a hex on ChatGPT to trick the AI into writing exploit code
'It was like watching a robot going rogue' says researcher
Cybersecurity Month29 Oct 2024 | 27
Belgian cops cuff 2 suspected cybercrooks in Redline, Meta infostealer sting
US also charges an alleged Redline dev, no mention of an arrest
Cyber-crime29 Oct 2024 | 1
The story behind the Health Infrastructure Security and Accountability Act
Health care breaches lead to legislation
Partner Content
Admins better Spring into action over latest critical open source vuln
Patch up: The Spring framework dominates the Java ecosystem
Security29 Oct 2024 | 1
Merde! Macron's bodyguards reveal his location by sharing Strava data
It's not just the French president, Biden and Putin also reportedly trackable
Security29 Oct 2024 | 23
Five Eyes nations tell tech startups to take infosec seriously. Again
Only took 'em a year to dish up some scary travel advice, and a Secure Innovation … Placemat?
Cybersecurity Month29 Oct 2024 | 14
Wanted. Top infosec pros willing to defend Britain on shabby salaries
GCHQ job ads seek top talent with bottom-end pay packets
Security29 Oct 2024 | 116
JPMorgan Chase sues scammers following viral 'infinite money glitch'
ATMs paid customers thousands ... and now the bank wants its money back
Security28 Oct 2024 | 47
Feds investigate China's Salt Typhoon amid campaign phone hacks
'They're taunting us,' investigator says and it looks like it's working
Security28 Oct 2024 | 5
Popular
If Trump gets elected, get your tech buying done asap
60% tariffs on all Chinese goods are going to slam the IT sector
VMware by Broadcom lifts storage allowances and prices for vSphere Foundation
This will both ease and exacerbate price concerns and competitive sniping
Chinese attackers accessed Canadian government networks – for five years
India makes it onto list of likely threats for the first time
Windows 10 given an extra year of supported life, for $30
MIcrosoft extends its Extended Security Updates club to consumers, at last
Hide the keyboard – it's the only way to keep this software running
On Call Lunch can be surprisingly dangerous. So can tea
Tower PC case used as 'creative cavity' by drug importer
Motherboard missing, leaving space for a million hits of meth
LottieFiles supply chain attack exposes users to malicious crypto wallet drainer
A scary few Halloween hours for team behind hugely popular web plugin
Apple throws shade on pokey AI PCs, claims its maxed out M4 chips are 4x faster
Busy week for Cupertino sees shrunken Mac minis, updated lappies, and new SoCs
Microsoft turning away AI training workloads – inferencing makes better money
Azure's acceleration continues, but so do costs
Microsoft accused of 'greenwashing' as AI used in fossil fuel exploration
Activists press Redmond to come clean on ‘material reputational, legal, and operational risks’
STORIES
Brazen crims selling stolen credit cards on Meta's Threads
Exclusive The platform 'continues to take action' against illegal posts, we're told
Cyber-crime28 Oct 2024 | 20
Delta officially launches lawyers at $500M CrowdStrike problem
Legal action comes months after alleging negligence by Falcon vendor
Cybersecurity Month28 Oct 2024 | 23
Dutch cops pwn the Redline and Meta infostealers, leak 'VIP' aliases
Legal proceedings underway with more details to follow
Cybersecurity Month28 Oct 2024 | 5
WordPress forces user conf organizers to share social media credentials, arousing suspicions
One told to take down posts that said nice things about WP Engine
Software28 Oct 2024 | 40
Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns
in brief Also, Change Healthcare sets a record, cybercrime cop suspect indicted, a new Mallox decryptor, and more
Security27 Oct 2024 | 35
Worker surveillance must comply with credit reporting rules
US Consumer Financial Protection Bureau demands transparency, accountability from sellers of employee metrics
Security26 Oct 2024 | 18
Just how private is Apple's Private Cloud Compute? You can test it to find out
Also updates bug bounty program with $1M payout
Security25 Oct 2024 | 14
Putin's pro-Trump trolls accuse Harris of poaching rhinos
Plus: Iran's IRGC probes election-related websites in swing states
Security25 Oct 2024 | 85
AWS Cloud Development Kit flaw exposed accounts to full takeover
Remember Bucket Monopoly? Yeah, it gets worse
Cybersecurity Month24 Oct 2024 | 13
Emergency patch: Cisco fixes bug under exploit in brute-force attacks
Who doesn't love abusing buggy appliances, really?
Software24 Oct 2024 | 3
Bitwarden's FOSS halo slips as new SDK requirement locks down freedoms
Arguments continue but change suggests it's not Free Software anymore
Applications24 Oct 2024 | 16
Ransomware's ripple effect felt across ERs as patient care suffers
389 US healthcare orgs infected this year alone
Cybersecurity Month24 Oct 2024 | 1
Voice-enabled AI agents can automate everything, even your phone scams
All for the low, low price of a mere dollar
Security24 Oct 2024 | 23
China's top messaging app WeChat banned from Hong Kong government computers
Google and WhatsApp also binned, which is far easier to explain than canning a local hero
Security24 Oct 2024 | 14
Anthropic's latest Claude model can interact with computers – what could go wrong?
For starters, it could launch a prompt injection attack on itself...
AI + ML24 Oct 2024 | 8
Perfctl malware strikes again as crypto-crooks target Docker Remote API servers
Attacks on unprotected servers reach 'critical level'
Cybersecurity Month24 Oct 2024 | 1
Samsung phone users under attack, Google warns
Don't ignore this nasty zero day exploit says TAG
Cyber-crime24 Oct 2024 | 10
Penn State pays DoJ $1.25M to settle cybersecurity compliance case
Fight On, State? Not this time
Security23 Oct 2024 | 3
FortiManager critical vulnerability under active attack
Updated Security shop and CISA urge rapid action
Cybersecurity Month23 Oct 2024 | 7
'Satanic' data thief claims to have slipped into 350M Hot Topic shoppers info
We know where you got your skinny jeans - big deal
Cyber-crime23 Oct 2024 | 2
Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch
Plus, a POC to make it extra easy for attackers
Security23 Oct 2024 |
Millions of Android and iOS users at risk from hardcoded creds in popular apps
Azure Blob Storage, AWS, and Twilio keys all up for grabs
Cybersecurity Month23 Oct 2024 | 17
US lawmakers push DoJ to prosecute tax prep firms for leaking taxpayer data to big tech
TaxSlayer, H&R Block, TaxAct, and Ramsey Solutions accused of sharing info with Meta and Google
Security22 Oct 2024 | 6
TSMC blows whistle on potential sanctions-busting shenanigans from Huawei
Chip giant tells Uncle Sam someone could be making orders on the sly
Systems22 Oct 2024 | 13
VMware fixes critical RCE, make-me-root bugs in vCenter - for the second time
If the first patches don't work, try, try again
Patches22 Oct 2024 | 2
Tech firms to pay millions in SEC penalties for misleading SolarWinds disclosures
Unisys, Avaya, Check Point, and Mimecast settled with the agency without admitting or denying wrongdoing
Software22 Oct 2024 | 7
Akira ransomware is encrypting victims again following pure extortion fling
Crooks revert to old ways for greater efficiency
Cybersecurity Month22 Oct 2024 | 2
Pixel perfect Ghostpulse malware loader hides inside PNG image files
Miscreants combine it with an equally tricky piece of social engineering
Cybersecurity Month22 Oct 2024 | 34
China’s Spamouflage cranks up trolling of US Senator Rubio as election day looms
Note to Xi: Marco and Ted Cruz aren't the same person
Security21 Oct 2024 | 8
Sophos to snatch Secureworks in $859M buyout: Why fight when you can just buy?
Private equity giant Thoma Bravo adds another trophy to its growing collection
Security21 Oct 2024 | 2
The billionaire behind Trump's 'unhackable' phone is on a mission to fight Tesla's FSD
Interview Dan O'Dowd tells El Reg about the OS secrets and ongoing clash with Musk
Security21 Oct 2024 | 113
macOS HM Surf vuln might already be under exploit by major malware family
Like keeping your camera and microphone private? Patch up
Cybersecurity Month21 Oct 2024 | 14
Tesla, Intel, deny they're the foreign company China just accused of making maps that threaten national security
As TSMC defends itself against report it may have helped Huawei
Security21 Oct 2024 | 13
Internet Archive exposed again – this time through Zendesk
Org turns its woes into a fundraising opportunity
Security21 Oct 2024 | 9
Open source LLM tool primed to sniff out Python zero-days
The static analyzer uses Claude AI to identify vulns and suggest exploit code
Security20 Oct 2024 | 9
Jetpack fixes 8-year-old flaw affecting millions of WordPress sites
In Brief - Updated Also, new EU cyber reporting rules are live, exploiters hit the gas pedal, free PDNS for UK schools, and more
Security18 Oct 2024 | 5
Alleged Bitcoin crook faces 5 years after SEC's X account pwned
SIM swappers strike again, warping cryptocurrency prices
Cybersecurity Month18 Oct 2024 | 14
ESET denies it was compromised as Israeli orgs targeted with 'ESET-branded' wipers
Says 'limited' incident isolated to 'partner company'
Cybersecurity Month18 Oct 2024 | 3
Intel hits back at China's accusations it bakes in NSA backdoors
Chipzilla says it obeys the law wherever it is, which is nice
Security18 Oct 2024 | 28
Biz hired, and fired, a fake North Korean IT worker – then the ransom demands began
'My webcam isn't working today' is the new 'The dog ate my network'
Cybersecurity Month18 Oct 2024 | 41
Uncle Sam puts $10M bounty on Russian troll farm Rybar
Propaganda op focuses on anti-West narratives to meddle with elections
Security18 Oct 2024 | 9
Troubled US insurance giant hit by extortion after data leak
Globe Life claims blackmailers shared stolen into with short sellers
Security17 Oct 2024 |
Brazilian police claim they've cuffed serial cybercrook behind FBI and Airbus attacks
Early stage opsec failures lead to landmark arrest of suspected serial data thief
Cybersecurity Month17 Oct 2024 | 3
WeChat devs introduced security flaws when they modded TLS, say researchers
No attacks possible, but enough issues to cause concern
Cybersecurity Month17 Oct 2024 | 15
Anonymous Sudan isn't any more: Two alleged operators named, charged
Gang said to have developed its evilware on GitHub – then DDoSed GitHub
Cybersecurity Month17 Oct 2024 | 5
US contractor pays $300K to settle accusation it didn't properly look after Medicare users' data
Resolves allegations it improperly stored screenshots containing PII that were later snaffled
Cybersecurity Month16 Oct 2024 | 7
Critical default credential in Kubernetes Image Builder allows SSH root access
It's called leaving the door wide open – especially in Proxmox
Security16 Oct 2024 | 12
Volkswagen monitoring data dump threat from 8Base ransomware crew
The German car giant appears to be unconcerned
Cyber-crime16 Oct 2024 | 1
Critical hardcoded SolarWinds credential now exploited in the wild
Another blow for IT software house and its customers
Security16 Oct 2024 | 23
China’s infosec leads accuse Intel of NSA backdoor, cite chip security flaws
Uncle Sam having a secret way into US tech? Say it ain't so
Systems16 Oct 2024 | 30
Internet Archive wobbles back online, with limited functionality
DDoS detectives deduce Mirai used to do the deed, using home entertainment boxes in Korea, China, and Brazil
Cybersecurity Month16 Oct 2024 | 14
IBM acquires Indian SaaS startup Prescinto to shine a light on renewable energy assets
Also: Crypto-hub Binance helps Delhi police shut down solar power scam
SaaS16 Oct 2024 | 1
WhatsApp may expose the OS you use to run it – which could expose you to crooks
Updated Meta knows messaging service creates persistent user IDs that have different qualities on each device
Research16 Oct 2024 | 16
Cisco confirms 'ongoing investigation' after crims brag about selling tons of data
UPDATED Networking giant says 'no evidence' of impact on its systems but will tell customers if their info has been stolen
Cyber-crime15 Oct 2024 | 7
Microsoft says more ransomware stopped before reaching encryption
Volume of attacks still surging though, according to Digital Defense Report
Cyber-crime15 Oct 2024 | 6
AI amplifies systemic risk to financial sector, says India's Reserve Bank boss
Who also worries misinformation on social media could threaten liquidity
AI + ML15 Oct 2024 | 6
China again claims Volt Typhoon cyber-attack crew was invented by the US to discredit it
Enough with the racist-sounding 'dragons' and 'pandas', Beijing complains – then points the finger at koalas
Cybersecurity Month15 Oct 2024 | 17
US healthcare org admits up to 400,000 people's personal info was snatched
It waited till just before Columbus Day weekend to make mandated filing, but don't worry, we saw it
Cybersecurity Month14 Oct 2024 | 3
Leveraging AI/ML for next-gen SOC environments
Technologies that help SOCs detect, analyze, and respond to emerging threats faster and more accurately
Partner Content
Trump campaign arms up with 'unhackable' phones after Iranian intrusion
Florida man gets his hands on 'the best ever'
Cybersecurity Month14 Oct 2024 | 145
Thousands of Fortinet instances vulnerable to actively exploited flaw
No excuses for not patching this nine-month-old issue
Cybersecurity Month14 Oct 2024 | 8
How to head off data breaches with CIAM
Let Okta lift the lid on customer identity in this series of webinars
Sponsored Post
Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption
With an off-the-shelf D-Wave machine, but only against very short keys
Cybersecurity Month14 Oct 2024 | 23
Schools bombarded by nation-state attacks, ransomware gangs, and everyone in between
Reading, writing, and cyber mayhem, amirite?
Cybersecurity Month13 Oct 2024 | 33
US and UK govts warn: Russia scanning for your unpatched vulnerabilities
in brief Also, phishing's easier over the phone, and your F5 cookies might be unencrypted, and more
Security12 Oct 2024 | 10
INC ransomware rebrands to Lynx – same code, new name, still up to no good
Researchers point to evidence that scumbags visited the strategy boutique
Cybersecurity Month11 Oct 2024 | 10
US lawmakers seek answers on alleged Salt Typhoon breach of telecom giants
Cyberspies abusing a backdoor? Groundbreaking
Cyber-crime11 Oct 2024 | 10
RAC duo busted for stealing and selling crash victims' data
Roadside assistance biz praised for deploying security monitoring software and reporting workers to cops
Security11 Oct 2024 | 21
Keir Starmer hands ex-Darktrace boss investment minister gig
What's harder? Convincing people to invest in a beleaguered security business or a tiny island everybody hates?
Public Sector11 Oct 2024 | 53
FBI created a cryptocurrency so it could watch it being abused
It worked – alleged pump and dump schemers arrested in UK, US and Portugal this week
Cybersecurity Month11 Oct 2024 | 54
Healthcare attacks spread beyond US – just ask India's Star Health
Updated Acknowledges bulk customer data leak weeks after Telegram channels dangled it online
Cyber-crime11 Oct 2024 | 1
Crooks stole personal info of 77k Fidelity Investments customers
But hey, no worries, the firm claims no evidence of data misuse
Cyber-crime10 Oct 2024 | 3
Fore-get about privacy, golf tech biz leaves 32M data records on the fairway
Researcher spots 110 TB of sensitive info sitting in unprotected database
Cybersecurity Month10 Oct 2024 | 36
CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame
Usual three-week window to address significant risks to federal agencies applies
Cybersecurity Month10 Oct 2024 |
Mozilla patches critical Firefox vuln that attackers are already exploiting
Firefixed: It's maintenance time for low-complexity, high-impact security flaw
Cybersecurity Month10 Oct 2024 | 26
How should CISOs respond to the rise of GenAI?
Apply comprehensive security with access control, secure coding, infrastructure protection and AI governance
Partner Content
Dutch cops reveal takedown of 'world's largest dark web market'
Two arrested after allegedly trying to make off with their ill-gotten gains
Cybersecurity Month10 Oct 2024 | 15
Internet Archive user info stolen in cyberattack, succumbs to DDoS
31M folks' usernames, email addresses, salted-encrypted passwords now out there
Cybersecurity Month10 Oct 2024 | 22
Moscow-adjacent GoldenJackal gang strikes air-gapped systems with custom malware
USB sticks help, but it's unclear how tools that suck malware from them are delivered
Cybersecurity Month09 Oct 2024 | 24
Smart TVs are spying on everyone
Regulators know this is a nightmare and have done little to stop it. Privacy advocacy group wants that to change
Cybersecurity Month09 Oct 2024 | 128
Biting the hand that feeds IT
