'Dead simple' hijacking hole in Apache Tomcat 'now actively exploited in the wild'
Updated One PUT request, one poisoned session file, and the server’s yours
CSO18 Mar 2025 | 8
Based in the San Francisco Bay Area, Iain is a cybersecurity reporter for The Register. Iain also hosts our Kettle podcast series and other videos. He has more than 20 years of IT publishing experience, holding positions including technical editor and news editor as well as previously Register region editor.
Don't want Copilot app on your Windows 11 machine? Install this official update
Microsoft says disappearance of Clippy 2.0 is an error it will shortly fix
AI + ML17 Mar 2025 | 36
RIP Mark Klein, the engineer who exposed US domestic spying ops after wiring it up
AT&T engineer, and the Deep Throat of the network age, dies at 79
Networks15 Mar 2025 | 38
Pirate Bay financier and far-right activist Carl Lundström dies in plane crash
Mooney M20 propeller plane hit mountain in Slovenia amid bad weather
Offbeat14 Mar 2025 | 68
Judge orders Feds rehire workers falsely fired for lousy performance
Veteran of Oracle vs Google Java trial fumes over 'gimmicks' and 'sham' arguments
Public Sector14 Mar 2025 | 109
Google says it's rolling out fix for stricken Chromecasts
It'll take a few days, give or take your situation
Personal Tech13 Mar 2025 | 20
As Chromecast outage drags on, fix could be days to weeks away
Updated Google apologizes but won’t say what went wrong nor when it will make things right
Personal Tech13 Mar 2025 | 41
Get off that old Firefox by Friday or you'll be sorry, says Moz
Root cert expiry may bring breakage or worse for add-ons, media playback, and more
Applications13 Mar 2025 | 43
CISA pen-tester says 100-strong red team binned after DOGE canceled contract
Updated Election infosec advisory center also shuttered
Public Sector12 Mar 2025 | 166
Choose your own Patch Tuesday adventure: Start with six zero-day fixes, or six critical flaws
Patch Tuesday Microsoft tackles 50-plus security blunders, Adobe splats 3D bugs, and Apple deals with a doozy
Patches12 Mar 2025 | 23
No peace for Gandi this past weekend, after storage SNAFU breaks email and more
Oh, and Musk blames ‘Ukraine area’ for X downtime
Storage11 Mar 2025 | 21
Google begs owners of crippled Chromecasts not to hit factory reset
Updated Expired security cert kerfuffle leaves second-gen, Audio gadgets useless
Personal Tech10 Mar 2025 | 63
Developer sabotaged ex-employer with kill switch activated when he was let go
IsDavisLuEnabledInActiveDirectory? Not any more. IsDavisLuGuilty? Yes. IsDavisLuFacingJail? Also yes
Bootnotes08 Mar 2025 | 79
Athena Moon lander officially FOADs – falls over and dies – in crater
Second time unlucky for Intuitive Machines, but hey, at least we got 250MB of data from it
Science07 Mar 2025 | 37
Moonshot goes sideways as Intuitive Machines' second lunar lander seemingly falls over
Space is hard. Hopefully not so hard the three rovers on this spaceship are lost
Science07 Mar 2025 | 35
The Badbox botnet is back, powered by up to a million backdoored Androids
Best not to buy cheap hardware and use third-party app stores if you want to stay clear of this vast ad fraud effort
Cyber-crime07 Mar 2025 | 10
Uncle Sam mulls policing social media of all would-be citizens
President ordered immigration officials to ramp up vetting of foreigners 'to the maximum degree'
Public Sector06 Mar 2025 | 78
Cybereason CEO leaves after months of boardroom blowups
Updated Complaint alleges 13 funding proposals foundered amid battle for control
Security06 Mar 2025 | 2
Ex-NSA grandee says Trump's staff cuts will 'devastate' America's national security
Video Would 'destroy a pipeline of top talent essential for hunting' Chinese spies in US networks, Congress told
Public Sector05 Mar 2025 | 57
Ransomware thugs threaten Tata Technologies with leak if demands not met
Hunters International ready to off-shore 1.4 TB of info allegedly swiped from Indian giant
Ransomware in Focus05 Mar 2025 | 4
Please fasten your seatbelts. A third of US air traffic control systems are 'unsustainable'
And the FAA's modernization efforts are going so badly they won't exit turbulence any time soon
Public Sector05 Mar 2025 | 124
US stocks slip as Trump pulls trigger on Canada, Mexico, China tariffs
Updated With friends like these...
Public Sector03 Mar 2025 | 110
Microsoft blames Outlook's wobbly weekend on 'problematic code change'
And Monday's not looking that steady, either
SaaS03 Mar 2025 | 27
Cybersecurity not the hiring-'em-like-hotcakes role it once was
Analysis Ghost positions, HR AI no help – biz should talk to infosec staff and create 'realistic' job outline, say experts
CSO03 Mar 2025 | 15
US Cyber Command reportedly pauses cyberattacks on Russia
Infosec In Brief PLUS: Phishing suspects used fishing gear as alibi; Apple's 'Find My' can track PCs and Androids; and more
Security03 Mar 2025 | 99
FBI officially fingers North Korea for $1.5B Bybit crypto-burglary
Federal agents, open up ... your browsers and see if you recognize any of these wallets
Cyber-crime27 Feb 2025 | 22
FAA confirms it's testing Starlink, maybe for tasks Elon says Verizon is doing badly
Plus: Musk's biz empire reportedly pulled in $6B-plus from Uncle Sam last year
Networks27 Feb 2025 | 36
Bybit declares war on North Korea's Lazarus crime-ring to regain $1.5B stolen from wallet
Up to $140M in bounty rewards for return of Ethereum allegedly pilfered by hermit nation
Cyber-crime26 Feb 2025 | 14
Qualcomm pledges 8 years of security updates for Android kit using its chips (YMMV)
Starting with Snapdragon 8 Elite and 'droid 15
Personal Tech26 Feb 2025 | 5
200-plus impressively convincing GitHub repos are serving up malware
Infosec bytes Plus: DOGE staff quit; LastPass PC, Mac gasp; and CISA warns Oracle and Adobe flaws under attack
Security26 Feb 2025 | 9
Incoming deputy boss of Homeland Security says America's top cyber-agency needs to be reined in
Plus: New figurehead of DOGE emerges and they aren't called Elon
Public Sector26 Feb 2025 | 37
Google binning SMS MFA at last and replacing it with QR codes
Everyone knew texted OTPs were a dud back in 2016
CSO25 Feb 2025 | 105
US Dept of Housing screens sabotaged to show deepfake of Trump sucking Elon's toes
'Appropriate action will be taken,' we're told – as federal HR email sparks uproar, ax falls on CISA staff
Public Sector24 Feb 2025 | 133
As Amazon takes over the Bond franchise, we submit our scripts for the next flick
License To Kill -9 ... For Your iPhone Only ... AI Another Day ... The name's Bezos, Jeff Bezos
Bootnotes21 Feb 2025 | 143
Oops, some of our customers' Power Pages-hosted sites were exploited, says Microsoft
Don't think this is SaaS and you can relax: Redmond wants a few of you to check your websites
Cyber-crime20 Feb 2025 | 4
Medusa ransomware gang demands $2M from UK private health services provider
Exclusive 2.3 TB held to ransom as biz formerly known as Virgin Care tells us it's probing IT 'security incident'
Cyber-crime20 Feb 2025 | 10
US Army soldier linked to Snowflake extortion rampage admits breaking the law
That's the way the cookie melts
Cyber-crime20 Feb 2025 |
Einstein Probe finds two stars that have spent 40 million years taking turns eating each other
Odd X-ray flashes gave the game away, just few weeks after China-led mission launched
Science19 Feb 2025 | 24
Palo Alto firewalls under attack as miscreants chain flaws for root access
If you want to avoid urgent patches, stop exposing management consoles to the public internet
Security19 Feb 2025 | 8
Nearly 10 years after Data and Goliath, Bruce Schneier says: Privacy’s still screwed
Interview 'In 50 years, I think we'll view these business practices like we view sweatshops today'
Security15 Feb 2025 | 73
Mysterious Palo Alto firewall reboots? You're not alone
Limited-edition hotfix to get wider release before end of month
Networks13 Feb 2025 | 6
Sophos sheds 6% of staff after swallowing Secureworks
De-dupes some roles, hints others aren't needed as the infosec scene shifts
CSO13 Feb 2025 | 7
February's Patch Tuesday sees Microsoft offer just 63 fixes
Patch Tuesday Don't relax just yet: Redmond has made some certificate-handling changes that could trip unprepared admins
Security12 Feb 2025 | 10
Apple warns 'extremely sophisticated attack' may be targeting iThings
Cupertino mostly uses bland language when talking security, so this sounds nasty
Security11 Feb 2025 | 23
All your 8Base are belong to us: Ransomware crew busted in global sting
updated Dark web site seized, four cuffed in Thailand
Cyber-crime10 Feb 2025 | 3
If Ransomware Inc was a company, its 2024 results would be a horror show
35% drop in payments across the year as your backups got better and law enforcement made a difference
CSO07 Feb 2025 | 2
Democrats demand to know WTF is up with that DOGE server on OPM's network
Updated Are you trying to make this easy for China and Russia?
Public Sector06 Feb 2025 | 153
Robocallers who phoned the FCC pretending to be from the FCC land telco in trouble
Don't laugh: The $4.5m fine proposed for carrier Telnyx shows how the Trump administration will run its comms regulator
Networks06 Feb 2025 | 30
Google: How to make any AMD Zen CPU always generate 4 as a random number
Malicious microcode vulnerability discovered, fixes rolling out for Epycs at least
Patches04 Feb 2025 | 75
Google patches odd Android kernel security bug amid signs of targeted exploitation
Also, Netgear fixes critical router, access point vulnerabilities
Patches04 Feb 2025 | 5
Microsoft to kill off Defender VPN this month
Throw Copilot down the same well, too, maybe? No? OK
Software03 Feb 2025 | 20
DeepSeek or DeepFake? Our vultures circle China's hottest AI
Kettle If this keeps Silicon Valley on its toes and honest, who are we to complain?
AI + ML01 Feb 2025 | 41
Asteroid as wide as 886 cans of spam may hit Earth in 2032
Video Is this NEO the one? Yup, as in, a 1% chance of hitting us ... sadly
Science31 Jan 2025 | 75
Google to Iran: Yes, we see you using Gemini for phishing and scripting. We're onto you
And you, China, Russia, North Korea ... Guardrails block malware generation
Security31 Jan 2025 | 13
Wacom says crooks probably swiped customer credit cards from its online checkout
Digital canvas slinger indicates dot-com was skimmed for over a month
Cyber-crime30 Jan 2025 | 3
Court rules FISA Section 702 surveillance of US resident was unconstitutional
'Public interest alone does not justify warrantless querying' says judge
Security24 Jan 2025 | 19
Asus lets processor security fix slip out early, AMD confirms patch in progress
Updated Answers on a postcard to what 'Microcode Signature Verification Vulnerability' might mean
Patches23 Jan 2025 | 11
Oracle emits 603 patches, names one it wants you to worry about soon
Old flaws that keep causing trouble haunt Big Red
Patches23 Jan 2025 |
PowerSchool theft latest: Decades of Canadian student records, data from 40-plus US states feared stolen
Updated Lawsuits pile up after database accessed by miscreants
Cyber-crime22 Jan 2025 | 31
Atlassian's Bitbucket Cloud went down 'hard' today
Same, Big A, same
SaaS21 Jan 2025 | 11
Biting the hand that feeds IT
