If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish Roses aren't cheap, violets are dear, now all your access token are belong to Vladimir CSO15 Feb 2025 | 27
SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN Roses are red, violets are blue, CVE-2024-53704 is sweet for a ransomware crew Networks14 Feb 2025 | 9
Critical PostgreSQL bug tied to zero-day attack on US Treasury High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further Research14 Feb 2025 | 21
Chinese spies suspected of 'moonlighting' as tawdry ransomware crooks Some employees steal sticky notes, others 'borrow' malicious code Cyber-crime14 Feb 2025 | 11
More victims of China's Salt Typhoon crew emerge: Telcos just now hit via Cisco bugs Networks in US and beyond compromised by Beijing's super-snoops pulling off priv-esc attacks Networks13 Feb 2025 | 5
North Korea targets crypto developers via NPM supply chain attack Yet another cash grab from Kim's cronies and an intel update from Microsoft Research13 Feb 2025 | 8
Arizona laptop farmer pleads guilty for funneling $17M to Kim Jong Un 300+ US companies, 70+ individuals hit by the fraudsters Cyber-crime12 Feb 2025 | 20
Ransomware isn't always about the money: Government spies have objectives, too Feature Analysts tell El Reg why Russia's operators aren't that careful, and why North Korea wants money AND data Cyber-crime12 Feb 2025 | 7
Russia's Sandworm caught snarfing credentials, data from American and Brit orgs 'Near-global' initial access campaign active since 2021 Research12 Feb 2025 | 8
Crimelords and spies for rogue states are working together, says Google Only lawmakers can stop them. Plus: software needs to be more secure, but what's in it for us? Cyber-crime12 Feb 2025 | 20
Triplestrength hits victims with triple trouble: Ransomware, cloud hijacks, crypto-mining These crooks have no chill Cyber-crime11 Feb 2025 |
UK, US, Oz blast holes in LockBit's bulletproof hosting provider Zservers Huge if true: Brit Foreign Sec says Putin running a 'corrupt mafia state' Cyber-crime11 Feb 2025 | 41
Man who SIM-swapped the SEC's X account pleads guilty Said to have asked search engine 'What are some signs that the FBI is after you?' Cyber-crime11 Feb 2025 | 9
I'm a security expert, and I almost fell for a North Korea-style deepfake job applicant …Twice Remote position, webcam not working, then glitchy AI face ... Red alert! CSO11 Feb 2025 | 81
US news org still struggling to print papers a week after 'cybersecurity event' Publications across 25 states either producing smaller issues or very delayed ones Cyber-crime10 Feb 2025 | 9
UK industry leaders unleash hurricane-grade scale for cyberattacks Freshly minted organization aims to take the guesswork out of incident severity for insurers and policy holders Cyber-crime07 Feb 2025 | 7
Apple missed screenshot-snooping malware in code that made it into the App Store, Kaspersky claims OCR plugin great for extracting crypto-wallet secrets from galleries Cyber-crime07 Feb 2025 | 7
US cranks up espionage charges against ex-Googler accused of trade secrets heist Mountain View clocked onto the scheme with days to spare AI + ML05 Feb 2025 | 15
Grubhub serves up security incident with a side of needing to change your password Contact info and partial payment details may be compromised Cyber-crime04 Feb 2025 |
Cyberattack on NHS causes hospitals to miss cancer care targets Healthcare chiefs say impact will persist for months Cyber-crime04 Feb 2025 | 12
Gilmore Girls fans nabbed as Eurocops dismantle two major cybercrime forums Nulled and Cracked had a Lorelai-cal rise - until Operation Talent stepped in Security02 Feb 2025 | 2
Welsh woman fined for flatulence-fueled cyber harassment Court said her approach to child access dispute with partner's ex really stinks Bootnotes31 Jan 2025 | 95
Another banner year for ransomware gangs despite takedowns by the cops And it doesn't take a crystal ball to predict the future Cyber-crime31 Jan 2025 | 6
Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet And now you won't stop calling me, I'm kinda busy CSO29 Jan 2025 | 4
'Bro delete the chat': Feel the panic shortly before cops bust major online fraud ring Mastermind begs colluders to bury evidence later used to imprison him Cyber-crime29 Jan 2025 | 21
Baguette bandits strike again with ransomware and a side of mockery Big-game hunting to the extreme Cyber-crime28 Jan 2025 | 6
DARPA asking for ideas on automating money laundering detection With all the AI hype swirling around, you'd think someone would've cracked this one already Software28 Jan 2025 | 22
Someone is slipping a hidden backdoor into Juniper routers across the globe, activated by a magic packet Who could be so interested in chips, manufacturing, and more, in the US, UK, Europe, Russia... Networks25 Jan 2025 | 78
UK telco TalkTalk confirms probe into alleged data grab underway Spinner says crim's claims 'very significantly overstated' Security25 Jan 2025 | 33
North Korean dev who renamed himself 'Bane' accused of IT worker fraud caper 5 indicted as FBI warns North Korea dials up aggression, plus Russian devs allegedly get in on the act Cyber-crime24 Jan 2025 | 2
China and friends claim success in push to stamp out tech support cyber-scam slave camps Paint a target on Myanmar, pledge more info-sharing to get the job done Cyber-crime24 Jan 2025 | 12
One of Salt Typhoon's favorite flaws still wide open on 91% of at-risk Exchange Servers But we mean, you've had nearly four years to patch Patches23 Jan 2025 | 4
SonicWall flags critical bug likely exploited as zero-day, rolls out hotfix Big organizations and governments are main users of these gateways Patches23 Jan 2025 | 10
FortiGate config leaks: Victims' email addresses published online Experts warn not to take SNAFU lightly as years-long compromises could remain undetected Cyber-crime23 Jan 2025 | 8
Who is DDoSing you? Rivals, probably, or cheesed-off users Plus: 'Largest-ever' duff traffic tsunami clocks in at 5.6 Tbps Networks23 Jan 2025 | 7
Trump 'waved a white flag to Chinese hackers' as Homeland Security axed cyber advisory boards And: America 'has never been less secure,' retired rear admiral tells Congress Security22 Jan 2025 | 94
Supply chain attack hits Chrome extensions, could expose millions Threat actor exploited phishing and OAuth abuse to inject malicious code Cyber-crime22 Jan 2025 | 6
Silk Road's Dread Pirate Roberts walks free as Trump pardons dark web kingpin Ross Ulbricht's family are now appealing for donations to support his reintegration into society Legal22 Jan 2025 | 136
Ransomware scum make it personal for Reg readers by impersonating tech support That invitation to a Teams call on which IT promises to mop up a spamstorm may not be what it seems CSO22 Jan 2025 | 18
HPE probes IntelBroker's bold data theft boasts Incident response protocols engaged following claims of source code burglary Cyber-crime21 Jan 2025 |
Fortinet: FortiGate config leaks are genuine but misleading Competition hots up with Ivanti over who can have the worst start to a year Cyber-crime17 Jan 2025 | 5
Medusa ransomware group claims attack on UK's Gateshead Council Pastes allegedly stolen documents on leak site with £600K demand Cyber-crime17 Jan 2025 | 13
Russia's Star Blizzard phishing crew caught targeting WhatsApp accounts updated FSB cyberspies venture into a new app for espionage, Microsoft says Security16 Jan 2025 | 4
China's Salt Typhoon spies spotted on US govt networks before telcos, CISA boss says We are only seeing 'the tip of the iceberg,' Easterly warns Security15 Jan 2025 | 11
Crypto klepto North Korea stole $659M over just 5 heists last year US, Japan, South Korea vow to intensify counter efforts Cyber-crime15 Jan 2025 | 13
FBI wipes Chinese PlugX malware from thousands of Windows PCs in America Hey, Xi: Zài jiàn! Cyber-crime14 Jan 2025 | 31
Miscreants 'mass exploited' Fortinet firewalls, 'highly probable' zero-day used Updated Ransomware 'not off the table,' Arctic Wolf threat hunter tells El Reg Networks14 Jan 2025 | 26
Microsoft sues 'foreign-based' cyber-crooks, seizes sites used to abuse AI Scumbags stole API keys, then started a hacking-as-a-service biz, it is claimed Security13 Jan 2025 | 4
Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days 'Codefinger' crims on the hunt for compromised keys Research13 Jan 2025 | 5
Chinese cyber-spies peek over shoulder of officials probing real-estate deals near American military bases Gee, wonder why Beijing is so keen on the – checks notes – Committee on Foreign Investment in the US Cyber-crime10 Jan 2025 | 7
Drug addiction treatment service admits attackers stole sensitive patient data Details of afflictions and care plastered online Cyber-crime10 Jan 2025 | 8
Two accused of COVID-19 vaccine fraud under Computer Misuse Act Investigation says scheme allegedly raked in £145k and sold nearly 2,000 fake records to the unvaccinated Legal10 Jan 2025 |
Mitel 0-day, 5-year-old Oracle RCE bug under active exploit 3 CVEs added to CISA's catalog Security08 Jan 2025 | 4
Crims backdoored the backdoors they supplied to other miscreants. Then the domains lapsed Here's what $20 gets you these days Research08 Jan 2025 | 13
Charter, Consolidated, Windstream reportedly join China's Salt Typhoon victim list Slow drip of compromised telecom networks continues Cyber-crime06 Jan 2025 | 4
FireScam infostealer poses as Telegram Premium app to surveil Android devices updated Once installed, it helps itself to your data like it's a free buffet Research06 Jan 2025 | 5
Atos denies Space Bears' ransomware claims – with a 'but' updated Points finger at third-party infrastructure being breached Cyber-crime04 Jan 2025 | 3
Chinese cyber-spies reportedly targeted sanctions intel in US Treasury raid OFAC, Office of the Treasury Secretary feared hit in data-snarfing swoop CSO02 Jan 2025 | 3
US Army soldier who allegedly stole Trump's AT&T call logs arrested Brings the arrest count related to the Snowflake hacks to 3 Cyber-crime01 Jan 2025 | 16
China's cyber intrusions took a sinister turn in 2024 From targeted espionage to pre-positioning - not that they are mutually exclusive Security31 Dec 2024 | 9
More telcos confirm China Salt Typhoon security breaches as White House weighs in Intrusions allowed Beijing to 'geolocate millions of individuals, record phone calls at will' Cyber-crime30 Dec 2024 | 36
It's only a matter of time before LLMs jump start supply-chain attacks Interview 'The greatest concern is with spear phishing and social engineering' Security29 Dec 2024 | 58