Cybercrime

Microsoft signed a dodgy driver and now ransomware scum are exploiting it

Five flaws found in Paragon Partition Manager's kernel-level .sys

Ransomware in Focus04 Mar 2025 | 13

Microsoft names alleged credential-snatching 'Azure Abuse Enterprise' operators

Crew helped lowlifes generate X-rated celeb deepfakes using Redmond's OpenAI-powered cloud – claim

AI + ML28 Feb 2025 | 3

Feds: Army soldier suspected of AT&T heist Googled ‘can hacking be treason,’ ‘defecting to Russia’

FYI: What NOT to search after committing a crime

Cyber-crime27 Feb 2025 | 35

With millions upon millions of victims, scale of unstoppable info-stealer malware laid bare

244M purloined passwords added to Have I Been Pwned thanks to govt tip-off

Cyber-crime26 Feb 2025 | 10

Drug-screening biz DISA took a year to disclose security breach affecting millions

If there's something nasty on your employment record, extortion scum could come calling

Cyber-crime26 Feb 2025 | 5

Xi know what you did last summer: China was all up in Republicans' email, says book

Of course, Microsoft is in the mix, isn't it

Cyber-crime25 Feb 2025 | 29

China's Silver Fox spoofs medical imaging apps to hijack patients' computers

Sly like a PRC cyberattack

Research25 Feb 2025 | 2

Malware variants that target operational tech systems are very rare – but 2 were found last year

Fuxnet and FrostyGoop were both used in the Russia-Ukraine war

Research25 Feb 2025 | 3

Southern Water takes the fifth over alleged $750K Black Basta ransom offer

Leaked chats and spilled secrets as AI helps decode circa 200K private talks

Ransomware in Focus25 Feb 2025 | 31

Thailand ready to welcome 7,000 trafficked scam call center victims back from Myanmar

It comes amid a major crackdown on the abusive industry that started during COVID

Security21 Feb 2025 | 5

US minerals company says crooks broke into email and helped themselves to $500K

A painful loss for young company that's yet to generate revenue

Cyber-crime20 Feb 2025 | 10

Two arrested after pensioner scammed out of six-figure crypto nest egg

The latest in a long line of fraud stings worth billions each year

Security20 Feb 2025 | 18

Ghost ransomware crew continues to haunt IT depts with scarily bad infosec

FBI and CISA issue reminder - deep sigh - about the importance of patching and backups

Ransomware in Focus20 Feb 2025 | 7

London celebrity talent agency reports itself to ICO following Rhysida attack claims

Showbiz members' passport scans already plastered online

Cyber-crime19 Feb 2025 | 2

Snake Keylogger slithers into Windows, evades detection with AutoIt-compiled payload

Because stealing your credentials, banking info, and IP just wasn’t enough

Research18 Feb 2025 | 8

US newspaper publisher uses linguistic gymnastics to avoid saying its outage was due to ransomware

Called it an 'incident' in SEC filing, but encrypted apps and data exfiltration suggest Lee just can’t say the R word

Ransomware in Focus18 Feb 2025 | 12

Indian authorities seize loot from collapsed BitConnect crypto scam

Devices containing crypto wallets tracked online, then in the real world

Cyber-crime18 Feb 2025 | 13

If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish

Roses aren't cheap, violets are dear, now all your access token are belong to Vladimir

CSO15 Feb 2025 | 27

SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN

updated Roses are red, violets are blue, CVE-2024-53704 is sweet for a ransomware crew

Networks14 Feb 2025 | 9

Critical PostgreSQL bug tied to zero-day attack on US Treasury

High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further

Research14 Feb 2025 | 22

Chinese spies suspected of 'moonlighting' as tawdry ransomware crooks

Some employees steal sticky notes, others 'borrow' malicious code

Ransomware in Focus14 Feb 2025 | 11

More victims of China's Salt Typhoon crew emerge: Telcos just now hit via Cisco bugs

Networks in US and beyond compromised by Beijing's super-snoops pulling off priv-esc attacks

Networks13 Feb 2025 | 5

North Korea targets crypto developers via NPM supply chain attack

Yet another cash grab from Kim's cronies and an intel update from Microsoft

Research13 Feb 2025 | 8

Arizona laptop farmer pleads guilty for funneling $17M to Kim Jong Un

300+ US companies, 70+ individuals hit by the fraudsters

Cyber-crime12 Feb 2025 | 26

Ransomware isn't always about the money: Government spies have objectives, too

Feature Analysts tell El Reg why Russia's operators aren't that careful, and why North Korea wants money AND data

Ransomware in Focus12 Feb 2025 | 6

Russia's Sandworm caught snarfing credentials, data from American and Brit orgs

'Near-global' initial access campaign active since 2021

Research12 Feb 2025 | 9

Crimelords and spies for rogue states are working together, says Google

Only lawmakers can stop them. Plus: software needs to be more secure, but what's in it for us?

Cyber-crime12 Feb 2025 | 19

Triplestrength hits victims with triple trouble: Ransomware, cloud hijacks, crypto-mining

These crooks have no chill

Ransomware in Focus11 Feb 2025 |

UK, US, Oz blast holes in LockBit's bulletproof hosting provider Zservers

Huge if true: Brit Foreign Sec says Putin running a 'corrupt mafia state'

Cyber-crime11 Feb 2025 | 41

Man who SIM-swapped the SEC's X account pleads guilty

Said to have asked search engine 'What are some signs that the FBI is after you?'

Cyber-crime11 Feb 2025 | 9

I'm a security expert, and I almost fell for a North Korea-style deepfake job applicant …Twice

Remote position, webcam not working, then glitchy AI face ... Red alert!

CSO11 Feb 2025 | 82

US news org still struggling to print papers a week after 'cybersecurity event'

Publications across 25 states either producing smaller issues or very delayed ones

Cyber-crime10 Feb 2025 | 9

UK industry leaders unleash hurricane-grade scale for cyberattacks

Freshly minted organization aims to take the guesswork out of incident severity for insurers and policy holders

Cyber-crime07 Feb 2025 | 7

Apple missed screenshot-snooping malware in code that made it into the App Store, Kaspersky claims

OCR plugin great for extracting crypto-wallet secrets from galleries

Cyber-crime07 Feb 2025 | 7

US cranks up espionage charges against ex-Googler accused of trade secrets heist

Mountain View clocked onto the scheme with days to spare

AI + ML05 Feb 2025 | 15

Grubhub serves up security incident with a side of needing to change your password

Contact info and partial payment details may be compromised

Cyber-crime04 Feb 2025 |

Cyberattack on NHS causes hospitals to miss cancer care targets

Healthcare chiefs say impact will persist for months

Cyber-crime04 Feb 2025 | 12

Gilmore Girls fans nabbed as Eurocops dismantle two major cybercrime forums

Nulled and Cracked had a Lorelai-cal rise - until Operation Talent stepped in

Security02 Feb 2025 | 2

Welsh woman fined for flatulence-fueled cyber harassment

Court said her approach to child access dispute with partner's ex really stinks

Bootnotes31 Jan 2025 | 95

Another banner year for ransomware gangs despite takedowns by the cops

And it doesn't take a crystal ball to predict the future

Cyber-crime31 Jan 2025 | 6

Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet

And now you won't stop calling me, I'm kinda busy

CSO29 Jan 2025 | 4

'Bro delete the chat': Feel the panic shortly before cops bust major online fraud ring

Mastermind begs colluders to bury evidence later used to imprison him

Cyber-crime29 Jan 2025 | 21

Baguette bandits strike again with ransomware and a side of mockery

Big-game hunting to the extreme

Cyber-crime28 Jan 2025 | 6

DARPA asking for ideas on automating money laundering detection

With all the AI hype swirling around, you'd think someone would've cracked this one already

Software28 Jan 2025 | 22

Someone is slipping a hidden backdoor into Juniper routers across the globe, activated by a magic packet

Who could be so interested in chips, manufacturing, and more, in the US, UK, Europe, Russia...

Networks25 Jan 2025 | 78

UK telco TalkTalk confirms probe into alleged data grab underway

Spinner says crim's claims 'very significantly overstated'

Security25 Jan 2025 | 33

North Korean dev who renamed himself 'Bane' accused of IT worker fraud caper

5 indicted as FBI warns North Korea dials up aggression, plus Russian devs allegedly get in on the act

Cyber-crime24 Jan 2025 | 2

China and friends claim success in push to stamp out tech support cyber-scam slave camps

Paint a target on Myanmar, pledge more info-sharing to get the job done

Cyber-crime24 Jan 2025 | 12

One of Salt Typhoon's favorite flaws still wide open on 91% of at-risk Exchange Servers

But we mean, you've had nearly four years to patch

Patches23 Jan 2025 | 4

SonicWall flags critical bug likely exploited as zero-day, rolls out hotfix

Big organizations and governments are main users of these gateways

Patches23 Jan 2025 | 10

FortiGate config leaks: Victims' email addresses published online

Experts warn not to take SNAFU lightly as years-long compromises could remain undetected

Cyber-crime23 Jan 2025 | 8

Who is DDoSing you? Rivals, probably, or cheesed-off users

Plus: 'Largest-ever' duff traffic tsunami clocks in at 5.6 Tbps

Networks23 Jan 2025 | 7

Trump 'waved a white flag to Chinese hackers' as Homeland Security axed cyber advisory boards

And: America 'has never been less secure,' retired rear admiral tells Congress

Security22 Jan 2025 | 94

Supply chain attack hits Chrome extensions, could expose millions

Threat actor exploited phishing and OAuth abuse to inject malicious code

Cyber-crime22 Jan 2025 | 6

Silk Road's Dread Pirate Roberts walks free as Trump pardons dark web kingpin

Ross Ulbricht's family are now appealing for donations to support his reintegration into society

Legal22 Jan 2025 | 136

Ransomware scum make it personal for Reg readers by impersonating tech support

That invitation to a Teams call on which IT promises to mop up a spamstorm may not be what it seems

CSO22 Jan 2025 | 18