China's Silk Typhoon, tied to US Treasury break-in, now hammers IT and govt targets Updated They're good at zero-day exploits, too Public Sector05 Mar 2025 | 17
Leeds United kick card swipers into Row Z after 5-day cyberattack English football club offers apologies after fans' card details stolen from online retail store Cyber-crime05 Mar 2025 | 6
Qilin ransomware gang boasts of cyberattacks on cancer clinic, Ob-Gyn facility 'No regrets' crew continues extorting victims, leaking highly sensitive data Ransomware in Focus05 Mar 2025 | 2
Cybercrims now licking stamps and sending extortion demands in snail mail Updated First crooks gave up encrypting data, and just stole it – now they don't even bother pilfering info. Sheesh! Bootnotes05 Mar 2025 | 18
VMware splats guest-to-hypervisor escape bugs already exploited in wild The heap overflow zero-day in the memory unsafe code by Miss Creant Virtualization04 Mar 2025 | 8
It's bad enough we have to turn on cams for meetings, now the person staring at you may be an AI deepfake Says the biz trying to sell us stuff to catch that, admittedly AI + ML04 Mar 2025 | 18
Microsoft signed a dodgy driver and now ransomware scum are exploiting it Five flaws found in Paragon Partition Manager's kernel-level .sys Ransomware in Focus04 Mar 2025 | 13
Microsoft names alleged credential-snatching 'Azure Abuse Enterprise' operators Crew helped lowlifes generate X-rated celeb deepfakes using Redmond's OpenAI-powered cloud – claim AI + ML28 Feb 2025 | 3
Feds: Army soldier suspected of AT&T heist Googled ‘can hacking be treason,’ ‘defecting to Russia’ FYI: What NOT to search after committing a crime Cyber-crime27 Feb 2025 | 35
With millions upon millions of victims, scale of unstoppable info-stealer malware laid bare 244M purloined passwords added to Have I Been Pwned thanks to govt tip-off Cyber-crime26 Feb 2025 | 10
Drug-screening biz DISA took a year to disclose security breach affecting millions If there's something nasty on your employment record, extortion scum could come calling Cyber-crime26 Feb 2025 | 5
Xi know what you did last summer: China was all up in Republicans' email, says book Of course, Microsoft is in the mix, isn't it Cyber-crime25 Feb 2025 | 29
China's Silver Fox spoofs medical imaging apps to hijack patients' computers Sly like a PRC cyberattack Research25 Feb 2025 | 2
Malware variants that target operational tech systems are very rare – but 2 were found last year Fuxnet and FrostyGoop were both used in the Russia-Ukraine war Research25 Feb 2025 | 3
Southern Water takes the fifth over alleged $750K Black Basta ransom offer Leaked chats and spilled secrets as AI helps decode circa 200K private talks Ransomware in Focus25 Feb 2025 | 31
Thailand ready to welcome 7,000 trafficked scam call center victims back from Myanmar It comes amid a major crackdown on the abusive industry that started during COVID Security21 Feb 2025 | 5
US minerals company says crooks broke into email and helped themselves to $500K A painful loss for young company that's yet to generate revenue Cyber-crime20 Feb 2025 | 10
Two arrested after pensioner scammed out of six-figure crypto nest egg The latest in a long line of fraud stings worth billions each year Security20 Feb 2025 | 18
Ghost ransomware crew continues to haunt IT depts with scarily bad infosec FBI and CISA issue reminder - deep sigh - about the importance of patching and backups Ransomware in Focus20 Feb 2025 | 7
London celebrity talent agency reports itself to ICO following Rhysida attack claims Showbiz members' passport scans already plastered online Cyber-crime19 Feb 2025 | 2
Snake Keylogger slithers into Windows, evades detection with AutoIt-compiled payload Because stealing your credentials, banking info, and IP just wasn’t enough Research18 Feb 2025 | 8
US newspaper publisher uses linguistic gymnastics to avoid saying its outage was due to ransomware Called it an 'incident' in SEC filing, but encrypted apps and data exfiltration suggest Lee just can’t say the R word Ransomware in Focus18 Feb 2025 | 12
Indian authorities seize loot from collapsed BitConnect crypto scam Devices containing crypto wallets tracked online, then in the real world Cyber-crime18 Feb 2025 | 13
If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish Roses aren't cheap, violets are dear, now all your access token are belong to Vladimir CSO15 Feb 2025 | 27
SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN updated Roses are red, violets are blue, CVE-2024-53704 is sweet for a ransomware crew Networks14 Feb 2025 | 9
Critical PostgreSQL bug tied to zero-day attack on US Treasury High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further Research14 Feb 2025 | 22
Chinese spies suspected of 'moonlighting' as tawdry ransomware crooks Some employees steal sticky notes, others 'borrow' malicious code Ransomware in Focus14 Feb 2025 | 11
More victims of China's Salt Typhoon crew emerge: Telcos just now hit via Cisco bugs Networks in US and beyond compromised by Beijing's super-snoops pulling off priv-esc attacks Networks13 Feb 2025 | 5
North Korea targets crypto developers via NPM supply chain attack Yet another cash grab from Kim's cronies and an intel update from Microsoft Research13 Feb 2025 | 8
Arizona laptop farmer pleads guilty for funneling $17M to Kim Jong Un 300+ US companies, 70+ individuals hit by the fraudsters Cyber-crime12 Feb 2025 | 26
Ransomware isn't always about the money: Government spies have objectives, too Feature Analysts tell El Reg why Russia's operators aren't that careful, and why North Korea wants money AND data Ransomware in Focus12 Feb 2025 | 6
Russia's Sandworm caught snarfing credentials, data from American and Brit orgs 'Near-global' initial access campaign active since 2021 Research12 Feb 2025 | 9
Crimelords and spies for rogue states are working together, says Google Only lawmakers can stop them. Plus: software needs to be more secure, but what's in it for us? Cyber-crime12 Feb 2025 | 19
Triplestrength hits victims with triple trouble: Ransomware, cloud hijacks, crypto-mining These crooks have no chill Ransomware in Focus11 Feb 2025 |
UK, US, Oz blast holes in LockBit's bulletproof hosting provider Zservers Huge if true: Brit Foreign Sec says Putin running a 'corrupt mafia state' Cyber-crime11 Feb 2025 | 41
Man who SIM-swapped the SEC's X account pleads guilty Said to have asked search engine 'What are some signs that the FBI is after you?' Cyber-crime11 Feb 2025 | 9
I'm a security expert, and I almost fell for a North Korea-style deepfake job applicant …Twice Remote position, webcam not working, then glitchy AI face ... Red alert! CSO11 Feb 2025 | 82
US news org still struggling to print papers a week after 'cybersecurity event' Publications across 25 states either producing smaller issues or very delayed ones Cyber-crime10 Feb 2025 | 9
UK industry leaders unleash hurricane-grade scale for cyberattacks Freshly minted organization aims to take the guesswork out of incident severity for insurers and policy holders Cyber-crime07 Feb 2025 | 7
Apple missed screenshot-snooping malware in code that made it into the App Store, Kaspersky claims OCR plugin great for extracting crypto-wallet secrets from galleries Cyber-crime07 Feb 2025 | 7
US cranks up espionage charges against ex-Googler accused of trade secrets heist Mountain View clocked onto the scheme with days to spare AI + ML05 Feb 2025 | 15
Grubhub serves up security incident with a side of needing to change your password Contact info and partial payment details may be compromised Cyber-crime04 Feb 2025 |
Cyberattack on NHS causes hospitals to miss cancer care targets Healthcare chiefs say impact will persist for months Cyber-crime04 Feb 2025 | 12
Gilmore Girls fans nabbed as Eurocops dismantle two major cybercrime forums Nulled and Cracked had a Lorelai-cal rise - until Operation Talent stepped in Security02 Feb 2025 | 2
Welsh woman fined for flatulence-fueled cyber harassment Court said her approach to child access dispute with partner's ex really stinks Bootnotes31 Jan 2025 | 95
Another banner year for ransomware gangs despite takedowns by the cops And it doesn't take a crystal ball to predict the future Cyber-crime31 Jan 2025 | 6
Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet And now you won't stop calling me, I'm kinda busy CSO29 Jan 2025 | 4
'Bro delete the chat': Feel the panic shortly before cops bust major online fraud ring Mastermind begs colluders to bury evidence later used to imprison him Cyber-crime29 Jan 2025 | 21
Baguette bandits strike again with ransomware and a side of mockery Big-game hunting to the extreme Cyber-crime28 Jan 2025 | 6
DARPA asking for ideas on automating money laundering detection With all the AI hype swirling around, you'd think someone would've cracked this one already Software28 Jan 2025 | 22
Someone is slipping a hidden backdoor into Juniper routers across the globe, activated by a magic packet Who could be so interested in chips, manufacturing, and more, in the US, UK, Europe, Russia... Networks25 Jan 2025 | 78
UK telco TalkTalk confirms probe into alleged data grab underway Spinner says crim's claims 'very significantly overstated' Security25 Jan 2025 | 33
North Korean dev who renamed himself 'Bane' accused of IT worker fraud caper 5 indicted as FBI warns North Korea dials up aggression, plus Russian devs allegedly get in on the act Cyber-crime24 Jan 2025 | 2
China and friends claim success in push to stamp out tech support cyber-scam slave camps Paint a target on Myanmar, pledge more info-sharing to get the job done Cyber-crime24 Jan 2025 | 12
One of Salt Typhoon's favorite flaws still wide open on 91% of at-risk Exchange Servers But we mean, you've had nearly four years to patch Patches23 Jan 2025 | 4
SonicWall flags critical bug likely exploited as zero-day, rolls out hotfix Big organizations and governments are main users of these gateways Patches23 Jan 2025 | 10
FortiGate config leaks: Victims' email addresses published online Experts warn not to take SNAFU lightly as years-long compromises could remain undetected Cyber-crime23 Jan 2025 | 8
Who is DDoSing you? Rivals, probably, or cheesed-off users Plus: 'Largest-ever' duff traffic tsunami clocks in at 5.6 Tbps Networks23 Jan 2025 | 7
Trump 'waved a white flag to Chinese hackers' as Homeland Security axed cyber advisory boards And: America 'has never been less secure,' retired rear admiral tells Congress Security22 Jan 2025 | 94
Supply chain attack hits Chrome extensions, could expose millions Threat actor exploited phishing and OAuth abuse to inject malicious code Cyber-crime22 Jan 2025 | 6
Silk Road's Dread Pirate Roberts walks free as Trump pardons dark web kingpin Ross Ulbricht's family are now appealing for donations to support his reintegration into society Legal22 Jan 2025 | 136
Ransomware scum make it personal for Reg readers by impersonating tech support That invitation to a Teams call on which IT promises to mop up a spamstorm may not be what it seems CSO22 Jan 2025 | 18