CVE fallout: The splintering of the standard vulnerability tracking system has begun
Comment MITRE, EUVD, GCVE … WTF?
CSO18 Apr 2025 | 5
Security
Krebs throws himself on the grenade, resigns from SentinelOne after Trump revokes clearances
Illegitimi non carborundum? Nice password, Mr Ex-CISA
CSO17 Apr 2025 | 35
Brit soldiers tune radio waves to fry drone swarms for pennies
Truck-mounted demonstration weapon costs 10p a pop, says MOD
Security17 Apr 2025 | 117
Whistleblower describes DOGE IT dept rampage at America's labor watchdog
Ignored infosec rules, exfiltrated data … then the mysterious login attempts from a Russian IP address began – claim
CSO17 Apr 2025 | 43
Free Blue Screens of Death for Windows 11 24H2 users
Microsoft rewards those who patch early with bricks hurled through its operating system
OSes16 Apr 2025 | 20
Signalgate chats vanish from CIA chief phone
Extraordinary rendition of data, or just dropped it out of a helicopter?
CSO16 Apr 2025 | 20
Identifying the cyber risks that matter
From noise to clarity: Why CISOs are shifting to adversarial exposure validation
Partner content
CVE program gets last-minute funding from CISA – and maybe a new home
Uncertainty is the new certainty
CSO16 Apr 2025 | 29
Law firm 'didn't think' data theft was a breach, says ICO. Now it's nursing a £60K fine
DPP Law is appealing against data watchdog's conclusions
Security16 Apr 2025 | 23
Russians lure European diplomats into malware trap with wine-tasting invite
Vintage phishing varietal has improved with age
Cyber-crime16 Apr 2025 | 14
Guess what happens when ransomware fiends find 'insurance' 'policy' in your files
It involves a number close to three or six depending on the pickle you're in
Cyber-crime16 Apr 2025 | 20
Uncle Sam kills funding for CVE program. Yes, that CVE program
Updated Because vulnerability management has nothing to do with national security, right?
CSO16 Apr 2025 | 178
Now 1.6M people had SSNs, life chapter and verse stolen from insurance IT biz
800K? Make that double, and we'll need a double, too, for the pain
Cyber-crime15 Apr 2025 | 16
4chan, the 'internet’s litter box,' appears to have been pillaged by rival forum
Source code, moderator info, IP addresses, more allegedly swiped and leaked
Cyber-crime15 Apr 2025 | 33
China names alleged US snoops over Asian Winter Games attacks
Beijing claims NSA went for gold in offensive cyber, got caught in the act
Cyber-crime15 Apr 2025 | 6
All right, you can have one: DOGE access to Treasury IT OK'd judge
Login green-lit for lone staffer if he’s trained, papered up, won’t pull an Elez
Public Sector15 Apr 2025 | 18
Chinese snoops use stealth RAT to backdoor US orgs – still active last week
Let the espionage and access resale campaigns begin (again)
Research15 Apr 2025 | 3
ActiveX blocked by default in Microsoft 365 because remote code execution is bad, OK?
Stopping users shooting themselves in the foot with last century's tech
Software15 Apr 2025 | 13
Where it Hertz: Customer data driven off in Cleo attacks
Car hire biz takes your privacy seriously, though
Cyber-crime15 Apr 2025 | 6
EU gives staff 'burner phones, laptops' for US visits
That would put America on the same level as China for espionage
Security15 Apr 2025 | 125
Popular
CVE program gets last-minute funding from CISA – and maybe a new home
Uncertainty is the new certainty
AWS claims 50% of Azure workloads would jump ship if licensing costs allowed
Bezos' biz and Google tell regulator higher cost of running Windows Server in their clouds isn't fair
White House confirms 245% tariff on some Chinese imports not a typo
World War Fee Just make it 420.69 and be done with it, Mr President
Google, AWS say it's too hard for customers to use Linux to swerve Azure
Re-writing applications takes years, is expensive, in-house expertise needed
Europe's cloud customers eyeing exit from US hyperscalers
'It's amazing how fast the change has been'
Brit soldiers tune radio waves to fry drone swarms for pennies
Truck-mounted demonstration weapon costs 10p a pop, says MOD
Free Blue Screens of Death for Windows 11 24H2 users
Microsoft rewards those who patch early with bricks hurled through its operating system
Whistleblower describes DOGE IT dept rampage at America's labor watchdog
Ignored infosec rules, exfiltrated data … then the mysterious login attempts from a Russian IP address began – claim
Tesla fudged odometer to screw me out of warranty, Model Y owner claims
Give Elon an inch and he'll take thousands of miles ... allegedly
Daddy of a mistake by GoDaddy took Zoom offline for about 90 minutes
Manager of the .us namespace managed to block zoom.us
STORIES
Don't delete that mystery empty folder. Windows put it there as a security fix
Copilot vibe coding for OS development? Why not
Patches14 Apr 2025 | 32
New SSL/TLS certs to each live no longer than 47 days by 2029
IT admins, get ready to grumble
CSO14 Apr 2025 | 122
Cyber congressman demands answers before CISA gets cut down to size
What's the goal here, Homeland Insecurity or something?
Security14 Apr 2025 | 14
Official abuse of state security has always been bad, now it's horrifying
Opinion UK holds onto oversight by a whisker, but it's utterly barefaced on the other side of the pond
Security14 Apr 2025 | 185
CIO and digi VP to depart UK retail giant Asda as Walmart divorce woes settle
Exclusive Brit retailer says troubled breakup with tech platform of former US owner nearing conclusion
On-Prem14 Apr 2025 | 15
Old Fortinet flaws under attack with new method its patch didn't prevent
Infosec In Brief PLUS: Chinese robodogs include backdoor; OpenAI helps spammer; A Dutch data disaster; And more!
Security14 Apr 2025 | 6
China reportedly admitted directing cyberattacks on US infrastructure
Asia In Brief PLUS: India's new electronics subsidies; Philippines unplugs a mobile carrier; Alibaba Cloud expands
Security14 Apr 2025 | 6
Hacktivism resurges – but don't be fooled, it's often state-backed goons in masks
Feature Military units, government nerds appear to join the fray, with physical infra in sights
CSO13 Apr 2025 | 7
LLMs can't stop making up software dependencies and sabotaging everything
Hallucinated package names fuel 'slopsquatting'
AI + ML12 Apr 2025 | 93
Microsoft total recalls Recall totally to Copilot+ PCs
Redmond hopes you’ve forgotten or got over why everyone hated it the first time
OSes11 Apr 2025 | 125
Ransomware crims hammering UK more than ever as British techies complain the board just doesn't get it
Issues at the very top continue to worsen
Cyber-crime11 Apr 2025 | 13
Ex-Meta exec tells Senate Zuck dangled US citizen data in bid to enter China
Former policy boss claims Facebook cared little about national security as it chased the mighty Yuan
Security11 Apr 2025 | 26
US sensor giant Sensata admits ransomware derailed ops
Props for the transparency though
Cyber-crime10 Apr 2025 | 4
Infosec experts fear China could retaliate against tariffs with a Typhoon attack
World War Fee Scammers are already cashing in with fake invoices for import costs
CSO10 Apr 2025 | 31
Europol: Five pay-per-infect suspects cuffed, some spill secrets to cops
Officials teased more details to come later this year
Cyber-crime10 Apr 2025 |
The Reg translates the letter in which Oracle kinda-sorta tells customers it was pwned
TL;DR: Move along, still nothing to see here - an idea that leaves infosec pros aghast
Cyber-crime10 Apr 2025 | 27
Trump kills clearances for infosec's SentinelOne, ex-CISA boss Chris Krebs
Updated Alleges cybersecurity agency was ‘weaponized’ to suppress debunked theories
Public Sector10 Apr 2025 | 113
April's Patch Tuesday leaves unlucky Windows Hello users unable to login
Updated Can't Redmond ask its whizz-bang Copilot AI to fix it?
Patches09 Apr 2025 | 11
Wyden blocks Trump's CISA boss nominee, blames cyber agency for 'actively hiding info' about telecom insecurity
It worked for in 2018 with Chris Krebs. Will it work again?
Networks09 Apr 2025 | 8
Someone compromised US bank watchdog to access sensitive financial files
OCC mum on who broke into email, but Treasury fingered China in similar hack months ago
Cyber-crime09 Apr 2025 | 5
Google's got a hot cloud infosec startup, a new unified platform — and its eye on Microsoft's $20B+ security biz
Cloud Next How Chocolate Factory hopes to double down on enterprise-sec
CSO09 Apr 2025 | 7
Pharmacist accused of using webcams to spy on women in intimate moments at work, home
Lawsuit claims sick cyber-voyeurism went undetected for years, using hundreds of PCs, due to lax infosec
Cyber-crime09 Apr 2025 | 23
Bad luck, Windows 10 users. No fix yet for ransomware-exploited bug
Patch Tuesday A novel way to encourage upgrades? Microsoft would never stoop so low
Patches08 Apr 2025 | 14
Don't open that JPEG in WhatsApp for Windows. It might be an .EXE
What a MIME field
Patches08 Apr 2025 | 29
Scattered Spider stops the Rickrolls, starts the RAT race
Despite arrests, eight-legged menace targeted more victims this year
Research08 Apr 2025 | 5
As CISA braces for more cuts, threat intel sharing takes a hit
Analysis How will 'gutting' civilian defense agency make American cybersecurity great again?
Public Sector08 Apr 2025 | 11
Oracle says its cloud was in fact compromised
Reliability, honesty, accuracy. And then there's this lot
PaaS + IaaS08 Apr 2025 | 37
That massive GitHub supply chain attack? It all started with a stolen SpotBugs token
But this mystery isn't over yet, Unit 42 opines
Devops07 Apr 2025 | 7
Alleged Scattered Spider SIM-swapper must pay back $13.2M to 59 victims
Crummy OPSEC leads to potentially decades in prison
Cyber-crime07 Apr 2025 | 1
Chrome to patch decades-old flaw that let sites peek at your history
After 23 years, the privacy plumber has finally arrived to clean up this mess
Patches07 Apr 2025 | 7
UK's attempt to keep details of Apple 'backdoor' case secret… denied
Last month's secret hearing comes to light
CSO07 Apr 2025 | 123
What native cloud security tools won’t catch
Native tools help, but they don’t cover everything - here’s what they miss and how to close the gaps
Partner Content
Asian tech players react to US tariffs with delays, doubts, deal-making
Asia In Brief PLUS: Qualcomm acquires Vietnamese AI outfit; China claims US hacked winter games; India's browser challenge winner disputed; and more
Public Sector07 Apr 2025 | 11
Signalgate solved? Report claims journalist’s phone number accidentally saved under name of Trump official
Infosec in Brief PLUS: Google re-patches Quick Share flaws; Critical Cisco flaw exploited; WordPress plugin trouble; and more
Security07 Apr 2025 | 42
Trump fires NSA boss, deputy
'Nonpartisan' intelligence chief booted less than two years into the job
Public Sector04 Apr 2025 | 109
30 minutes to pwn town: Are speedy responses more important than backups for recovery?
The industry’s approach to keeping quality backups may be masking the importance of other recovery mainstays
Disaster Recovery Week04 Apr 2025 | 4
Alan Turing Institute: UK can't handle a fight against AI-enabled crims
Law enforcement facing huge gap in 'AI adoption'
AI + ML04 Apr 2025 | 16
Ex-ASML, NXP staffer accused of stealing chip secrets, peddling them to Moscow
We're not Putin up with this alleged industrial espionage, say the Dutch
Cyber-crime04 Apr 2025 | 5
Retirement funds reportedly raided after unexplained portal probes and data theft
Australians checking their pensions are melting down call centers and websites
Cyber-crime04 Apr 2025 | 9
Signalgate: Pentagon watchdog probes Defense Sec Hegseth
Classification compliance? Records retention requirements? How quaint
Public Sector04 Apr 2025 | 108
For flux sake: CISA, annexable allies warn of hot DNS threat
Shape shifting technique described as menace to national security
CSO03 Apr 2025 | 5
Suspected Chinese spies right now hijacking buggy Ivanti gear – for third time in 3 years
Simple denial-of-service blunder turned out to be remote unauth code exec disaster
Cyber-crime03 Apr 2025 | 3
When disaster strikes, proper preparation prevents poor performance
It's going to happen to you one day, so get your ducks in a row
Disaster Recovery Week03 Apr 2025 | 10
Why is someone mass-scanning Juniper and Palo Alto Networks products?
Updated Espionage? Botnets? Trying to exploit a zero-day?
Networks03 Apr 2025 | 11
EU: These are scary times – let's backdoor encryption!
ProtectEU plan wants to have its cake and eat it too
Security03 Apr 2025 | 147
Heterogeneous stacks, ransomware, and ITaaS: A DR nightmare
Comment Recovery's never been harder in today's tangled, outsourced infrastructure
Disaster Recovery Week03 Apr 2025 | 6
Customer info allegedly stolen from compromised supplier of Royal Mail, Samsung
Updated Stamp it out: Infostealer malware at German outfit may be culprit
Cyber-crime03 Apr 2025 | 10
Raw Deel: Corporate spy admits role in espionage at HR software biz Rippling
Double-oh-sh...
CSO02 Apr 2025 | 10
Crimelords at Hunters International tell lackeys ransomware too 'risky'
Bosses say theft now the name of the game with a shift in tactics, apparent branding
Cyber-crime02 Apr 2025 | 6
Oracle's masterclass in breach comms: Deny, deflect, repeat
Opinion Fallout shows how what you say must be central to disaster planning
Disaster Recovery Week02 Apr 2025 | 12
Don’t let cyberattacks keep you down
Learn how Infinidat’s enterprise cyber storage solutions can enable near-immediate recovery
Sponsored Post
For healthcare orgs, DR means making sure docs can save lives during ransomware infections
Organizational, technological resilience combined defeat the disease that is cybercrime
Disaster Recovery Week02 Apr 2025 | 6
Oracle faces Texas-sized lawsuit over alleged cloud snafu and radio silence
Victims expect to spend considerable time and money over privacy incident, lawyers argue
PaaS + IaaS02 Apr 2025 | 9
One of the last of Bletchley Park's quiet heroes, Betty Webb, dies at 101
Obit Tip-lipped for 30 years before becoming an 'unrivaled advocate' for the site
Security02 Apr 2025 | 41
Apple belatedly patches actively exploited bugs in older OSes
Cupertino already squashed 'em in more recent releases - which this week get a fresh round of fixes
Patches02 Apr 2025 | 10
North Korea’s fake tech workers now targeting European employers
With help from UK operatives, because it’s getting tougher to run the scam in the USA
Cyber-crime02 Apr 2025 | 16
Forget Signal. National Security Adviser Waltz now accused of using Gmail for work
But his emails! Sharing them with Google!
Public Sector02 Apr 2025 | 124
Microsoft to mark five decades of Ctrl-Alt-Deleting the competition
Copilot told us that half a century is 25 years. It feels much longer
Software01 Apr 2025 | 121
Google makes end-to-end encrypted Gmail easy for all – even Outlook users
The UK government must be thrilled
Security01 Apr 2025 | 27
UK threatens £100K-a-day fines under new cyber bill
Tech secretary reveals landmark legislation's full details for first time
Cyber-crime01 Apr 2025 | 44
GCHQ intern took top secret spy tool home, now faces prison
Not exactly Snowden levels of skill
Security01 Apr 2025 | 87
CISA spots spawn of Spawn malware targeting Ivanti flaw
Resurge an apt name for malware targeting hardware maker that has security bug after security bug
Cyber-crime01 Apr 2025 | 1
Top cybersecurity boffin, wife vanish as FBI raids homes
Updated Indiana Uni rm -rf online profiles while agents haul boxes of evidence
Research31 Mar 2025 | 21
Oracle Cloud security SNAFU latest: IT giant accused of pedantry as evidence scrubbed
1990s incident response in 2025
PaaS + IaaS31 Mar 2025 | 8
Check Point confirms breach, but says it was 'old' data and crook made 'false' claims
Explanation leaves a 'lot of questions unanswered,' says infosec researcher
Cyber-crime31 Mar 2025 | 4
Cloud security explained: What’s left exposed?
Think AWS has security covered? Think again. Discover real-world examples of what it doesn’t secure and how to protect your environment
Partner Content
China cracks down on personal information collection. No, seriously
Asia In Brief PLUS: Indonesia crimps social media, allows iPhones; India claims rocket boost; In-flight GenAI for Japan Airlines
Security31 Mar 2025 | 12
Oracle Health reportedly warns of info leak from legacy server
Infosec in brief PLUS: OpenAI bumps bug bounties bigtime; INTERPOL arrests 300 alleged cyber-scammers; And more!
Security30 Mar 2025 | 3
Malware in Lisp? Now you're just being cruel
Miscreants warming to Delphi, Haskell, and the like to evade detection
Research29 Mar 2025 | 56
Cardiff's children's chief confirms data leak 2 months after cyber risk was 'escalated'
Department director admits Welsh capital's council still trying to get heads around threat of dark web leaks
Security28 Mar 2025 | 3
After Chrome patches zero-day used to target Russians, Firefox splats similar bug
Single click on a phishing link in Google browser blew up sandbox on Windows
Patches28 Mar 2025 | 10
Cyber-crew claims it cracked American cableco, releases terrible music video to prove it
WOW! DID! SOMEONE! REALLY! STEAL! DATA! ON! 400K! USERS?!
Cyber-crime28 Mar 2025 | 7
China’s FamousSparrow flies back into action, breaches US org after years off the radar
Crew also cooked up two fresh SparrowDoor backdoor variants, says ESET
Networks27 Mar 2025 | 2
Security shop pwns ransomware gang, passes insider info to authorities
Researchers say 'proactive' approach is needed to combat global cybercrime
Security27 Mar 2025 | 7
CrushFTP CEO's feisty response to VulnCheck's CVE for critical make-me-admin bug
Screenshot shows company head unhappy, claiming 'real CVE is pending'
Security27 Mar 2025 | 5
UK's first permanent facial recognition cameras installed in South London
As if living in Croydon wasn't bad enough
Security27 Mar 2025 | 162
Ransomwared NHS software supplier nabs £3M discount from ICO for good behavior
Data stolen included checklist for medics on how to get into vulnerable people's homes
Cyber-crime27 Mar 2025 | 3
Signalgate storm intensifies as journalist releases full secret Houthi airstrike chat
Updated So F-18 launch times, weapons, drone support aren't classified now ... who knew?
CSO26 Mar 2025 | 265
US defense contractor cops to sloppy security, settles after infosec lead blows whistle
MORSE to pay -- .. .-.. .-.. .. --- -. ... for failing to meet cyber-grade
CSO26 Mar 2025 | 11
Files stolen from NSW court system, including restraining orders for violence
Victims' details at risk after criminals download 9,000 files from court database
Cyber-crime26 Mar 2025 | 2
Biting the hand that feeds IT
