Security News • The Register

Security

DuckDuckGo says Hell, Hell, No to those Microsoft trackers after web revolt

In brief Plus: That Twitter privacy leak, scammers send Ubers for victims, critical flaw in Cisco gear, and more

Security06 Aug 2022 | 10

Hi, I'll be your ransomware negotiator today – but don't tell the crooks that

Interview What it's like bargaining with criminals ... and advising clients suffering their worst day yet

CSO06 Aug 2022 | 25

Nomad to crypto thieves: Please give us back 90%, keep 10% as a reward. Deal?

The Feds may see things differently

Cyber-crime05 Aug 2022 | 15

Warning! Critical flaws found in US Emergency Alert System

DEF CON may be about to blow lid off security hole

Patches05 Aug 2022 | 12

Critical flaws found in four Cisco SMB router ranges – for the second time this year

At least Switchzilla thinks they're salvageable, unlike the boxes it ordered binned back in June

Security05 Aug 2022 | 13

Bloke robbed of $800,000 in cryptocurrency by fake wallet app wants payback from Google

I got played via the Play store

Cyber-crime04 Aug 2022 | 53

Taiwanese military reports DDoS in wake of Pelosi visit

Controversial visit to Taiwan continues to reverberate through cyberspace, the real world, and the semiconductor industry

Security04 Aug 2022 | 35

India scraps data protection law in favor of better law coming … sometime

Tech giants and digital rights groups didn't like it, but at least it was a law

Security04 Aug 2022 | 5

Student crashes Cloudflare beta party, redirects email, bags a bug bounty

Simple to exploit, enough to pocket $3,000

Research04 Aug 2022 | 8

UK Parliament bins its TikTok account over China surveillance fears

Plan to educate the children turned out to be a 'won't someone think of the children?' moment

Security04 Aug 2022 | 42

Solana, Phantom blame Slope after millions in crypto-coins stolen from 8,000 wallets

SOL holders literally S.O.L.

Cyber-crime04 Aug 2022 | 35

Microsoft widens enterprise access to its threat intelligence pool

Organizations can be more proactive in tracking threats, finding holes in their protection

Security03 Aug 2022 |

Ex-T-Mobile US store owner phished staff, raked in $25m from unlocking phones

That's just the tip of the iceberg – and now he faces potentially years in the clink

Cyber-crime03 Aug 2022 | 15

Sonatype shines light on typosquatting ransomware threat in PyPI

It's all fun and games until somebody gets their files encrypted

Security03 Aug 2022 | 7

You can’t choose when you’ll be hit by ransomware, but you can choose how you prepare

Without a road to recovery, you’re just going to be roadkill

Sponsored Feature

NortonLifeLock and Avast $8.6b deal gets provisional yes from UK regulator

Plus: Even market authorities can't seem to keep up with Microsoft's Defender branding

Security03 Aug 2022 | 6

Post-quantum crypto cracked in an hour with one core of an ancient Xeon

NIST's nifty new algorithm looks like it's in trouble

Research03 Aug 2022 | 82

Nancy Pelosi ties Chinese cyber-attacks to need for Taiwan visit

And as if to confirm the link, a DDoS takes out Taiwan's presidential website ahead of senior politico's arrival

Security03 Aug 2022 | 112

VMware patches critical 'make me admin' auth bypass bug, plus nine other flaws

Meanwhile, a security update for rsync

Patches03 Aug 2022 | 1

How a crypto bridge bug led to a $200m 'decentralized crowd looting'

Flash mob exploits Nomad's validation code blunder

Security02 Aug 2022 | 24

Popular

GitLab plans to delete dormant projects in free accounts

Exclusive Hopes to save a quarter of hosting costs by binning repos that haven't been touched for a year

Why the end of Optane is bad news for all IT

Analysis The biggest new idea in computing for half a century was just scrapped

GitLab U-turns on deleting dormant projects after backlash

Updated Now makes vague pledge to shove inactive repos into slow object storage

Post-quantum crypto cracked in an hour with one core of an ancient Xeon

NIST's nifty new algorithm looks like it's in trouble

China's 7nm chip surprise reveals more than Beijing might like

Opinion Should we be worried? Well, size isn't everything

Oracle staff share news of sizable layoffs

CX and marketing teams seem to have borne the brunt of it

Microsoft extends life of cloud servers from four to six years

Banks billions by making gear last even longer than AWS or Google

David Holz, founder of AI art generator Midjourney, on the future of imaging

Interview Optimizing for beauty while trying to suppress sensationalism

Linus Torvalds releases Linux 5.19 – using Asahi on an Arm-powered Mac

Hails the combo as finally making Arm 'usable as a development platform'

Bad news, older tech workers: Job advert language works against you

And there's a study now to prove it – science!

MORE
STORIES

Robinhood's crypto unit hit with $30m fine over security, anti-crime misses

Updated And just lays off about a quarter of staff

CSO02 Aug 2022 | 4

How cybercrims embrace messaging apps to spread malware, communicate

Underground forums are so last year. Telegram, Discord offer better privacy, functionality to criminals, says Intel 471

Security02 Aug 2022 | 5

Bot army risk as 3,000+ apps found spilling Twitter API keys

Please stop leaving credentials where miscreants can find them

Security02 Aug 2022 | 18

Miscreants aim to cause Discord discord with malicious npm packages

LofyLife campaign comes amid GitHub security lockdown

Research02 Aug 2022 | 2

Charges filed over $300m 'textbook pyramid and Ponzi scheme' crypto startup

Financial watchdog accuses 11 of playing role in alleged scam

Cyber-crime02 Aug 2022 | 17

Defence against the dark arts of ransomware

Locking in safeguards against incursion with Rubrik Zero Trust Security

Akamai: We stopped record DDoS attack in Europe

A 'sophisticated, global botnet' held an Eastern European biz under siege over 30 days

Cyber-crime01 Aug 2022 | 12

Spyware developer charged by Australian Police after 14,500 sales

Asia In Brief PLUS: India open to space tourism; China/Indonesia infosec pact; Paytm denies breach; Infosys dodges government again; and more

Security01 Aug 2022 | 2

Tim Hortons offers free coffee and donut to settle data privacy invasion claims

In brief Also, malicious VBA macros are out and container files are in, Robin Banks helps criminals rob banks, and more

Security30 Jul 2022 | 36

This is what to expect when a managed service provider gets popped

MSP should just stand for My Server's Pwned!

Cyber-crime30 Jul 2022 | 11

Feds put $10m bounty on Putin pal accused of bankrolling US election troll farm

Just in time for the midterms

Cyber-crime29 Jul 2022 | 54

Decentralized IPFS networks forming the 'hotbed of phishing'

P2P file system makes it more difficult to detect and take down malicious content

Security29 Jul 2022 | 23

BreachForums booms on the back of billion-record Chinese data leak

Plenty of recent users appear to be from China, and hoping for more leaks of local data

Security29 Jul 2022 |

Businesses confess: We pass cyberattack costs onto customers

Cover an average of $4.4 million per raid ourselves? No chance, mate

Security29 Jul 2022 | 21

US court system suffered 'incredibly significant attack' – sealed files at risk

Effects still being felt today across US government

Security29 Jul 2022 | 15

JPMorgan, UBS among trio accused of shoddy ID theft protection

SEC extracts pocket change from bankers, wags finger, sends them on their way

Cyber-crime28 Jul 2022 | 2

Suspected radiation alert saboteurs cuffed by cops after sensors disabled

You might say the police were in their element

Security28 Jul 2022 | 22

Google brings Street View back to India following 2016 ban

This time local companies provide the images and there's no mention of national security worries

Security28 Jul 2022 | 10

FileWave fixes bugs that left 1,000+ orgs open to ransomware, data theft

Internet-connected MDM instances, each with an 'unrestricted number' of managed devices, were vulnerable

Security27 Jul 2022 | 5

We're likely only seeing 'the tip of the iceberg' of Pegasus spyware use against the US

House intel chair raises snoop tool concerns as Google and others call for greater crack down

Security27 Jul 2022 | 19

US puts $10 million bounty on North Korean cyber-crews

Kim will be shaking in his shoes

Security27 Jul 2022 | 7

Apple network traffic takes mysterious detour through Russia

Land of Putin capable of attacking routes in cyberspace as well as real world

Security27 Jul 2022 | 30

AWS ups security for Elastic Block Store, Kubernetes service

Stretching its security software a bit further

Security27 Jul 2022 |

Knotweed Euro cyber mercenaries attacking private sector, says Microsoft

Reports seeing 'offensive actor' flinging SubZero malware

Security27 Jul 2022 | 4

Time from vulnerability disclosures to exploits is shrinking

Palo Alto Networks Unit 42 incident response team warns of patch speedups

Security27 Jul 2022 |

Weak data protection helped China attack US Federal Reserve, report says

Details of adversarial tradecraft detailed, includes many email accounts

Cyber-crime27 Jul 2022 | 2

IBM puts NIST’s quantum-resistant crypto to work in Z16 mainframe

Big Blue says it helped developed the algos, so knows what it's doing

Security27 Jul 2022 | 10

Vietnamese attacker circumvents Facebook security with ‘DUCKTAIL’ malware

Session cookies and 2FA subversion allow takeover of biz and ad accounts, lead to unauthorized ad buys

Research27 Jul 2022 | 8

Charter told to pay $7.3b in damages after cable installer murders grandmother

Broadband giant says it will appeal jury verdict in negligence case

Cyber-crime27 Jul 2022 | 83

Crypto exchange Kraken reportedly hunted by the Feds for alleged sanctions busting

Plus: Coinbase said to face SEC wrath, blockchain scam CEO admits using victims' millions to fund Hawaiian condo

Cyber-crime26 Jul 2022 | 10

Culture shock: Ransomware gang sacks arts orgs' email lists

Don't worry, the crooks totally deleted the data and promised not to use it for evil

Cyber-crime26 Jul 2022 | 4

Luca Stealer malware spreads rapidly after code handily appears on GitHub

Cool, another Rust project ... Oh

Security26 Jul 2022 | 3

With ransomware, the road to recovery starts well before you’re attacked

Learn how to orchestrate your survival strategy here

Ransomware less popular this year, but malware up: SonicWall cyber threat report

Be ready for a rebound, and protect yourself with patching and segmentation

Security26 Jul 2022 | 1

Cyber security training to fit your summer plans

A flexible approach to cyber security training and certification from SANS & GIAC

LockBit ransomware gang claims it ransacked Italy’s tax agency

Miscreants boast of 78GB haul, officials say everything's fine

Security26 Jul 2022 | 7

Node.js prototype pollution is bad for your app environment

Boffins find common code constructs that may be exploitable to achieve remote code execution

Research25 Jul 2022 | 5

T-Mobile US to cough up $550m after info stolen on 77m customers

Oops, did the Un-carrier under-count by 29m punters?

CSO25 Jul 2022 | 8

Twitter launches probe after miscreants claim to have swiped 5.4m users' details

And yes, Musk is back in the headlines, denying another affair

Cyber-crime25 Jul 2022 | 7

Cyber-mercenaries for hire represent shifting criminal business model

Emerging threat group offers a broad range of attack services

Security25 Jul 2022 | 9

DoJ approves Google's acquisition of Mandiant

In Brief Plus: Ukrainian fake news and Uber admits covering up data breach

Security25 Jul 2022 | 2

Infosec not your job but your responsibility? How to be smarter than the average bear

Opinion Many of last week's security stories tell the same tale

Security25 Jul 2022 | 20

Realizing your software has a vulnerability is bad. Realizing you’ve shipped it to thousands of customers…

How bad can it be? Find out with this webinar

My Big Coin founder is – you guessed it – a $6m crypto-fraudster

Con man blew victims' cash on antiques, artwork, other riches

Cyber-crime22 Jul 2022 | 54

Microsoft closes off two avenues of attack: Office macros, RDP brute-forcing

Blockade against VBA scripts in downloaded files is back on by default

CSO22 Jul 2022 | 15

Don't dive head first into that crypto pool, FBI warns

Liquidity scams cost victims more than $70m, agents say

Cyber-crime22 Jul 2022 | 17

At the edge, nobody can hear your IoT devices scream …

Red Hat’s approach to locking down remote industrial networks and data processing facilities

Sponsored Feature

British intelligence recycles old argument for thwarting strong encryption: Think of the children!

Comment Levy and Robinson are at it again

Security22 Jul 2022 | 185

Russia, Iran discuss tech manufacturing, infosec and e-governance collaboration

Proposed working group would see Moscow's miltech conglomerate Rostec operate in Tehran

Security22 Jul 2022 | 20

Ex-Coinbase manager charged in first-ever crypto insider trading case

Exec, his brother, and a pal raked in $1.5m in illicit gains, Feds claim

Cyber-crime21 Jul 2022 | 21

US Cyber Command spots another 20 malware strains targeting Ukraine

Plus Mandiant, Cisco Talos uncover digital espionage

Research21 Jul 2022 | 1

Simplifying backup and recovery management

Removing the risks of fragmented data protection

DataDome looks to CAPTCHA the moment with test of humanity that doesn't hurt

As the verification technology weathers ongoing criticism from users, one anti-bot security vendor rolls out its own tool

Security21 Jul 2022 | 15

Outlook email users alerted to suspicious activity from Microsoft-owned IP address

Updated Netizens turn amateur sleuths to discover Windows giant is the source of weird login attempts

Security21 Jul 2022 | 58

What does software supply chain pain really feel like? Find out right here

This Immersive Labs webinar will make it feel mighty real

Atlassian reveals critical flaws in almost everything it makes and touches

Fixes issued, warns it 'has not exhaustively enumerated all potential consequences'

Patches21 Jul 2022 | 13

Suspected Gozi malware gang 'CIO' extradited to US on fraud, hacking charges

Euro man allegedly known as 'Virus' faces years behind bars if convicted

Cyber-crime20 Jul 2022 | 4

Google: Kremlin-backed goons spread Android malware disguised as pro-Ukraine app

Don't. Download. Unknown. Apps.

Security20 Jul 2022 | 1

Boffins release tool to decrypt Intel microcode. Have at it, x86 giant says

Peek behind the curtain to see SGX implemented, Spectre mitigated, and more

Research20 Jul 2022 | 18

DoJ, FBI recover $500,000 in ransomware payments to Maui gang

Money paid by healthcare facilities to North Korean group traced through blockchain and Chinese launderers

Security20 Jul 2022 | 2

Singapore distances itself from local crypto companies

Consumer protection regulation coming soon as anti-crypto rhetoric ratchets

Security20 Jul 2022 | 4

Amazon sues 10,000 Facebook Group admins for offering fake reviews

Good luck deciding which toxic monopolist deserves your sympathy in this fight

Cyber-crime20 Jul 2022 | 46

Belgium says Chinese cyber gangs attacked its government and military

China, as usual, says it just wants a peaceful and prosperous internet

Security20 Jul 2022 | 15

Security flaws in GPS trackers can be abused to cut off fuel to vehicles, CISA warns

About '1.5 million' folks and organizations use these gadgets

Security19 Jul 2022 | 29

Google pulls malware-infected apps in its Store, over 3 million users at risk

Some people call me the code cowboy, some call me the gangster of root, 'cause I'm a Joker

Security19 Jul 2022 | 6

Walmart-controlled flight booking service suffers substantial data leak

India's Cleartrip is being very opaque about what happened

Security19 Jul 2022 | 7

Jailed crooks told to cough up $600k for COVID fraud

Poetic justice? The virus does love it in some federal prisons

Cyber-crime19 Jul 2022 | 1

Bogus cryptocurrency apps steal millions in mere months

As if the crypto world needs any help in making money vanish

Cyber-crime18 Jul 2022 | 22

Botnet malware disguises itself as password cracker for industrial controllers

Can't get into that machine? No problem, just trust this completely sketchy looking tool

Research18 Jul 2022 | 8

Albanian government websites go dark after cyberattack

Updated Citizen services only moved online in May. What could possibly go wrong?

Security18 Jul 2022 | 3

Microsoft's latest security patch troubles Windows 11 users

Updated The curse of Patch Tuesday strikes again as error codes wreak minor havoc

Security18 Jul 2022 | 20

Bill for US telcos to bin Chinese kit blows out by $3 billion

Carriers likely to get cents on the dollar for ditched Huawei and ZTE kit unless more funds are found

Security18 Jul 2022 | 13

TikTok's chief security officer steps aside, thanks to Oracle move

Takes up advisory role that might leave time to play with parent company's homebrew cloudy SmartNICs

CSO18 Jul 2022 |

Alibaba execs hauled in to discuss Shanghai Police data leak

Asia In Brief Plus: Weibo cracks down on political puns; Singaporean crypto biz Vauld restructures; Philippines fights Facebook rumors

Security18 Jul 2022 | 2

North Koreans spotted harassing SMBs with malware

In brief Also: Lawyers told to dissuade clients from paying off ransomware crooks, and more

Security16 Jul 2022 | 16

CISA pulls the fire alarm on Juniper Networks bugs

Hate to ruin your Friday

Patches15 Jul 2022 | 3

Thousands of websites run buggy WordPress plugin that allows complete takeover

All versions are susceptible, there's no patch, so now's a good time to remove this add-on

Security15 Jul 2022 | 32

Windows Network File System flaw results in arbitrary code execution as SYSTEM

Follina was all very exciting, but did you patch CVE-2022-30136?

Security15 Jul 2022 | 9

Digital burglary at recruitment agency Morgan Hunt confirmed

Third-party software developer blamed for 'improperly storing credentials to our database'

Security15 Jul 2022 | 19

Meet Mantis – the tiny shrimp that launched 3,000 DDoS attacks

Watch out for deadly pinchers after that record-breaking attack

Cyber-crime15 Jul 2022 | 7

ABOUT US

MORE CONTENT

SITUATION PUBLISHING

The Register - Independent news and views for the tech community. Part of Situation Publishing

SIGN UP TO OUR DAILY NEWSLETTER

Biting the hand that feeds IT © 1998–2022

Do not sell my personal information Cookies Privacy Ts&Cs