Explore strategies for effective endpoint control Webinar Discover how automation can simplify endpoint management in this webinar Webinar
British hospitals hit by cyberattacks still battling to get systems back online Children's hospital and cardiac unit say criminals broke in via shared 'digital gateway service' Cyber-crime05 Dec 2024 | 13
BT Group confirms attackers tried to break into Conferencing division Sensitive data allegedly stolen from US subsidiary following Black Basta post Cyber-crime05 Dec 2024 | 4
Shape the future of UK cyber security Partner Content Support the industry by sponsoring the UK Cyber Team Competition Partner Content
Ransomware hangover, Putin grudge blamed for vodka maker's bankruptcy Stoli Group on the rocks in the US Security05 Dec 2024 | 25
T-Mobile US CSO: Spies jumped from one telco to another in a way 'I've not seen in my career' interview Security chief talks to El Reg as Feds urge everyone to use encrypted chat CSO05 Dec 2024 | 37
Cops arrest suspected admin of German-language crime bazaar Drugs, botnets, forged docs, and more generated fortune for platform sellers Cyber-crime04 Dec 2024 | 18
Microsoft says premature patch could make Windows Recall forget how to work Installed the final non-security preview update of 2024? Best not hop onto the Dev Channel CSO04 Dec 2024 | 23
Eurocops take down 'secure' criminal chat system known as Matrix Updated They took the red pill Cyber-crime04 Dec 2024 | 42
FTC scolds two data brokers for allegedly selling your location to the meter 'Where we go is who we are' totally isn't a creepy ad slogan at all Personal Tech04 Dec 2024 | 19
Perfect 10 directory traversal vuln hits SailPoint's IAM solution Updated 20-year-old info disclosure class bug still pervades security software Patches03 Dec 2024 | 6
Major energy contractor reports 'limited' access to IT after ransomware locks files ENGlobal customers include the Pentagon as well as major oil and gas producers Security03 Dec 2024 | 10
Severity of the risk facing the UK is widely underestimated, NCSC annual review warns National cyber emergencies increased threefold this year Cyber-crime03 Dec 2024 | 17
Russia gives life sentence to Hydra dark web kingpin after seizing a ton of drugs No exaggeration – literally a ton. Plus, 15 co-conspirators also put behind bars Cyber-crime03 Dec 2024 | 27
Data on 760K workers from Xerox, Nokia, BofA, Morgan Stanley and more dumped online Yet another result of the MOVEit mess Cyber-crime03 Dec 2024 | 3
AWS unveils cloud security IR service for a mere $7K a month Re:Invent Tap into the infinite scalability... of pricing Security03 Dec 2024 | 5
Discover the future of Linux security Explore open source strategies to safeguard critical systems and data Webinar
Russia arrests one of its own – a cybercrime suspect on FBI's most wanted list The latest in an unusual change of fortune for group once protected by the Kremlin Cyber-crime02 Dec 2024 | 53
Telco security is a dumpster fire and everyone's getting burned Opinion The politics of cybersecurity are too important to be left to the politicians Security02 Dec 2024 | 61
Interpol nabs thousands, seizes millions in global cybercrime-busting op Infosec in brief Also, script kiddies still a threat, Tornado Cash is back, UK firms lose billions to avoidable attacks, and more Security01 Dec 2024 | 7
Wubuntu: The lovechild of Windows and Linux nobody asked for A third-party Kubuntu remix with a severe identity crisis
T-Mobile US CSO: Spies jumped from one telco to another in a way 'I've not seen in my career' interview Security chief talks to El Reg as Feds urge everyone to use encrypted chat
Perfect 10 directory traversal vuln hits SailPoint's IAM solution Updated 20-year-old info disclosure class bug still pervades security software
Broadcom makes U-turn on plan to serve top 2,000 VMware customers itself Canalys Forums APAC Now wants to work with 500 and lean more on partners to defend against migrations – which Dell says are on the cards
FTC scolds two data brokers for allegedly selling your location to the meter 'Where we go is who we are' totally isn't a creepy ad slogan at all
AWS says AI could disrupt everything – and hopes it will do just that to Windows re:Invent Cloud colossus reckons it can clarify hallucinations, get your apps off Microsoft's OS at pleasing speed
Elementary OS 8 'Circe' conjures Wayland magic Based on Ubuntu 24.04, more accessibility, still looks great
Musk and Trump to fall out in 2025, predicts analyst Canalys Forums APAC Differing China tech policy agendas will send bromance into 'it's complicated' status
Microsoft confirms there will be no U-turn on Windows 11 hardware requirements TPM 2.0 'non-negotiable' for latest OS, says software giant
RansomHub claims to net data hat-trick against Bologna FC Crooks say they have stolen sensitive files on managers and players Cyber-crime30 Nov 2024 | 2
Zabbix urges upgrades after critical SQL injection bug disclosure US agencies blasted 'unforgivable' SQLi flaws earlier this year Patches29 Nov 2024 | 7
Ransom gang claims attack on NHS Alder Hey Children's Hospital Second alleged intrusion on English NHS org systems this week Cyber-crime29 Nov 2024 | 21
Fighting cybercrime with actionable knowledge A reason to celebrate SANS and its 35 years of cyber security training Sponsored Post
NHS major 'cyber incident' forces hospitals to use pen and paper Systems are isolated and pulled offline, while scheduled procedures are canceled Cyber-crime28 Nov 2024 | 56
The only thing worse than being fired is scammers fooling you into thinking you're fired Scumbags play on victims' worst fears in phishing campaign referencing UK Employment Tribunal Cyber-crime28 Nov 2024 | 50
Salt Typhoon's surge extends far beyond US telcos Plus, a brand-new backdoor, GhostSpider, is linked to the cyber spy crew's operations Security27 Nov 2024 | 7
T-Mobile US takes a victory lap after stopping cyberattacks: 'Other providers may be seeing different outcomes' Funny what putting more effort and resources into IT security can do CSO27 Nov 2024 | 9
Bolster resilience against 2025 cyber threats Watch this webinar to learn why cybersecurity leaders can trust the MITRE ATT&CK Evaluations Partner Content
Data broker leaves 600K+ sensitive files exposed online Exclusive Researcher spotted open database before criminals … we hope Research27 Nov 2024 | 22
First-ever UEFI bootkit for Linux in the works, experts say Bootkitty doesn’t bite… yet Research27 Nov 2024 | 11
Automating endpoint management Addressing the challenges of patching and vulnerability remediation Webinar
The workplace has become a surveillance state Cracked Labs report explores the use of motion sensors and wireless networking kit to monitor offices CxO27 Nov 2024 | 70
CrowdStrike still doesn't know how much its Falcon flame-out will cost Thinks customers may have forgiven it after revenue hits a record Security27 Nov 2024 | 19
Telco engineer who spied on US employer for Beijing gets four years in the clink Provides insight to how China gets inside US systems, perhaps at Verizon and Infosys Cyber-crime27 Nov 2024 | 15
Man accused of hilariously bad opsec as alleged cybercrime spree detailed Complaint claims he trespassed, gave himself discounts, and sorted CCTV access… Cyber-crime26 Nov 2024 | 24
US senators propose law to require bare minimum security standards In case anyone forgot about Change Healthcare Security26 Nov 2024 | 15
Bing Wallpaper app, now in Windows Store, accused of cookie shenanigans Microsoft free tool snooping on users? Surely not! Security26 Nov 2024 | 47
Another 'major cyber incident' at a UK hospital, outpatients asked to stay away Third time this year an NHS unit's IT systems have come under attack Cyber-crime26 Nov 2024 | 53
QNAP and Veritas dump 30-plus vulns over the weekend Updated Just what you want to find when you start a new week Patches26 Nov 2024 | 2
Britain Putin up stronger AI defences to counter growing cyber threats 'Be in no doubt: the UK and others in this room are watching Russia' Security26 Nov 2024 | 26
Supply chain management vendor Blue Yonder succumbs to ransomware And it looks like major UK retailers that rely on it are feeling the pinch Cyber-crime26 Nov 2024 | 9
Security? We've heard of it: How Microsoft plans to better defend Windows Ignite Did we say CrowdStrike? We meant, er, The July Incident... CSO25 Nov 2024 | 27
China has utterly pwned 'thousands and thousands' of devices at US telcos Senate Intelligence Committee chair says his 'hair is on fire' as execs front the White House Cyber-crime25 Nov 2024 | 51
Google blocked 1,000-plus pro-China fake news websites from its search results Beijing's propaganda buddies aren't just using social media Security25 Nov 2024 | 14
Imagine a land in which Big Tech can't send you down online rabbit holes or use algorithms to overcharge you China is trying to become that land, with a government crackdown on the things that make the internet no fun Security25 Nov 2024 | 69
Russian spies may have moved in next door to target your network Infosec in brief Plus: Microsoft seizes phishing domains; Helldown finds new targets; Illegal streaming with Jupyter, and more Security25 Nov 2024 | 22
Volunteer DEF CON hackers dive into America's leaky water infrastructure Six sites targeted for security clean-up, just 49,994 to go Security24 Nov 2024 | 13
Trump taps border hawk to head DHS. Will Noem's 'enthusiasm' extend to digital domain? Analysis Meanwhile, CISA chief Jen Easterly will step down prior to inauguration Public Sector23 Nov 2024 | 51
Andrew Tate's site ransacked, subscriber data stolen He'll just have to take this one on the chin Cyber-crime22 Nov 2024 | 106
1,000s of Palo Alto Networks firewalls hijacked as miscreants exploit critical hole Updated PAN-PAN! Intruders inject web shell backdoors, crypto-coin miners, more CSO22 Nov 2024 | 22
SafePay ransomware gang claims Microlise attack that disrupted prison van tracking Fledgling band of crooks says it stole 1.2 TB of data Cyber-crime22 Nov 2024 | 3
Helpline for Yakuza victims fears it leaked their personal info Organized crime types tend not to be kind to those who go against them, so this is nasty Security22 Nov 2024 | 21
Here's what happens if you don't layer network security – or remove unused web shells TL;DR: Attackers will break in and pwn you, as a US government red team demonstrated Security22 Nov 2024 | 4
DARPA-backed voting system for soldiers abroad savaged VotingWorks, developer of the system, disputes critics' claims Security21 Nov 2024 | 5
Chinese ship casts shadow over Baltic subsea cable snipfest Danish military confirms it is monitoring as Swedish police investigate. Cloudflare says impact was 'minimal' Networks21 Nov 2024 | 47
'Alarming' security bugs lay low in Linux's needrestart utility for 10 years Update now: Qualys says flaws give root to local users, 'easily exploitable', default in Ubuntu Server Research21 Nov 2024 | 15
Now Online Safety Act is law, UK has 'priorities' – but still won't explain 'spy clause' Draft doc struggles to describe how theoretically encryption-busting powers might be used Cyber-crime21 Nov 2024 | 59
Put your usernames and passwords in your will, advises Japan's government Digital end of life planning saves your loved ones from a little extra anguish Software21 Nov 2024 | 77
Five Scattered Spider suspects indicted for phishing spree and crypto heists DoJ also shutters allleged crimeware and credit card mart PopeyeTools Cyber-crime21 Nov 2024 | 3
Chinese cyberspies, Musk’s Beijing ties, labelled ‘real risk’ to US security by senator Meet Liminal Panda, which prowls telecom networks in South Asia and Africa CSO20 Nov 2024 | 32
Mega US healthcare payments network restores system 9 months after ransomware attack Change Healthcare’s $2 billion recovery is still a work in progress Cyber-crime20 Nov 2024 | 5
Google's AI bug hunters sniff out two dozen-plus code gremlins that humans missed OSS-Fuzz is making a strong argument for LLMs in security research AI + ML20 Nov 2024 | 9
D-Link tells users to trash old VPN routers over bug too dangerous to identify Vendor offers 20% discount on new model, but not patches CSO20 Nov 2024 | 59
Data is the new uranium – incredibly powerful and amazingly dangerous Column CISOs are quietly wishing they had less data, because the cost of management sometimes exceeds its value CSO20 Nov 2024 | 46
Healthcare org Equinox notifies 21K patients and staff of data theft Ransomware scum LockBit claims it did the dirty deed Cyber-crime20 Nov 2024 | 1
China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer No word on when or if the issue will be fixed Security19 Nov 2024 | 2
Russian suspected Phobos ransomware admin extradited to US over $16M extortion This malware is FREE for EVERY crook ($300 decryption keys sold separately) Cyber-crime19 Nov 2024 | 5
America's drinking water systems have a hard-to-swallow cybersecurity problem More than 100M rely on gear rife with vulnerabilities, says EPA OIG Public Sector19 Nov 2024 | 20
Palo Alto Networks tackles firewall-busting zero-days with critical patches Amazing that these two bugs got into a production appliance, say researchers Patches19 Nov 2024 | 4
Crook breaks into AI biz, points $250K wire payment at their own account Fastidious attacker then tidied up email trail behind them Cyber-crime19 Nov 2024 | 12
Join in the festive cybersecurity fun Get hands-on cybersecurity training with this seasonal challenge Sponsored Post
iOS 18 added secret and smart security feature that reboots iThings after three days Security researcher's reverse engineering effort reveals undocumented reboot timer that will make life harder for attackers Security19 Nov 2024 | 43
Ford 'actively investigating' after employee data allegedly parked on leak site Updated Plus: Maxar Space Systems confirms employee info stolen in digital intrusion Security18 Nov 2024 | 3
Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble If you didn't fix this a month ago, your to-do list probably needs a reshuffle Virtualization18 Nov 2024 | 4
T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears updated Un-carrier said to be among those hit by Salt Typhoon, including AT&T, Verizon Networks18 Nov 2024 | 2
Sweden's 'Doomsday Prep for Dummies' guide hits mailboxes today First in six years is nearly three times the size of the older, pre-NATO version Security18 Nov 2024 | 39
Teen serial swatter-for-hire busted, pleads guilty, could face 20 years Infosec in brief PLUS: Cost of Halliburton hack disclosed; Time to dump old D-Link NAS; More UN cybercrime convention concerns; and more Security18 Nov 2024 | 23
Will passkeys ever replace passwords? Can they? Systems Approach Here's why they really should Security17 Nov 2024 | 125
Rust haters, unite! Fil-C aims to Make C Great Again It's memory-safe, with a few caveats Software16 Nov 2024 | 104
Swiss cheesed off as postal service used to spread malware QR codes arrive via an age-old delivery system Bootnotes16 Nov 2024 | 39
Bloke behind Helix Bitcoin launderette jailed for three years, hands over $400M Digital money laundering pays, until it doesn't Cyber-crime16 Nov 2024 | 7
Letting chatbots run robots ends as badly as you'd expect LLM-controlled droids easily jailbroken to perform mayhem, researchers warn AI + ML16 Nov 2024 | 44
Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit Yank access to management interface, stat CSO15 Nov 2024 | 28
Keyboard robbers steal 171K customers' data from AnnieMac mortgage house Names and social security numbers of folks looking for the biggest loan of their lives exposed Cyber-crime15 Nov 2024 | 6
Bitfinex burglar bags 5 years behind bars for Bitcoin heist A nervous wait for rapper wife who also faces a stint in the clink Cyber-crime15 Nov 2024 | 4
Microsoft Power Pages misconfigurations exposing sensitive data NHS supplier that leaked employee info fell victim to fiddly access controls that can leave databases dangling online Security15 Nov 2024 | 6
Fortinet patches VPN app flaw that could give rogue users, malware a privilege boost Plus a bonus hard-coded local API key Patches14 Nov 2024 |
Cybercriminal devoid of boundaries gets 10-year prison sentence Serial extortionist of medical facilities stooped to cavernous lows in search of small payouts Cyber-crime14 Nov 2024 | 6
Kids' shoemaker Start-Rite trips over security again, spilling customer card info Updated Full details exposed, putting shoppers at serious risk of fraud Cyber-crime14 Nov 2024 | 14
NatWest blocks bevy of apps in clampdown on unmonitorable comms From guidance to firm action... no more WhatsApp, Meta's Messenger, Signal, Telegram and more Security14 Nov 2024 | 25
Asda security chief replaced, retailer sheds jobs during Walmart tech divorce British grocer's workers called back to office as clock ticks for contractors On-Prem14 Nov 2024 | 18
Five Eyes infosec agencies list 2023's most exploited software flaws Slack patching remains a problem – which is worrying as crooks increasingly target zero-day vulns CSO14 Nov 2024 | 28
Reminder: China-backed crews compromised 'multiple' US telcos in 'significant cyber espionage campaign' Updated Feds don't name Salt Typhoon, but describe Beijing band's alleged deeds Research14 Nov 2024 | 5
ShrinkLocker ransomware scrambled your files? Free decryption tool to the rescue Plus: CISA's ScubaGear dives deep to fix M365 misconfigs CSO14 Nov 2024 | 3
Data broker amasses 100M+ records on people – then someone snatches, sells it We call this lead degeneration Cyber-crime13 Nov 2024 | 18
Ransomware fiends boast they've stolen 1.4TB from US pharmacy network American Associated Pharmacies yet to officially confirm infection Cyber-crime13 Nov 2024 | 1