Security News • The Register

Security

Story of the creds-leaking Exchange Autodiscover flaw – the one Microsoft wouldn't fix even after 5 years

Redmond reckoned protocol weakness is not a security vulnerability

UK's National Crime Agency WLTM Deputy Director of Digital Data & Technology

Up to £118,000 and use of Cycle2work scheme for successful applicant

27 Sep 14:31 | 4

Fake 'BT' caller fleeces elderly victim of £30k in APP app scam

That's authorised push payment – where they get the mark to make the transfer

27 Sep 12:58 | 48

'Quad' group seeks to set security standards for global tech industry

USA, India, Australia, and Japan pledge to build own 5G tech, share space data, secure rare earth supply chains, and more

27 Sep 02:21 | 25

Frustrated dev drops three zero-day vulns affecting Apple iOS 15 after six-month wait

Security Bounty program slammed over 'broken promises'

24 Sep 19:43 | 37

Stop worrying that crims could break the 'net, say cyber-diplomats – only nations have tried

Global Commission on the Stability of Cyberspace is a bit miffed its 'Don't attack the internet core' norm is misunderstood

24 Sep 07:28 | 11

Apple warns of arbitrary code execution zero-day being actively exploited on Macs

Remember iPods? The same bug can bite them, and plenty of older iPhones and iPads too

24 Sep 05:01 | 12

UK Ministry of Defence apologises – again – after another major email blunder in Afghanistan

This time affecting candidates for potential relocation

23 Sep 13:00 | 35

Researchers finger new APT group, FamousSparrow, for hotel attacks

Espionage motive mooted in attacks which hit industry, government too

23 Sep 10:00 | 8

Zoom's $15bn merger with Five9 probed by Uncle Sam for national security risks

Vid-chat giant's ties to China under the microscope by AG-led panel

22 Sep 23:46 | 7

Apple tried to patch this security hole in macOS Finder but didn't consider upper and lowercase characters

file:// is blocked? Oh OK, we'll just use File:// or fiLE://...

22 Sep 23:07 | 38

Lithuania tells its citizens to throw Xiaomi mobile devices in the bin

Baltic state's cyber security centre uncovers remote censorship blocklist function in Mi 10T handset

22 Sep 20:36 | 63

Microsoft Exchange Autodiscover protocol found leaking hundreds of thousands of credentials

Email clients fail over to unexpected domains if they can't find the right resources

22 Sep 13:00 | 57

Break out your emergency change process and patch this ransomware-friendly bug ASAP, says VMware

File upload vuln lets miscreants hijack vCenter Server - and is being exploited in the wild

22 Sep 00:45 | 8

Database containing personal info on 106m people who traveled to Thailand found open to the internet – report

Misconfigured Elasticsearch server blamed

21 Sep 23:36 | 5

Suex to be you: Feds sanction cryptocurrency exchange for handling payments from 8+ ransomware variants

Russia-based biz targeted in Uncle Sam's crack down on cyber-extortion

21 Sep 19:59 | 8

Fix network printing or keep Windows secure? Admins would rather disable PrintNightmare patch

'Our >3,000 customers had to print again'

21 Sep 13:00 | 51

UK Ministry of Defence apologises after Afghan interpreters' personal data exposed in email blunder

We joke about lethal consequences of failure but this isn't funny

21 Sep 11:30 | 58

Mafia works remotely, too, it seems: 100+ people suspected of phishing, SIM swapping, email fraud cuffed

Dare we say, these Euro cops ran mobprobe

21 Sep 05:16 | 10

You’ve trained at the cutting edge, here’s how to keep your DFIR skills razor sharp

Sometimes the most important tool is a bookmark

Popular

Don't touch that dial – the new guy just closed the application that no one is meant to close

An unexpected round of Just A Minute for a unsuspecting Weather Presenter

This won’t hurt a bit, says Veeam, as it flags end of socket-based licensing

Change to universal licenses coming sometime in 2022, says backup vendor, but won't be forced

'Quad' group seeks to set security standards for global tech industry

USA, India, Australia, and Japan pledge to build own 5G tech, share space data, secure rare earth supply chains, and more

Indian state cuts off internet for millions to stop cheating in exams

1.6 million people sat teaching eligibility test, chasing 40,000 jobs

Metrobank techies placed at risk of redundancy, severance terms criticised

Now sing with us: Agile, agile, agile...

If your head's not in the cloud, you're not in the right place

'Where are the k8s kids?' ask corporates as they can't pay, won't pay

Baby, I swear it's déjà vu: iFixit prises open the iPhone 13 Pro

Battery still swappable – rest fiddly

Want to feel old? Aussie cyclist draws Nirvana baby in Strava on streets of Adelaide because Nevermind is 30

Meanwhile, Nirvana baby unchuffed about being Nirvana baby

Calculating the big picture: Future HPC efforts will soon see off its von Neumann past

Dear John, I'm leaving you for a robot

Fake 'BT' caller fleeces elderly victim of £30k in APP app scam

That's authorised push payment – where they get the mark to make the transfer

MORE
STORIES

Apache OpenOffice can be hijacked by malicious documents, fix still in beta

If you need another reason to try an alternative software suite

20 Sep 20:52 | 34

Ransomware recovery: Start getting back up before you’re even hit

Here’s how to put your plan together

Tick, tick, tick … TikTok China just limited kids to 40 minutes' use each day

And added a bug bounty program to detect any holes in its 'youth mode'

20 Sep 01:14 | 25

Yes, of course there's now malware for Windows Subsystem for Linux

Once dismissed proof-of-concept attack on Microsoft OS through WSL detected in the wild

17 Sep 22:06 | 59

Something phishy: Tech recruiters jabbed by fake COVID-19 Passport scam

Tells clients it is tackling the issue

17 Sep 16:42 | 15

Is it OK to use stolen data? What if it's scientific research in the public interest?

Not always, but Swiss team says you can manage the risks

17 Sep 13:02 | 51

WTF? Microsoft makes fixing deadly OMIGOD flaws on Azure your job

Clouds usually fix this sort of thing before bugs go public. This time it's best to assume you need to do this yourself

17 Sep 04:58 | 32

Aviation-themed phishing campaign pushed off-the-shelf RATs into inboxes for 5 years

Not all promises of international flight itineraries are real, warns Cisco Talos

16 Sep 20:35 | 2

Hack yourself before someone else does it for you

Breach and attack simulation tools help you raise your game, Keysight says

Ransomware-hit law firm secures High Court judgment against unknown criminals

You tell 'em, 4 New Square chambers

16 Sep 15:15 | 31

Computer and data scientists should be as highly regarded as 'warriors' says top UK cybergeneral

Translation: Skills shortage here!

16 Sep 12:14 | 42

De-identify, re-identify: Anonymised data's dirty little secret

Jeffrey Singh, stamp-collecting bachelor (35) of Milwaukee, Wisconsin – is that you?

16 Sep 08:28 | 76

It's time to delete that hunter2 password from your Microsoft account, says IT giant

And go passwordless, use auth app, keys, Windows Hello, or codes to login

16 Sep 05:58 | 77

This is AUKUS for China – US, UK, Australia reveal defence tech-sharing pact

Will build nuke-powered subs together and share cyber, AI, quantum and mysterious 'undersea capabilities' tech

16 Sep 03:27 | 135

Ransomware crims saying 'We'll burn your data if you get a negotiator' can't be legally paid off anyway

Grief Corp are already under US sanctions, says Emsisoft

15 Sep 11:33 | 60

Ex-US intel, military trio were cyber-mercenaries for UAE, say prosecutors

Three men charged with breaking export, security laws, agree to deal after infiltrating smartphones with zero-click exploits

15 Sep 06:45 | 22

ABOUT US

MORE CONTENT

SITUATION PUBLISHING

The Register - Independent news and views for the tech community. Part of Situation Publishing

SIGN UP TO OUR DAILY NEWSLETTER

Biting the hand that feeds IT © 1998–2021

Do not sell my personal information Cookies Privacy Ts&Cs