Miscreants 'mass exploited' Fortinet firewalls, 'highly probable' zero-day used Updated Ransomware 'not off the table,' Arctic Wolf threat hunter tells El Reg Networks14 Jan 2025 | 23
Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days 'Codefinger' crims on the hunt for compromised keys Research13 Jan 2025 | 4
Security pros baited with fake Windows LDAP exploit traps Tricky attackers trying yet again to deceive the good guys on home territory Cyber-crime09 Jan 2025 | 7
DNA sequencers found running ancient BIOS, posing risk to clinical research Updated Devices on six-year-old firmware vulnerable to takeover and destruction Research08 Jan 2025 | 24
Crims backdoored the backdoors they supplied to other miscreants. Then the domains lapsed Here's what $20 gets you these days Research08 Jan 2025 | 13
FireScam infostealer poses as Telegram Premium app to surveil Android devices updated Once installed, it helps itself to your data like it's a free buffet Research06 Jan 2025 | 5
How cops taking down LockBit, ALPHV led to RansomHub's meteoric rise Cut off one head, two more grow back in its place Cyber-crime28 Dec 2024 | 4
How Androxgh0st rose from Mozi's ashes to become 'most prevalent malware' Botnet's operators 'driven by similar interests as that of the Chinese state' Cyber-crime24 Dec 2024 | 3
UK ICO not happy with Google's plans to allow device fingerprinting Infosec in brief Also, Ascension notifies 5.6M victims, Krispy Kreme bandits come forward, LockBit 4.0 released, and more Security23 Dec 2024 | 75
Boffins trick AI model into giving up its secrets All it took to make an Google Edge TPU give up model hyperparameters was specific hardware, a novel attack technique … and several days Research18 Dec 2024 | 20
Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks IOCONTROL targets IoT and OT devices from a ton of makers, apparently Research13 Dec 2024 | 15
AMD secure VM tech undone by DRAM meddling Boffins devise BadRAM attack to pilfer secrets from SEV-SNP encrypted memory Systems10 Dec 2024 | 10
Fully patched Cleo products under renewed 'zero-day-ish' mass attack Thousands of servers targeted while customers wait for patches Research10 Dec 2024 |
Crooks stole AWS credentials from misconfigured sites then kept them in open S3 bucket Exclusive ShinyHunters-linked heist thought to have been ongoing since March Research09 Dec 2024 | 9
How Chinese insiders are stealing data scooped up by President Xi's national surveillance system Feature 'It's a double-edged sword,' security researchers tell The Reg Public Sector08 Dec 2024 | 52
Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' Redmond threat intel maven talks explains this persistent pain to The Reg Security06 Dec 2024 | 16
Data broker leaves 600K+ sensitive files exposed online Exclusive Researcher spotted open database before criminals … we hope Research27 Nov 2024 | 22
First-ever UEFI bootkit for Linux in the works, experts say Bootkitty doesn’t bite… yet Research27 Nov 2024 | 14
The workplace has become a surveillance state Cracked Labs report explores the use of motion sensors and wireless networking kit to monitor offices CxO27 Nov 2024 | 72
'Alarming' security bugs lay low in Linux's needrestart utility for 10 years Update now: Qualys says flaws give root to local users, 'easily exploitable', default in Ubuntu Server Research21 Nov 2024 | 15
Pornhub lockdown and fact-free Zuckbots – welcome to 2025 Opinion Think you're good at spotting trends? Try these on for size
NATO's newest member comes out swinging following latest Baltic Sea cable attack 'Sweden has changed,' PM warns as trio of warships join defense efforts
Miscreants 'mass exploited' Fortinet firewalls, 'highly probable' zero-day used Updated Ransomware 'not off the table,' Arctic Wolf threat hunter tells El Reg
Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days 'Codefinger' crims on the hunt for compromised keys
Intel, AMD engineers rush to save Linux 6.13 after dodgy Microsoft code change 'Let's not do this again please'... days before release date
Azure, Microsoft 365 MFA outage locks out users across regions It's fixed, mostly, after Europeans had a manic Monday
WordPress drama latest: Leader Matt Mullenweg exiles five contributors WordPress.org accounts cancelled, dissidents told to fork off
Pastor's divine 'dream' crypto scheme indicted by Uncle Sam Plus: Man who tossed Bitcoin drive worth millions barred from digging in dump
Life lesson: Don't delete millions of accounts on the same day you go to the dentist Who, Me? Or ignore documentation that warns you are about to do something dangerous
Google's AI bug hunters sniff out two dozen-plus code gremlins that humans missed OSS-Fuzz is making a strong argument for LLMs in security research AI + ML20 Nov 2024 | 9
China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer No word on when or if the issue will be fixed Security19 Nov 2024 | 2
America's drinking water systems have a hard-to-swallow cybersecurity problem More than 100M rely on gear rife with vulnerabilities, says EPA OIG Public Sector19 Nov 2024 | 20
Rust haters, unite! Fil-C aims to Make C Great Again It's memory-safe, with a few caveats Software16 Nov 2024 | 104
Letting chatbots run robots ends as badly as you'd expect LLM-controlled droids easily jailbroken to perform mayhem, researchers warn AI + ML16 Nov 2024 | 44
Reminder: China-backed crews compromised 'multiple' US telcos in 'significant cyber espionage campaign' Updated Feds don't name Salt Typhoon, but describe Beijing band's alleged deeds Research14 Nov 2024 | 5
China's Volt Typhoon crew and its botnet surge back with a vengeance Ohm, for flux sake Public Sector13 Nov 2024 | 4
Don't open that 'copyright infringement' email attachment – it's an infostealer Curiosity gives crims access to wallets and passwords Research07 Nov 2024 | 21
Cybercrooks are targeting Bengal cat lovers in Australia for some reason In case today’s news cycle wasn’t shocking enough, here’s a gem from Sophos Research06 Nov 2024 | 15
Criminals open DocuSign's Envelope API to make BEC special delivery Why? Because that's where the money is Research05 Nov 2024 | 4
Ongoing typosquatting campaign impersonates hundreds of popular npm packages Puppeteer or Pupeter? One of them will snoop around on your machine and steal your credentials Research05 Nov 2024 | 11
Google claims Big Sleep 'first' AI to spot freshly committed security bug that fuzzing missed You snooze, you lose, er, win AI + ML05 Nov 2024 | 19
Gang gobbles 15K credentials from cloud and email providers' garbage Git configs Emeraldwhale looked sharp – until it made a common S3 bucket mistake Research31 Oct 2024 | 2
AWS Cloud Development Kit flaw exposed accounts to full takeover Remember Bucket Monopoly? Yeah, it gets worse Cybersecurity Month24 Oct 2024 | 13
Perfctl malware strikes again as crypto-crooks target Docker Remote API servers Attacks on unprotected servers reach 'critical level' Cybersecurity Month24 Oct 2024 | 1
Millions of Android and iOS users at risk from hardcoded creds in popular apps Azure Blob Storage, AWS, and Twilio keys all up for grabs Cybersecurity Month23 Oct 2024 | 17
WeChat devs introduced security flaws when they modded TLS, say researchers No attacks possible, but enough issues to cause concern Cybersecurity Month17 Oct 2024 | 15
WhatsApp may expose the OS you use to run it – which could expose you to crooks Updated Meta knows messaging service creates persistent user IDs that have different qualities on each device Research16 Oct 2024 | 16
Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption With an off-the-shelf D-Wave machine, but only against very short keys Cybersecurity Month14 Oct 2024 | 23
INC ransomware rebrands to Lynx – same code, new name, still up to no good Researchers point to evidence that scumbags visited the strategy boutique Cybersecurity Month11 Oct 2024 | 10
Smart TVs are spying on everyone Regulators know this is a nightmare and have done little to stop it. Privacy advocacy group wants that to change Cybersecurity Month09 Oct 2024 | 127
Harvard duo hacks Meta Ray-Bans to dox strangers on sight in seconds 'You can build this in a few days – even as a very naïve developer' Cybersecurity Month04 Oct 2024 | 115
Ransomware crew infects 100+ orgs monthly with new MedusaLocker variant Exclusive Crooks 'like a sysadmin, with a malicious slant' Cybersecurity Month03 Oct 2024 | 3
NIST's security flaw database still backlogged with 17K+ unprocessed bugs. Not great Logjam 'hurting infosec processes world over' one expert tells us as US body blows its own Sept deadline Cybersecurity Month02 Oct 2024 | 8
The fix for BGP's weaknesses has big, scary, issues of its own, boffins find Bother, given the White House has bet big on RPKI – just like we all rely on immature internet infrastructure that usually works Security02 Oct 2024 | 9
Cloud threats have execs the most freaked out because they're not prepared Ransomware? More like 'we don't care' for everyone but CISOs Research30 Sep 2024 | 3
Red team hacker on how she 'breaks into buildings and pretends to be the bad guy' Interview Alethe Denis exposes tricks that made you fall for that return-to-office survey Cybersecurity Month29 Sep 2024 | 68
Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud Defenders beware: Data theft, extortion, and backdoors on Storm-0501's agenda Research27 Sep 2024 | 6
Russia's digital warfare on Ukraine shows no signs of slowing: Malware hits surge Severe incidents may be down, but Putin had to throw one in for good measure Cyber-crime24 Sep 2024 | 9
Move over, Cobalt Strike. Splinter’s the new post-exploit menace in town No malware crew linked to this latest red-teaming tool yet Research23 Sep 2024 |
No way? Big Tech's 'lucrative surveillance' of everyone is terrible for privacy, freedom Says Lina Khan in latest push to rein in Meta, Google, Amazon and pals Personal Tech19 Sep 2024 | 26
Thousands of orgs at risk of knowledge base data leaks via ServiceNow misconfigurations Updated Better check your widgets, people Research19 Sep 2024 | 7
Tor insists its network is safe after German cops convict CSAM dark-web admin Outdated software blamed for cracks in the armor Cyber-crime19 Sep 2024 | 25
Putin really wants Trump back in the White House US govt, Microsoft report on Kremlin trolls' latest antics to Make America Grate Again Research18 Sep 2024 | 268
Chinese spies spent months inside aerospace engineering firm's network via legacy IT Exclusive Getting sloppy, Xi CSO18 Sep 2024 | 32
Feeld dating app's security too open-minded as private data swings into public view No love for months-long wait to fix this, either Research13 Sep 2024 | 8
Mind your header! There's nothing refreshing about phishers' latest tactic It could lead to a costly BEC situation Research12 Sep 2024 | 2
If HDMI screen rips aren't good enough for you pirates, DeCENC is another way to beat web video DRM Academically interesting technique for poking holes in paywalled tech specs Research12 Sep 2024 | 37
How $20 and a lapsed domain allowed security pros to undermine internet integrity What happens at Black Hat… Research11 Sep 2024 | 19
Cicada ransomware may be a BlackCat/ALPHV rebrand and upgrade Researchers find many similarities, and nasty new customizations such as embedded compromised user credentials Research04 Sep 2024 |
Novel attack on Windows spotted in phishing campaign run from and targeting China Resources hosted at Tencent Cloud involved in Cobalt Strike campaign Research02 Sep 2024 | 3
Tired of airport security queues? SQL inject yourself into the cockpit, claim researchers Updated Infosec hounds say they spotted vulnerability during routine travel in the US Research30 Aug 2024 | 28
31.5M invoices, contracts, patient consent forms, and more exposed to the internet Exclusive Unprotected database with 12 years of biz records yanked offline CSO26 Aug 2024 | 28
110K domains targeted in 'sophisticated' AWS cloud extortion campaign Updated If you needed yet another reminder of what happens when security basics go awry Research21 Aug 2024 | 4
Digital wallets can allow purchases with stolen credit cards Researchers find it's possible to downgrade authentication checks, and shabby token refresh policies Research20 Aug 2024 | 36
Multiple flaws in Microsoft macOS apps unpatched despite potential risks Windows giant tells Cisco Talos it isn't fixing them Research19 Aug 2024 | 21
Google raps Iran's APT42 for raining down spear-phishing attacks US politicians and Israeli officials among the top targets for the IRGC’s cyber unit Research15 Aug 2024 | 1
China-linked cyber-spies infect Russian govt, IT sector No, no, go ahead, don't let us stop you, Xi Research15 Aug 2024 | 17
Who uses LLM prompt injection attacks IRL? Mostly unscrupulous job seekers, jokesters and trolls Because apps talking like pirates and creating ASCII art never gets old AI + ML13 Aug 2024 | 17
Raptor Lake microcode limits Intel chips to a mere 1.55 volts to prevent CPU destruction Is that a lot? Depends on the context. GHz, no. Voltage, yes Personal Tech09 Aug 2024 | 28
It's 2024 and we're just getting round to stopping browsers insecurely accessing 0.0.0.0 Can't reach someone's private server on localhost from outside? No problem Research09 Aug 2024 | 39
Cloud storage lockers from Microsoft and Google used to store and spread state-sponsored malware Black Hat Why run your own evil infrastructure when Big Tech offers robust tools hosted at trusted URLs? Black Hat and DEF CON08 Aug 2024 | 2
Faulty instructions in Alibaba's T-Head C910 RISC-V CPUs blow away all security Black Hat Let's get physical, physical ... I don't wanna hear your MMU talk Black Hat and DEF CON07 Aug 2024 | 48
Small CSS tweaks can help nasty emails slip through Outlook's anti-phishing net A simple HTML change and the warning is gone! Research07 Aug 2024 | 13
SharpRhino malware targets IT admins – Hunters International gang suspected Fake Angry IP Scanner will make you furious - or maybe remind you of how the Hive gang went about its banal business Security07 Aug 2024 |
Georgia's voter portal gets a crash course in client versus backend input validation Trying to cancel a citizen's registration would be caught by humans no matter what the page said, officials say Research07 Aug 2024 | 36
Bad apps bypass Windows security alerts for six years using newly unveiled trick Windows SmartScreen and Smart App Control both have weaknesses of which to be wary Research06 Aug 2024 | 16
Sneaky SnakeKeylogger slithers into Windows inboxes to steal sensitive secrets Malware logs users' keystrokes, pilfers credentials, exfiltrates data Research05 Aug 2024 | 15
DARPA suggests turning old C code automatically into Rust – using AI, of course Who wants to make a TRACTOR pull request? Research03 Aug 2024 | 146
Russia takes aim at Sitting Ducks domains, bags 30,000+ Eight-year-old domain hijacking technique still claiming victims Research31 Jul 2024 |
Proofpoint phishing palaver plagues millions with 'perfectly spoofed' emails from IBM, Nike, Disney, others They DKIM here, they DKIM there Research30 Jul 2024 | 33
Meta's AI safety system defeated by the space bar 'Ignore previous instructions' thwarts Prompt-Guard model if you just add some good ol' ASCII code 32 AI + ML29 Jul 2024 | 57
Malware crew Stargazers Goblin used 3,000 GitHub accounts to make bank May even have targeted other malware gangs, and infosec researchers Cyber-crime26 Jul 2024 | 9
Beware of fake CrowdStrike domains pumping out Lumma infostealing malware PSA: Only accept updates via official channels ... ironically enough Malware Month25 Jul 2024 | 3
FYI: Data from deleted GitHub repos may not actually be deleted And the forking Microsoft-owned code warehouse doesn't see this as much of a problem CSO25 Jul 2024 | 49
Oops. Apple relied on bad code while flaming Google Chrome's Topics ad tech Yes, you can be fingerprinted and tracked via Privacy Sandbox – tho the risk isn't as high as feared Personal Tech24 Jul 2024 | 8
Forget security – Google's reCAPTCHA v2 is exploiting users for profit Updated Web puzzles don't protect against bots, but humans have spent 819 million unpaid hours solving them Security24 Jul 2024 | 72
How did a CrowdStrike file crash millions of Windows computers? We take a closer look at the code Analysis Maybe next time some staged rollouts? A bit of QA too? CSO23 Jul 2024 | 119
Russia’s FIN7 is peddling its EDR-nerfing malware to ransomware gangs Major vendors' products scuppered by novel techniques Research18 Jul 2024 | 5
Release the hounds! Securing datacenters may soon need sniffer dogs Nothing else can detect attackers with implants designed to foil physical security Security18 Jul 2024 | 35
Ransomware continues to pile on costs for critical infrastructure victims Millions more spent without any improvement in recovery times Malware Month17 Jul 2024 | 5
FBI gains access to Trump rally shooter's phone Hasn't said how it did it, but has form cracking devices Research16 Jul 2024 | 115
RADIUS networking protocol blasted into submission through MD5-based flaw If someone can do a little MITM'ing and hash cracking, they can log in with no valid password needed Research10 Jul 2024 | 11
Latest Ghostscript vulnerability haunts experts as the next big breach enabler There's also chatter about whether medium severity scare is actually code red nightmare Research05 Jul 2024 | 25
Traeger security bugs bad news for grillers with neighborly beef Never risk it when it comes to brisket – make sure those updates are applied Research03 Jul 2024 | 20
CISA looked at C/C++ projects and found a lot of C/C++ code. Wanna redo any of it in Rust? So, so many lines of memory-unsafe routines in crucial open source, and unsafe dependencies Research28 Jun 2024 | 81
'Skeleton Key' attack unlocks the worst of AI, says Microsoft Simple jailbreak prompt can bypass safety guardrails on major models AI + ML28 Jun 2024 | 115
Polyfill.io owner punches back at 'malicious defamation' amid domain shutdown Updated No supply-chain attacks to see over here! Research28 Jun 2024 | 28
If you're using Polyfill.io code on your site – like 100,000+ are – remove it immediately Scripts turn sus after mysterious CDN swallows domain CSO25 Jun 2024 | 61
'Mirai-like' botnet observed attacking EOL Zyxel NAS devices Seems like as good a time as any to upgrade older hardware Research24 Jun 2024 | 3