How Androxgh0st rose from Mozi's ashes to become 'most prevalent malware'
Botnet's operators 'driven by similar interests as that of the Chinese state'
Cyber-crime24 Dec 2024 | 1
Security
Suspected LockBit dev, facing US extradition, 'did it for the money'
Dual Russian-Israeli national arrested in August
Cyber-crime23 Dec 2024 | 16
Don't fall for a mail asking for rapid Docusign action – it may be an Azure account hijack phish
Recent campaign targeted 20,000 folk across UK and Europe with this tactic, Unit 42 warns
Cyber-crime19 Dec 2024 | 17
US reportedly mulls TP-Link router ban over national security risk
updated It could end up like Huawei -Trump's gonna get ya, get ya, get ya
Security18 Dec 2024 | 55
Microsoft won't let customers opt out of passkey push
Enrollment invitations will continue until security improves
Security18 Dec 2024 | 105
Boffins trick AI model into giving up its secrets
All it took to make an Google Edge TPU give up model hyperparameters was specific hardware, a novel attack technique … and several days
Research18 Dec 2024 | 22
NARROWER TOPICS
Phishers cast wide net with spoofed Google Calendar invites
Not that you needed another reason to enable the 'known senders' setting
Cyber-crime18 Dec 2024 | 17
Critical security hole in Apache Struts under exploit
You applied the patch that could stop possible RCE attacks last week, right?
Patches17 Dec 2024 | 4
BlackBerry offloads Cylance's endpoint security products to Arctic Wolf
Fresh attempt to mix the perfect cocktail of IoT and Infosec
Security17 Dec 2024 | 1
Australia moves to drop some cryptography by 2030 – before quantum carves it up
The likes of SHA-256, RSA, ECDSA and ECDH won't be welcome in just five years
Security17 Dec 2024 | 51
Ransomware scum blow holes in Cleo software patches, Cl0p (sort of) claims responsibility
But can you really take crims at their word?
Security16 Dec 2024 | 1
Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks
IOCONTROL targets IoT and OT devices from a ton of makers, apparently
Research13 Dec 2024 | 15
Citrix goes shopping in Europe and returns with gifts for security-conscious customers
Acquires two companies that help those on the nice list keep naughty list types at bay
Virtualization12 Dec 2024 |
Blocking Chinese spies from intercepting calls? There ought to be a law
Sen. Wyden blasts FCC's 'failure' amid Salt Typhoon hacks
Security11 Dec 2024 | 17
Krispy Kreme Doughnut Corporation admits to hole in security
Belly-busting biz says it's been hit by cowardly custards
Security11 Dec 2024 | 33
US names Chinese national it alleges was behind 2020 attack on Sophos firewalls
Also sanctions his employer – an outfit called Sichuan Silence linked to Ragnarok ransomware
Cyber-crime11 Dec 2024 | 4
AMD secure VM tech undone by DRAM meddling
Boffins devise BadRAM attack to pilfer secrets from SEV-SNP encrypted memory
Systems10 Dec 2024 | 10
Open source maintainers are drowning in junk bug reports written by AI
Python security developer-in-residence decries use of bots that 'cannot understand code'
Devops10 Dec 2024 | 91
WhatsApp finally fixes View Once flaw that allowed theft of supposedly vanishing pics
And it only took four months, tut
Security10 Dec 2024 | 22
China's Salt Typhoon recorded top American officials' calls, says White House
No word yet on who was snooped on. Any bets?
CSO09 Dec 2024 | 24
Crooks stole AWS credentials from misconfigured sites then kept them in open S3 bucket
Exclusive ShinyHunters-linked heist thought to have been ongoing since March
Research09 Dec 2024 | 9
Microsoft dangles $10K for hackers to hijack LLM email service
Outsmart an AI, win a little Christmas cash
CSO09 Dec 2024 | 12
How Chinese insiders are stealing data scooped up by President Xi's national surveillance system
Feature 'It's a double-edged sword,' security researchers tell The Reg
Public Sector08 Dec 2024 | 52
Micropatchers share 1-instruction fix for NTLM hash leak flaw in Windows 7+
Updated Microsoft's OS sure loves throwing your creds at remote systems
Patches06 Dec 2024 | 13
Facing sale or ban, TikTok tossed under national security bus by appeals court
Video slinger looks to Supremes for salvation, though anything could happen under Trump
Personal Tech06 Dec 2024 | 43
PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files
updated Still unpatched 100+ days later, watchTowr says
Cyber-crime06 Dec 2024 | 4
Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday'
Redmond threat intel maven talks explains this persistent pain to The Reg
Security06 Dec 2024 | 16
T-Mobile US CSO: Spies jumped from one telco to another in a way 'I've not seen in my career'
Interview Security chief talks to El Reg as Feds urge everyone to use encrypted chat
CSO05 Dec 2024 | 54
Major energy contractor reports 'limited' access to IT after ransomware locks files
ENGlobal customers include the Pentagon as well as major oil and gas producers
Security03 Dec 2024 | 11
Data on 760K workers from Xerox, Nokia, BofA, Morgan Stanley and more dumped online
Yet another result of the MOVEit mess
Cyber-crime03 Dec 2024 | 3
AWS unveils cloud security IR service for a mere $7K a month
Re:Invent Tap into the infinite scalability... of pricing
Security03 Dec 2024 | 5
Telco security is a dumpster fire and everyone's getting burned
Opinion The politics of cybersecurity are too important to be left to the politicians
Security02 Dec 2024 | 63
The only thing worse than being fired is scammers fooling you into thinking you're fired
Scumbags play on victims' worst fears in phishing campaign referencing UK Employment Tribunal
Cyber-crime28 Nov 2024 | 50
Salt Typhoon's surge extends far beyond US telcos
Plus, a brand-new backdoor, GhostSpider, is linked to the cyber spy crew's operations
Security27 Nov 2024 | 7
T-Mobile US takes a victory lap after stopping cyberattacks: 'Other providers may be seeing different outcomes'
Funny what putting more effort and resources into IT security can do
CSO27 Nov 2024 | 9
Data broker leaves 600K+ sensitive files exposed online
Exclusive Researcher spotted open database before criminals … we hope
Research27 Nov 2024 | 22
The workplace has become a surveillance state
Cracked Labs report explores the use of motion sensors and wireless networking kit to monitor offices
CxO27 Nov 2024 | 70
CrowdStrike still doesn't know how much its Falcon flame-out will cost
Thinks customers may have forgiven it after revenue hits a record
Security27 Nov 2024 | 19
US senators propose law to require bare minimum security standards
In case anyone forgot about Change Healthcare
Security26 Nov 2024 | 15
Britain Putin up stronger AI defences to counter growing cyber threats
'Be in no doubt: the UK and others in this room are watching Russia'
Security26 Nov 2024 | 26
Supply chain management vendor Blue Yonder succumbs to ransomware
And it looks like major UK retailers that rely on it are feeling the pinch
Cyber-crime26 Nov 2024 | 9
Security? We've heard of it: How Microsoft plans to better defend Windows
Ignite Did we say CrowdStrike? We meant, er, The July Incident...
CSO25 Nov 2024 | 28
China has utterly pwned 'thousands and thousands' of devices at US telcos
Senate Intelligence Committee chair says his 'hair is on fire' as execs front the White House
Cyber-crime25 Nov 2024 | 51
Volunteer DEF CON hackers dive into America's leaky water infrastructure
Six sites targeted for security clean-up, just 49,994 to go
Security24 Nov 2024 | 13
We can clone you wholesale: Boffins build ML agents that respond like specific people
Oh, AI wanna be like you, AI wanna walk like you, talk like you, too
AI + ML24 Nov 2024 | 49
Trump taps border hawk to head DHS. Will Noem's 'enthusiasm' extend to digital domain?
Analysis Meanwhile, CISA chief Jen Easterly will step down prior to inauguration
Public Sector23 Nov 2024 | 51
Andrew Tate's site ransacked, subscriber data stolen
He'll just have to take this one on the chin
Cyber-crime22 Nov 2024 | 106
1,000s of Palo Alto Networks firewalls hijacked as miscreants exploit critical hole
Updated PAN-PAN! Intruders inject web shell backdoors, crypto-coin miners, more
CSO22 Nov 2024 | 22
Here's what happens if you don't layer network security – or remove unused web shells
TL;DR: Attackers will break in and pwn you, as a US government red team demonstrated
Security22 Nov 2024 | 4
DARPA-backed voting system for soldiers abroad savaged
VotingWorks, developer of the system, disputes critics' claims
Security21 Nov 2024 | 5
Five Scattered Spider suspects indicted for phishing spree and crypto heists
DoJ also shutters allleged crimeware and credit card mart PopeyeTools
Cyber-crime21 Nov 2024 | 3
Chinese cyberspies, Musk’s Beijing ties, labelled ‘real risk’ to US security by senator
Meet Liminal Panda, which prowls telecom networks in South Asia and Africa
CSO20 Nov 2024 | 32
Google's AI bug hunters sniff out two dozen-plus code gremlins that humans missed
OSS-Fuzz is making a strong argument for LLMs in security research
AI + ML20 Nov 2024 | 9
Data is the new uranium – incredibly powerful and amazingly dangerous
Column CISOs are quietly wishing they had less data, because the cost of management sometimes exceeds its value
CSO20 Nov 2024 | 46
Healthcare org Equinox notifies 21K patients and staff of data theft
Ransomware scum LockBit claims it did the dirty deed
Cyber-crime20 Nov 2024 | 1
China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer
No word on when or if the issue will be fixed
Security19 Nov 2024 | 2
Russian suspected Phobos ransomware admin extradited to US over $16M extortion
This malware is FREE for EVERY crook ($300 decryption keys sold separately)
Cyber-crime19 Nov 2024 | 5
Microsoft unleashes autonomous Copilot AI agents in public preview
Ignite They can learn, adapt, and make decisions – but don't worry, they're not coming for your job
PaaS + IaaS19 Nov 2024 | 9
iOS 18 added secret and smart security feature that reboots iThings after three days
Security researcher's reverse engineering effort reveals undocumented reboot timer that will make life harder for attackers
Security19 Nov 2024 | 43
Citrix gives its Platform a polish with enhanced management tools
Admins promised they can get stuff done with fewer clicks this year … or maybe next
Software19 Nov 2024 | 5
Ford 'actively investigating' after employee data allegedly parked on leak site
Updated Plus: Maxar Space Systems confirms employee info stolen in digital intrusion
Security18 Nov 2024 | 3
Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble
If you didn't fix this a month ago, your to-do list probably needs a reshuffle
Virtualization18 Nov 2024 | 4
Biting the hand that feeds IT
