Australian health insurance company Medibank will take all of its IT systems offline and close its branches over the weekend as part of its ongoing efforts to improve security and recover from a massive data security breach in October.β¦
Britain's data watchdog has slapped financial penalties totaling Β£435,000 (c $529,000) on five companies it says collectively made almost half of million marketing calls to people registered with the Telephone Preference Service (TPS).β¦
Scammers have scammed their fellow cybercriminals out of more than $2.5 million on three dark web forums alone over the last 12 months, according to Sophos researchers.β¦
North Korea has hit a new low, using the death of over 150 people to exploit a zero-day flaw in Internet Explorer.β¦
Two more US states have launched aggressive action against made-in-China social media app TikTok.β¦
Apple says it will provide end-to-end encryption for most iCloud services, having abandoned its previously announced β and then quietly shelved β plan to check the legality of on-device photos prior to cloud synchronization.β¦
San Francisco legislators this week changed course on their killer robot policy, banning the police from using remote-control bots fitted with explosives. For now.β¦
Public sector bans of Chinese platform TikTok on the grounds of national security have arisen in both Taiwan and additional US states following last weekβs ban in South Dakota.β¦
Microsoft has warned Europe to be on alert for cyber attacks from Russia this winter, just as a series of attacks hit Russian organizations β including the country's second-largest bank.β¦
The Canadian branch of Amnesty International was the target of an attack it has pinned on a Chinese state-sponsored actor.β¦
New Zealand's Privacy Commission has signalled it may open an investigation into local managed services provider Mercury IT, which serves many government agencies and businesses and has been hit by ransomware.β¦
Updated Rackspace has admitted a ransomware infection was to blame for the days-long email outage that disrupted services for customers.Β β¦
Enterprise security pros can detect malware samples in environments that incorporate the highly evasive Cobalt Strike attack code by analyzing artifacts in process memory, according to researchers with Palo Alto Networks' Unit 42 threat intelligence unit.β¦
Somewhere out there, a botnet operator is kicking themselves and probably hoping no one noticed the typo they transmitted in a command that crashed their whole operation.Β β¦
Webinar There you are, standing in front of two peaks, a security roadmap in your back pocket to guide you up the sheer track of the first mountain. In the other pocket, a DevOps plan that will have you leaping like a mountain goat from rock to rock up the next door peak. You wonder which mountain to scale first, but it is an impossible choice. The night is stealing all the light from the sky, and you must make up your mind.β¦
America's Transport Security Administration, better known as the TSA, has been testing facial recognition software to automatically screen passengers flying across the country in 16 airports. And now it's looking into rolling it out nationwide next year.β¦
Four men suspected of plotting to commit wire fraud and identity theft have been arrested and now face extradition to America.β¦
Officials in Moore County, North Carolina, declared a state of emergency on Sunday after gunfire damaged an electrical substation and left 45,000 homes and businesses without power in near freezing temperatures.β¦
Compromised Android platform certificate keys from device makers including Samsung, LG and Mediatek are being used to sign malware and deploy spyware, among other software nasties.β¦
Webinar Just as Frank Sinatra sang in days gone by, 'love and marriage' goes together like a 'horse and carriage,' there should be no question about the true pairing of security and speed. Or as Sinatra went on to croon, 'try, try, try to separate them, it's an illusion.' Companies may feel they are forced to choose between securing all their application identities at the cost of speed of development, but this doesn't have to be the case.β¦
In brief Certificate Authority TrustCor responded to its ejection from Mozilla and Microsoft's browsers by offering refunds for some customers, while leaving other resellers to pick up the mess on their own.β¦
Rackspace has not offered any explanation of the "security incident" that has taken out its hosted Exchange environment and led the company to predict multiple days of downtime before restoration.β¦
Updated Some of Rackspaceβs hosted Microsoft Exchange services have been taken down by what the company has described as a βsecurity incidentβ.β¦
In Palmdale, California on Friday, Northrop Grumman CEO Kathy Warden revealed a US Air Force warplane that had only been shown in artist renderings and is supposed to be seldom seen, the B-21 Raider.β¦
Australian health insurer Medibank's prognosis following an October data breach keeps getting worse as criminals dumped another batch of stolen customer data on the dark web.Β β¦
The US government has issued an alert about Cuba; not the state but a ransomware gang that's taking millions in purloined profits.β¦
A sophisticated and very patient threat group behind a global malvertising scheme is using so-called aged domains to skirt past cybersecurity tools and catch victims in investment scams.β¦
Updated Mozilla and Microsoft have taken action against a certificate authority accused of having close ties to a US military contractor that allegedly paid software developers to embed data-harvesting malware in mobile apps.β¦
On Call Welcome once more to On-Call, The Register's weekly reader-contributed column that tells tales of IT pros being asked to fix things that should never have broken.β¦
Nvidia fixed more than two dozen security flaws in its GPU display driver, the most severe of which could allow an unprivileged user to modify files, and then escalate privileges, execute code, tamper with or steal data, or even take over your device.β¦
Google's Threat Analysis Group (TAG) said on Wednesday that its researchers discovered commercial spyware called Heliconia that's designed to exploit vulnerabilities in Chrome and Firefox browsers as well as Microsoft Defender security software.β¦
Intruders broke into a third-party cloud storage service LastPass shares with affiliate company GoTo and gained access to "certain elements" of customers' information, the pair have confirmed.β¦
The ClamAV command-line virus scanner used on many Linux boxes has attained an important-looking milestone release: version 1.0.0.β¦
Sponsored Feature It's easy to forget the human factor when it comes to cybersecurity. Completely locking down your network will certainly make you secure, just as completely locking down your building will do the same. The problem is you'll struggle to get much work done, because people need access to assets, physical or virtual, to do their jobs.β¦
Almost 300 apps, downloaded by around 15 million users, have been pulled from the Google Play and Apple App stores over claims they promised quick loans at reasonable rates but then used extortion and other predatory schemes against borrowers.β¦
Sirius XM's Connected Vehicle Services has fixed an authorization flaw that would have allowed an attacker to remotely unlock doors and start engines on connected cars knowing only the vehicle identification number (VIN).β¦
Updated San Francisco police can deploy so-called "killer robots" following a Board of Supervisors' vote on Tuesday, clearing the cops to use robots equipped with explosives in extreme situations.β¦
The governor of South Dakota issued an executive order on Tuesday banning the use of Chinese social media platform TikTok for state government agencies, employees and contractors on state devices.β¦
Cloudflare has found a way to extend some of its services across the Great Firewall and into mainland China.β¦
Malware-slinging miscreants are taking advantage of a trending TikTok challenge β and viewers' dirty minds β to spread data-stealing malware via a phony app that's had more than one million views so far.β¦
Locheed Martin has bagged a government contract to train 17,000 remote US Army civilian employees on security readiness, and wants to also extend the offer to private entities.β¦
Webinar This year's RSA Conference saw SANS security experts gather to identify and discuss five of the most dangerous cyber attack techniques identified in the first half of the year. If you missed the original debate, don't worry, you have another chance to learn what you should be looking out for.β¦
The Russian criminal crew Sandworm is launching another attack against organizations in Ukraine, using a ransomware that analysts at Slovakian software company ESET are calling RansomBoggs.β¦
Europol has arrested hundreds of fraudsters, money launderers and cocaine kingpins, and shut down thousands of websites selling pirated and counterfeit products in a series of raids over the past month.β¦
India's Telecom Regulatory Authority (TRAI) has announced a fresh crackdown on TXT spam β this time using artificial intelligence, after a previous blockchain-powered effort delivered mixed results.β¦
Updates to Windows Server released as part of this month's Patch Tuesday onslaught might cause some domain controllers to stop working or automatically restart, according to Microsoft.β¦
Sponsored Post Christmas is a time for gift giving and spending time with your friends and family β but that doesn't have to be all. What if you could add to the fun by taking part in an entertaining free holiday-themed cyber security event that both builds your skills and gives you the chance of adding a stellar prize to the pile of gifts under your tree?β¦
The United States' Federal Communications Commission (FCC) has barred itself from authorizing the import or sale of Chinese telecoms and video surveillance products from Huawei, ZTE, Hytera Communications, Hikvision, and Dahua, on national security grounds.β¦
Webinar Email provides us with an infinite number of possible exchanges. We send approximately 332 billion messages a day but having so much convenience and flexibility at our fingertips also brings security risks.β¦
In brief NordPass has released its list of the most common passwords of 2022, and frankly we're disappointed in all of you.β¦
Twitter CEO Elon Musk has decided to allow suspended accounts back onto the micro-blogging service.β¦
Updated The United Kingdom has decided Chinese video cameras have no place in government facilities.β¦
In its latest quarterly threat report, Meta said it had detected and disrupted influence operations originating in the US, and it calls out those it believes are responsible: the American military.β¦
The European Parliament has experienced a cyber attack that started not long after it declared Russia to be a state sponsor of terrorism.β¦
Microsoft is warning that systems using the long-discontinued Boa web server could be at risk of attacks after a series of intrusion attempts of power grid operations in India likely included exploiting security flaws in the technology.β¦
The US government seized seven domain names used in so-called "pig butchering" scams that netted criminals more than $10 million.β¦
A credential stuffing attack over the weekend that affected sports betting biz DraftKings resulted in as much as $300,000 being stolen from customer accounts.β¦
Amazon Web Services (AWS) fixed a cross-tenant flaw in AWS AppSync that could allow miscreants to abuse that cloud service to assume identity and access management roles in other AWS accounts, and then gain access to and control over those resources.Β β¦
Microsoft is rolling out fixes for problems with the Kerberos network authentication protocol on Windows Server after it was broken by November Patch Tuesday updates.β¦
Phishing attempts targeting victims in the Middle East increased 100 percent last month in the lead up to the World Cup in Qatar, according to security shop Trellix.β¦