You might want to think twice before typing anything into Microsoft's Edge browser, as an apparent bug in a recent release of Redmond's Chromium clone appears to be funneling URLs you visit back to the Bing API.β¦
The US government is aggressively pursuing three men accused of wide-ranging and complex conspiracies of laundering stolen and illicit cryptocurrency that the North Korean regime used to finance its massive weapons programs.β¦
Sponsored Feature Change in the tech industry is usually evolutionary, but perhaps more interesting are the exceptions to this rule β the microprocessor in 1968, the IBM PC in 1981, the web in 1989, the smartphone in 2007. These are the technologies whose appearance began new eras that completely reshaped the industry around them.β¦
Apache Superset until earlier this year shipped with an insecure default configuration that miscreants could exploit to login and take over the data visualization application, steal data, and execute malicious code.β¦
RSA Conference A group of some of the largest operational technology companies are using this year's RSA Conference as an opportunity to launch an open source early-threat-warning system designed for OT and industrial control systems (ICS) environments.Β β¦
Ransomware spreaders have built a handy tool that abuses an out-of-date Microsoft Windows driver to disable security defenses before dropping malware into the targeted systems.β¦
In Brief We thought it was probably the case when the news came out, but now it's been confirmed: The X_Trader supply chain attack behind the 3CX compromise last month wasn't confined to the telco developer.β¦
Asia In Brief Chinese scientists have estimated the mass of the Milky Way.β¦
Europe's air-traffic agency appears to be the latest target in pro-Russian miscreants' attempts to disrupt air travel.β¦
Microsoft has partnered with organizations around the globe to bring more women into infosec roles, though the devil is in the details.β¦
An international group of law enforcement agencies are urging Meta not to standardize end-to-end encryption on Facebook Messenger and Instagram, which they say will harm their ability to fight child sexual abuse material (CSAM) online.β¦
Sponsored Post Digital patient medical records now cover a whole gamut of sensitive details such as clinical diagnoses/treatments, prescriptions, personal finances and insurance policies. Which makes keeping them safe more important than ever.β¦
On Call Itβs always twelve oβclock somewhere, the saying goes, but Friday comes around but once a week and only this day does The Register offer a fresh instalment of On Call, our reader-contributed tales of tech support torture and turmoil.β¦
Business process outsourcing and tech services player Capita says there is proof that some customer data was scooped up by cyber baddies that broke into its systems late last month.β¦
The supply-chain attack against 3CX last month was caused by an earlier supply-chain compromise of a different software firm β Trading Technologies β according to Mandiant, whose consulting crew was hired by 3CX to help the VoIP biz investigate the intrusion.β¦
Sponsored Feature For some time now, alerts concerning the utilisation of AI by cybercriminals have been sounded in specialist and mainstream media alike β with the set-to between AI-armed attackers and AI-protected defenders envisaged in vivid gladiatorial terms.β¦
Sponsored Post Some of the most famous cyber attacks in history have been directed against Industrial Control Systems (ICS).β¦
The Medusa ransomware gang has put online what it claims is a massive leak of internal Microsoft materials, including Bing and Cortana source code.β¦
Six years after a jury decided otherwise, Google has convinced an appeals court to reverse a $20 million patent judgment against the web giant.β¦
Analysis Israeli spyware shop QuaDream is reportedly shutting down due to financial troubles.β¦
Developers who use GitHub Actions to build software packages for the npm registry can now add a command flag that will publish details about the code's origin.β¦
Webinar There's nothing complicated about the statistics released in Sysdig's latest report. They're alarming and should keep many an IT team up at night.β¦
Four US citizens have been accused of working on behalf of the Russian government to push pro-Kremlin propaganda and unduly influence elections in Florida.β¦
The UK and US governments have sounded the alarm on Russian intelligence targeting unpatched Cisco routers to deploy malware and carry out surveillance.β¦
Security researchers and analysts can now search Microsoft's Threat Intelligence Defender database using file hashes and URLs when pulling together information for network intrusion investigations and whatnot.β¦
Updated Two execs and a multinational payment processing company must pay $650k to the US government, says the FTC, which accuses them of knowingly processing credit card payments for Microsoft-themed support scammers.β¦
Several police forces in Britain are being put on the naughty step by the UK's data watchdog for using a calling app that recorded hundreds of thousands of phone conversations and illegally retained that data.β¦
The UKβs chartered institute for IT has slammed proposed legislation that could see the government open a βback doorβ to encrypted messaging.β¦
Black Basta, the extortionists who claimed they were the ones who lately broke into Capita, have reportedly put up for sale sensitive details, including bank account information, addresses, and passport photos, stolen from the IT outsourcing giant.β¦
The United States Department of Justice has charged 44 people over schemes prosecutors allege were run by Chinaβs National Police to silence opponents of the Communist Party of China.β¦
An Australian military helicopter crash was reportedly caused by failure to apply a software patch, with a hefty side serving of pilot error.β¦
LockBit has developed ransomware that can encrypt files on Arm-powered Macs, said to be a first for the prolific cybercrime crew.Β β¦
A recruitment business that sent out an eye watering 107 million spam emails is now nursing a Β£130,000 ($161,000) fine from Britainβs data watchdog.β¦
Opinion Most data theft does clear harm to the victim, and often to its customers. But while embarrassing, the cyberattack against MSI in which source code was said to be stolen is harder to diagnose. It looks like a valuable company asset that's cost a lot to develop. That its theft may be no loss is a weird idea. But then, firmware is weirder than we give it credit for. It's even hard to say exactly what it is.β¦
Who, Me? Welcome once more to Who Me? The Registerβs confessional column in which readers admit to being the source of SNAFUs.β¦
In brief Google on Friday released an emergency update for Chrome to address a zero-day security flaw.β¦
Special report United Nations negotiators convened this week in Vienna, Austria, to formulate a draft cybercrime treaty, and civil society groups are worried.β¦
A suspected Nigerian fraudster is scheduled to appear in court Friday for his alleged role in a $6 million plot to scam businesses via email.β¦
Integrating the Local Administrator Password Solution (LAPS) into Windows and Windows Server that came with updates earlier this week is causing interoperability problems with what's called legacy LAPS, Microsoft says.β¦
As Elon Musk tears at Twitter's credibility by demanding businesses and individuals pay for their blue verification checks, Microsoft is pushing its own free digital ID tech to companies and their employees on LinkedIn.β¦
The Spectre vulnerability that has haunted hardware and software makers since 2018 continues to defy efforts to bury it.β¦
To improve security, the cybersecurity industry needs to follow the aviation industry's shift from a blame culture to a "just" culture, according to ISACA director Serge Christiaans.β¦
The FBI has detained a 21-year-old Air National Guardsman suspected of leaking a trove of classified Pentagon documents on Discord.β¦
AT&T is "concealing vital cybersecurity reporting" about its FirstNet phone network for first responders and the US military, according to US Senator Ron Wyden (D-OR), who said the network had been dubbed unsafe by CISA.β¦
Criminals posing as law enforcement agents of the Chinese government are shaking down Chinese nationals living the United States by accusing them of financial crimes and threatening to arrest or hurt them if they don't pay, according to the FBI.β¦
Webinar There's nothing like reading a report based on real world data to give IT teams an fresh sense of priority.β¦
The CEO of VoIP software provider 3CX has teased the imminent release of a security-focused upgrade to the companyβs progressive web application client.β¦
Bots like ChatGPT may not be able to pull off the next big Microsoft server worm or Colonial Pipeline ransomware super-infection but they may help criminal gangs and nation-state hackers develop some attacks against IT, according to Rob Joyce, director of the NSA's Cybersecurity Directorate.β¦
Malware reportedly developed by a little-known Israeli commercial spyware maker has been found on devices of journalists, politicians, and an NGO worker in multiple countries, say researchers.Β β¦
Microsoft patched 97 security flaws today for April's Patch Tuesday including one that has already been found and exploited by miscreants attempting to deploy Nokoyawa ransomware.β¦
A design flaw in Microsoft Azure β that shared key authorization is enabled by default when creating storage accounts β could give attackers full access to your environment, according to Orca Security researchers.β¦
In Brief More than 40 percent of surveyed IT security professionals say they've been told to keep network breaches under wraps despite laws and common decency requiring disclosure.β¦
If you want to sneak malware onto people's Android devices via the official Google Play store, it may cost you about $20,000 to do so, Kaspersky suggests.β¦
The liquidators picking over the remains of FTX have released their first formal report into Sam Bankman-Fried's imploded empire β and it somehow appears things are worse than feared.β¦
Apple rolled out patches on Good Friday to its iOS, iPadOS, and macOS operating systems and the Safari web browser to address vulnerabilities found by Google and Amnesty International that were exploited in the wild.β¦
Owners of Dropcam security cameras and Nest Secure systems have been given an unwelcome deadline from Google: their smart home products will be shut off April 8 next year.β¦
Microsoft and Fortra are taking legal and technical actions to thwart cyber-criminals from using the latter company's Cobalt Strike software to distribute malware.β¦
Sponsored Feature Most economies and business sectors are dealing with extreme volatility and economic uncertainty. Even as the dislocation caused by the pandemic three years ago looked to be settling down, business leaders have had to contend with geopolitical concerns, rising interest rates, and surging inflation.β¦
Owners of MSI-brand motherboards, GPUs, notebooks, PCs, and other equipment should exercise caution when updating their device's firmware or BIOS after the manufacturer revealed it has recently suffered a cyberattack.β¦
The chunk of internal source code Twitter released the other week contains a "shadow ban" vulnerability serious enough to earn its own CVE, as it can be exploited to bury someone's account of sight "without recourse."β¦