The court system of Victoria, Australia, was subject to a suspected ransomware attack in which audiovisual recordings of court hearings may have been accessed.β¦
US prosecutors do not plan to proceed with a second trial of convicted and imprisoned crypto-villain Sam Bankman-Fried (SBF), according to a Southern District of New York court letter filed on December 29.β¦
On Call Itβs the last Friday of 2023, but because the need for tech support never goes away neither does On Call, The Registerβs Friday column in which readers share their tales of being asked to fix the unfeasible, in circumstances that are often indefensible.β¦
Feature The same cybercrime crew broke into two high-profile Las Vegas casino networks over the summer, infected both with ransomware, and stole data belonging to tens of thousands of customers from the mega-resort chains.β¦
Kaspersky's Global Research and Analysis Team (GReAT) has exposed a previously unknown "feature" in Apple iPhones that allowed malware to bypass hardware-based memory protection.β¦
Infosec in brief Iranian cyberspies are targeting defense industrial base organizations with a new backdoor called FalseFont, according to Microsoft.β¦
Feature When AlphV/BlackCat's website went dark this month, it was like Chrimbo came early for cybersecurity defenders, some of whom seemingly believed law enforcement had busted one of the most menacing cyber criminal crews.β¦
Two British teens who were members of the Lapsus$ gang have been sentenced for their roles in a cyber-crime spree that included compromising Uber, Nvidia, and fintech firm Revolut, and also blackmailing Grand Theft Auto maker Rockstar Games.β¦
Security vendor Sonatype believes developers are failing to address the critical remote code execution (RCE) vulnerability in the Apache Struts 2 framework, based on recent downloads of the code.β¦
Mozilla last week revised its position on a web security technology called Trusted Types, which it has decided to implement in its Firefox browser.β¦
NASA's Office of Inspector General has run its eye over the aerospace agency's privacy regime and found plenty to like β but improvements are needed.β¦
IBM Security has dissected some JavaScript code that was injected into people's online banking pages to steal their login credentials, saying 50,000 user sessions with more than 40 banks worldwide were compromised by the malicious software in 2023.β¦
Cybercriminals are preying on the inherent helpfulness of hotel staff during the sector's busy holiday season.β¦
Updated Greater Manchester Police (GMP) must clear the backlog of hundreds of Freedom of Information (FOI) Act requests β some years old β or find itself in contempt of court.β¦
A vulnerability in the SSH protocol can be exploited by a well-placed adversary to weaken the security of people's connections, if conditions are right.β¦
A transnational police operation has resulted in the arrest of 3,500 alleged cybercriminals and the seizure of $300 million in cash and digital assets.β¦
Millions of Comcast Xfinity subscribers' personal data β including potentially their usernames, hashed passwords, contact details, and secret security question-answers β was likely stolen by one or more miscreants exploiting Citrix Bleed in October.β¦
Four vulnerabilities in Perforce Helix Core Server, including one critical remote code execution bug, should be patched "immediately," according to Microsoft, which spotted the flaws and disclosed them to the software vendor.β¦
Updated The FBI created a decryption tool for the ransomware used by the gang known as BlackCat and/or AlphV, as part of a wider disruption campaign against the extortionists.β¦
Multiple sources are confirming the resurgence of Qakbot malware mere months after the FBI and other law enforcement agencies shuttered the Windows botnet.β¦
Hacktivists reportedly disrupted services at about 70 percent of Iran's gas stations in a politically motivated cyberattack.β¦
Mortgage lender Mr Cooper has now admitted almost 14.7 million people's private information, including addresses and bank account numbers, were stolen in an earlier IT security breach, which is expected to cost the business at least $25 million to clean up.β¦
A digital break-in has disrupted VF Corp's operations and its ability to fulfill orders, according to the apparel and footwear giant.β¦
The National Grid is reportedly the latest organization in the UK to begin pulling China-manufactured equipment from its network over cybersecurity fears.β¦
Infosec in brief MongoDB on Saturday issued an alert warning of "a security incident involving unauthorized access to certain MongoDB corporate systems, which includes exposure of customer account metadata and contact information."β¦
Asia In Brief Think tank Australian Strategic Policy Institute (ASPI) last week published details of a campaign that spreads English language pro-China and anti-US narratives on YouTube.β¦
Cryptocurrency wallet maker Ledger says someone slipped malicious code into one of its JavaScript libraries to steal more than half a million dollars from victims.β¦
The Kraft Heinz Company says its systems are all up and running as usual as it probes claims that some of its data was stolen by ransomware crooks.β¦
Incident responders say they've found a new type of multi-platform malware abusing the New Kind of Network (NKN) protocol.β¦
A data regulator has reminded companies they need to take care while writing emails to avoid unintentionally blurting out personal data.β¦
Microsoft has taken down US-based infrastructure and websites used by a cybercrime group to sell fraudulent online accounts to other crooks including Scattered Spider, the infamous social-engineering and extortion crew that hacked two Las Vegas casinos over the summer.β¦
Updated The offensive cyber unit linked to Russia's Foreign Intelligence Service (SVR) is exploiting the critical vulnerability affecting the JetBrains TeamCity CI/CD server at scale, and has been since September, authorities warn.β¦
Multiple miscreants are misusing OAuth to automate financially motivated cyber crimes β such as business email compromise (BEC), phishing, large-scale spamming campaigns β and deploying virtual machines to illicitly mine for cryptocurrencies, according to Microsoft.β¦
Karakurt, a particularly nasty extortion gang that uses "extensive harassment" to pressure victims into handing over millions of dollars in ransom payments after compromising their IT infrastructure, pose a "significant challenge" for network defenders, we're told.β¦
Sponsored Post Whether you are considering a career in cyber security or you already work in the industry, the 2023 SANS Holiday Hack Challenge is a great way of combining festive fun and learning. Who knows, the skills you acquire this holiday season might even help you foil a nefarious hacker at Yuletide next year.β¦
Webinar In China, clouds are a symbol of luck. See multiple layering of clouds in a blue sky can mean you are in line to receive eternal happiness.β¦
Close to a million records containing personally identifiable information belonging to donors that sent money to non-profits were found exposed in an online database.β¦
Sponsored Feature Most experts agree cybersecurity is now so complex that managing it has become a security problem in itself.β¦
Cybercrime gangs like the notorious Lazarus group and spyware vendors like Israel's NSO should be considered cyber mercenaries β and become the subject of a concerted international response β according to a Monday report from Delhi-based think tank Observer Research Foundation (ORF).β¦
It's the last Patch Tuesday of 2023, which calls for celebration βΒ just as soon as you update Windows, Adobe, Google, Cisco, FortiGuard, SAP, VMware, Atlassian and Apple products, of course.β¦
An ex-First Republic Bank cloud engineer was sentenced to two years in prison for causing more than $220,000 in damage to his former employer's computer network after allegedly using his company-issued laptop to watch pornography.β¦
There was only one US Air National Guardsman behind the leak of top-secret US military documents on Discord, but his chain of command bears some responsibility for letting it happen on their watch.β¦
An official review of the Police Service of Northern Ireland's (PSNI) August data breach has revealed the full extent of the impact on staff.β¦
BlackBerry has decided its plan to split into two separate companies is not a good idea and will instead reorganize itself into two independent divisions.β¦
Hundreds of suspected people smugglers have been arrested, and 163 potential victims rescued from servitude, as part of an Interpol-coordinated operation dubbed "Turquesa V" that targeted cyber criminals who lure workers into servitude to carry out their scams.β¦
Many US businesses may be required to assist in government-directed surveillance β depending upon which of two reform bills before Congress is approved.β¦
Norton Healthcare, which runs eight hospitals and more than 30 clinics in Kentucky and Indiana, has admitted crooks may have stolen 2.5 million people's most sensitive data during a ransomware attack in May.β¦
Research into Lazarus Group's attacks using Log4Shell has revealed novel malware strains written in an atypical programming language.β¦
Two years after the Log4Shell vulnerability in the open source Java-based Log4j logging utility was disclosed, circa one in four applications are dependent on outdated libraries, leaving them open to exploitation.β¦
Webinar In the natural world, there are ten different kinds of cloud - a rare simplicity in meteorological terms. But in our global business environment, there's no single defining feature to aid classification.β¦
Security in brief The saga of 23andMe's mega data breach has reached something of a conclusion, with the company saying its probe has determined millions of leaked records originated from illicit break-ins into just 14,000 accounts.β¦
Interview Monitoring biz VictoriaMetrics is relatively unusual in its field. It is yet to accept external investment, preferring instead to try to grow organically rather than being forced to through a private equity meat grinder by committing to grow by X every year until the investor exits.β¦
An unknown pro-Russia influence group spent time recruiting unwitting Hollywood actors to assist in smear campaigns against Ukraine and its president Volodymyr Zelensky.β¦
Two competing bills to reauthorize America's FISA Section 702 spying powers advanced in the House of Representatives committees this week, setting up Congress for a battle over warrantless surveillance before the law lapses in the New Year.β¦
Human trafficking for the purposes of populating cyber scam call centers is expanding beyond southeast Asia, where the crime was previously isolated.β¦
A trio of Polish security researchers claim to have found that trains built by Newag SA contain software that sabotages them if the hardware is serviced by competitors.β¦
Russia-backed attackers have named new targets for their ongoing phishing campaigns, with defense-industrial firms and energy facilities now in their sights, according to agencies of the Five Eyes alliance.β¦
A series of attacks against Microsoft Active Directory domains could allow miscreants to spoof DNS records, compromise Active Directory and steal all the secrets it stores, according to Akamai security researchers.β¦
The US Cybersecurity and Infrastructure Security Agency (CISA) has signed a working arrangement with its EU counterparts to increase cross-border information sharing and more to tackle criminals.β¦
A Belgian man has been arrested and charged for his role in a years-long smuggling scheme to export military-grade electronics from the US to Russia and China.β¦