There's a "reasonable chance" that Ivanti Connect Secure (ICS) VPN users are already compromised if they didn't apply the vulnerability mitigation released last week, experts say.β¦
Global crime networks have set up shop in autonomous territories run by armed gangs across Southeast Asia, and are using them to host physical and online casinos that, in concert with crypto exchanges, have led to an explosion of money laundering, cyberfraud, and cybercrime across the region and beyond.β¦
More than 11,500 Juniper Networks devices are exposed to a new remote code execution (RCE) vulnerability, and infosec researchers are pressing admins to urgently apply the patches.β¦
GitLab admins should apply the latest batch of security patches pronto given the new critical account-bypass vulnerability just disclosed.β¦
Infosec in brief The US Federal Trade Commission has secured its first data broker settlement agreement, prohibiting X-Mode Social from sharing or selling sensitive location data.β¦
Sponsored Post Rubrik has combed through its archive to find what it judges to be the top 12 must-see demos of its products available to watch on demand whenever you feel like it.β¦
In June 2023 China made a typically bombastic announcement: operators of short-distance ad hoc networks must ensure they run according to proper socialist principles, and ensure all users divulge their real-world identities.β¦
Two zero-day bugs in Ivanti products were likely under attack by cyberspies as early as December, according to Mandiant's threat intel team.β¦
Criminals are exploiting a Windows Defender SmartScreen bypass vulnerability to infect PCs with Phemedrone Stealer, a malware strain that scans machines for sensitive information β passwords, cookies, authentication tokens, you name it β to grab and leak.β¦
Security experts claim ransomware criminals have got their hands on a functional exploit for a nearly year-old critical Microsoft SharePoint vulnerability that was this week added to the US's must-patch list.β¦
The criminal thought to be behind a multimillion-dollar cryptojacking scheme is in custody following a Europol-led investigation.β¦
Webinar Remote working has rapidly become the norm for many organizations and isn't ever going away. But it still needs to be secure if it's to be a success.β¦
The popularity of Github has made it too big to block, which is a boon to dissidents ducking government censors but a problem for internet security.β¦
Food delivery company HelloFresh is nursing a Β£140,000 ($178k) fine by Britainβs data privacy watchdog after a probe found it had dispatched upwards of a staggering 79 million spam email and one million texts in just seven months.β¦
On Call Welcome once more, dear reader, to On Call, The Register's weekly reader-contributed column detailing the delights and dangers of working in tech support.β¦
CES Despite all the buzz around internet-connected smart cars at this year's CES in Las Vegas, most folks don't want vehicle manufacturers sharing their personal data with third parties β and even say they'd consider buying an older or dumber car to protect their privacy and security.β¦
eBay will pay $3 million to settle criminal charges that its security team stalked and harassed a Massachusetts couple in retaliation for their website's critical coverage of the online tat bazaar.β¦
Google-owned security house Mandiant's investigation into how its X account was taken over to push cryptocurrency scams concludes the "likely" cause was a successful brute-force password attack.β¦
Security experts believe Chinese nation-state attackers are actively exploiting two zero-day vulnerabilities in security products made by Ivanti.β¦
Fidelity National Financial now says criminals got hold of data belonging to 1.3 million customers after breaking into its IT network in November.β¦
US hospitals will be required to meet basic cybersecurity standards before receiving federal funding, according to rules the White House is expected to propose in the next few weeks.β¦
Kettle Believe us, we wish there was a simple solution that could stop ransomware dead in its tracks for good.β¦
Ransomware victims already reeling from potential biz disruption and the cost of resolving the matter are now being subjected to follow-on extortion attempts by criminals posing as helpful security researchers.β¦
A key member of the ShinyHunters cybercrime group is facing three years in the slammer and being forced to return $5 million in criminal proceeds.β¦
Patch Tuesday Microsoft rang in the New Year with a relatively calm Patch Tuesday: Just 49 Windows security updates including fixes for two critical-rated bugs, plus four high-severity Chrome flaws in Microsoft Edge.β¦
Updated The SEC today said its Twitter account was hijacked to wrongly claim it had approved a bunch of hotly anticipated Bitcoin ETFs, causing the cryptocurrency to spike and then slip in price.β¦
A US Naval sailor will face more than two years behind bars after pleading guilty to taking bribes from Chinese spies in exchange for sensitive military information.β¦
Security researchers have put out an updated decryptor for the Babuk ransomware family, providing a free solution for victims of the Tortilla variant.β¦
SonicWall says it has observed thousands of daily attempts to exploit an Apache OFBiz zero-day for nearly a fortnight.β¦
The British Library is denying reports suggesting the recovery costs for its 2023 ransomware attack may reach highs of nearly $9 million as work to restore services remains ongoing.β¦
Infosec in brief We gather everyone's still easing themselves into the New Year. Deleting screens of unread emails, putting on a brave face in meetings, and slowly getting up to speed. While you're recovering from the Christmas break, Meta has been busy introducing fresh ways to monetize your web surfing habits while dressing it up as a user experience improvement.β¦
Opinion A general ban on ransomware payments, as was floated by some this week, sounds like a good idea. Eliminate extortion as a source of criminal income, and the attacks are undoubtedly going to drop.Β β¦
Extortionists are now threatening to swat hospital patients β calling in bomb threats or other bogus reports to the police so heavily armed cops show up at victims' homes β if the medical centers don'tΒ pay the crooks' ransom demands.β¦
The cybercriminal behind BreachForums was this week arrested for violating the terms of his pretrial release and will now be held in custody until his sentencing hearing.β¦
Russia's Sandworm crew appear to have been responsible for knocking out mobile and internet services to about 24 million users in Ukraine last month with an attack on telco giant Kyivstar.β¦
Miscreants took over security giant Mandiant's Twitter account for several hours on Wednesday in an attempt to steal cryptocurrency, then trolled the Google-owned security shop, telling its admins to change the password.β¦
23andMe users' godawful password practices were supposedly to blame for the biotech company's October data disaster, according to its legal reps.β¦
Updated A weak password exposed by infostealer malware is being blamed after a massive outage at Orange Spain disrupted around half of its network's traffic.β¦
Comment In some ways, the ransomware landscape in 2023 remained unchanged from the way it looked in previous years. Vendor reports continue to show a rise in attacks, major organizations are still getting hit, and the inherent issues that enable it as a business model remain unaddressed.β¦
Four Chinese balloons have reportedly floated over the Taiwan Strait, three of them crossing over the island's land mass and near its Ching-Chuan-Kang air base before disappearing, according to the Taiwan's defense ministry.β¦
Microsoft has disabled a protocol that allowed the installation of Windows apps after finding that miscreants were abusing the mechanism to install malware.β¦
One of America's biggest private freight shippers, Estes Express Lines, has told more than 20,000 customers that criminals stole their personal information.β¦
French IT services provider Atos has entered talks with Airbus to sell its tech security division in an effort to ease its financial burdens.β¦
Xerox has officially confirmed that a cyber baddie broke into the systems of its US subsidiary - a week after INC Ransom claimed to have exfiltrated data from the copier and print giant.β¦
Emsisoft has called for a complete ban on ransom payments following another record-breaking year of digital extortion.β¦
Updated Security researchers say info-stealing malware can still access victims' compromised Google accounts even after passwords have been changed.β¦
The court system of Victoria, Australia, was subject to a suspected ransomware attack in which audiovisual recordings of court hearings may have been accessed.β¦
US prosecutors do not plan to proceed with a second trial of convicted and imprisoned crypto-villain Sam Bankman-Fried (SBF), according to a Southern District of New York court letter filed on December 29.β¦
On Call Itβs the last Friday of 2023, but because the need for tech support never goes away neither does On Call, The Registerβs Friday column in which readers share their tales of being asked to fix the unfeasible, in circumstances that are often indefensible.β¦
Feature The same cybercrime crew broke into two high-profile Las Vegas casino networks over the summer, infected both with ransomware, and stole data belonging to tens of thousands of customers from the mega-resort chains.β¦
Kaspersky's Global Research and Analysis Team (GReAT) has exposed a previously unknown "feature" in Apple iPhones that allowed malware to bypass hardware-based memory protection.β¦
Infosec in brief Iranian cyberspies are targeting defense industrial base organizations with a new backdoor called FalseFont, according to Microsoft.β¦
Feature When AlphV/BlackCat's website went dark this month, it was like Chrimbo came early for cybersecurity defenders, some of whom seemingly believed law enforcement had busted one of the most menacing cyber criminal crews.β¦
Two British teens who were members of the Lapsus$ gang have been sentenced for their roles in a cyber-crime spree that included compromising Uber, Nvidia, and fintech firm Revolut, and also blackmailing Grand Theft Auto maker Rockstar Games.β¦
Security vendor Sonatype believes developers are failing to address the critical remote code execution (RCE) vulnerability in the Apache Struts 2 framework, based on recent downloads of the code.β¦
Mozilla last week revised its position on a web security technology called Trusted Types, which it has decided to implement in its Firefox browser.β¦
NASA's Office of Inspector General has run its eye over the aerospace agency's privacy regime and found plenty to like β but improvements are needed.β¦
IBM Security has dissected some JavaScript code that was injected into people's online banking pages to steal their login credentials, saying 50,000 user sessions with more than 40 banks worldwide were compromised by the malicious software in 2023.β¦
Cybercriminals are preying on the inherent helpfulness of hotel staff during the sector's busy holiday season.β¦
Updated Greater Manchester Police (GMP) must clear the backlog of hundreds of Freedom of Information (FOI) Act requests β some years old β or find itself in contempt of court.β¦