Webinar Every organization needs a full set of data recovery tools. The sort that will get you back up and running quickly after a ransomware attack, outage, or accidental data deletion. And it's best to be prepared in advance rather than deal with the data disaster face to face when it happens.β¦
Data loss β particularly from ransomware attacks β has always been a costly proposition for enterprises. However, the price organizations have to pay is going up, not only in terms of the ransom demanded but also for the cost of investigating attacks and the lawsuits that increasingly follow in the wake of such breaches.β¦
The Kremlin-backed threat group APT28 is flooding Ukrainian government agencies with email messages about bogus Windows updates in the hope of dropping malware that will exfiltrate system data.β¦
Warrantless searches of US residents' communications by the FBI dropped sharply last year β from about 3.4 million in 2021 to 119,383 in 2022, according to Uncle Sam.β¦
German IT services provider Bitmarck has shut down all of its customer and internal systems, including entire datacenters in some cases, following a cyberattack.Β β¦
Sponsored Feature There's no question that fast-feedback software delivery offers multiple advantages by streamlining processes for developers. But in software development, as in life, there is no such thing as a free lunch.β¦
in brief You may have heard news this week that Google is finally updating its authenticator app to add Google account synchronization. Before you rush to ensure your two-factor secrets are safe in the event you lose your device, take heed: The sync process isn't end-to-end encrypted.β¦
Who, Me? Welcome once again, gentle reader, to the safe space we call Who, Me? in which Reg readers can confess to the naughty or not-quite-competent things they did at work, knowing they will not be judged.β¦
China has 50 hackers for every one of the FBI's cyber-centric agents, the Bureau's director told a congressional committee last week.β¦
Wikipedia won't be age-gating its services no matter what final form the UK's Online Safety Bill takes, two senior folks from nonprofit steward the Wikimedia Foundation said this morning.β¦
Google said it obtained a court order to shut down domains used to distribute CryptBot after suing the distributors of the info-stealing malware.β¦
Microsoft is rewriting core Windows libraries in the Rust programming language, and the more memory-safe code is already reaching developers.β¦
You might want to think twice before typing anything into Microsoft's Edge browser, as an apparent bug in a recent release of Redmond's Chromium clone appears to be funneling URLs you visit back to the Bing API.β¦
The US government is aggressively pursuing three men accused of wide-ranging and complex conspiracies of laundering stolen and illicit cryptocurrency that the North Korean regime used to finance its massive weapons programs.β¦
Sponsored Feature Change in the tech industry is usually evolutionary, but perhaps more interesting are the exceptions to this rule β the microprocessor in 1968, the IBM PC in 1981, the web in 1989, the smartphone in 2007. These are the technologies whose appearance began new eras that completely reshaped the industry around them.β¦
Apache Superset until earlier this year shipped with an insecure default configuration that miscreants could exploit to login and take over the data visualization application, steal data, and execute malicious code.β¦
RSA Conference A group of some of the largest operational technology companies are using this year's RSA Conference as an opportunity to launch an open source early-threat-warning system designed for OT and industrial control systems (ICS) environments.Β β¦
Ransomware spreaders have built a handy tool that abuses an out-of-date Microsoft Windows driver to disable security defenses before dropping malware into the targeted systems.β¦
In Brief We thought it was probably the case when the news came out, but now it's been confirmed: The X_Trader supply chain attack behind the 3CX compromise last month wasn't confined to the telco developer.β¦
Asia In Brief Chinese scientists have estimated the mass of the Milky Way.β¦
Europe's air-traffic agency appears to be the latest target in pro-Russian miscreants' attempts to disrupt air travel.β¦
Microsoft has partnered with organizations around the globe to bring more women into infosec roles, though the devil is in the details.β¦
An international group of law enforcement agencies are urging Meta not to standardize end-to-end encryption on Facebook Messenger and Instagram, which they say will harm their ability to fight child sexual abuse material (CSAM) online.β¦
Sponsored Post Digital patient medical records now cover a whole gamut of sensitive details such as clinical diagnoses/treatments, prescriptions, personal finances and insurance policies. Which makes keeping them safe more important than ever.β¦
On Call Itβs always twelve oβclock somewhere, the saying goes, but Friday comes around but once a week and only this day does The Register offer a fresh instalment of On Call, our reader-contributed tales of tech support torture and turmoil.β¦
Business process outsourcing and tech services player Capita says there is proof that some customer data was scooped up by cyber baddies that broke into its systems late last month.β¦
The supply-chain attack against 3CX last month was caused by an earlier supply-chain compromise of a different software firm β Trading Technologies β according to Mandiant, whose consulting crew was hired by 3CX to help the VoIP biz investigate the intrusion.β¦
Sponsored Feature For some time now, alerts concerning the utilisation of AI by cybercriminals have been sounded in specialist and mainstream media alike β with the set-to between AI-armed attackers and AI-protected defenders envisaged in vivid gladiatorial terms.β¦
Sponsored Post Some of the most famous cyber attacks in history have been directed against Industrial Control Systems (ICS).β¦
The Medusa ransomware gang has put online what it claims is a massive leak of internal Microsoft materials, including Bing and Cortana source code.β¦
Six years after a jury decided otherwise, Google has convinced an appeals court to reverse a $20 million patent judgment against the web giant.β¦
Analysis Israeli spyware shop QuaDream is reportedly shutting down due to financial troubles.β¦
Developers who use GitHub Actions to build software packages for the npm registry can now add a command flag that will publish details about the code's origin.β¦
Webinar There's nothing complicated about the statistics released in Sysdig's latest report. They're alarming and should keep many an IT team up at night.β¦
Four US citizens have been accused of working on behalf of the Russian government to push pro-Kremlin propaganda and unduly influence elections in Florida.β¦
The UK and US governments have sounded the alarm on Russian intelligence targeting unpatched Cisco routers to deploy malware and carry out surveillance.β¦
Security researchers and analysts can now search Microsoft's Threat Intelligence Defender database using file hashes and URLs when pulling together information for network intrusion investigations and whatnot.β¦
Updated Two execs and a multinational payment processing company must pay $650k to the US government, says the FTC, which accuses them of knowingly processing credit card payments for Microsoft-themed support scammers.β¦
Several police forces in Britain are being put on the naughty step by the UK's data watchdog for using a calling app that recorded hundreds of thousands of phone conversations and illegally retained that data.β¦
The UKβs chartered institute for IT has slammed proposed legislation that could see the government open a βback doorβ to encrypted messaging.β¦
Black Basta, the extortionists who claimed they were the ones who lately broke into Capita, have reportedly put up for sale sensitive details, including bank account information, addresses, and passport photos, stolen from the IT outsourcing giant.β¦
The United States Department of Justice has charged 44 people over schemes prosecutors allege were run by Chinaβs National Police to silence opponents of the Communist Party of China.β¦
An Australian military helicopter crash was reportedly caused by failure to apply a software patch, with a hefty side serving of pilot error.β¦
LockBit has developed ransomware that can encrypt files on Arm-powered Macs, said to be a first for the prolific cybercrime crew.Β β¦
A recruitment business that sent out an eye watering 107 million spam emails is now nursing a Β£130,000 ($161,000) fine from Britainβs data watchdog.β¦
Opinion Most data theft does clear harm to the victim, and often to its customers. But while embarrassing, the cyberattack against MSI in which source code was said to be stolen is harder to diagnose. It looks like a valuable company asset that's cost a lot to develop. That its theft may be no loss is a weird idea. But then, firmware is weirder than we give it credit for. It's even hard to say exactly what it is.β¦
Who, Me? Welcome once more to Who Me? The Registerβs confessional column in which readers admit to being the source of SNAFUs.β¦
In brief Google on Friday released an emergency update for Chrome to address a zero-day security flaw.β¦
Special report United Nations negotiators convened this week in Vienna, Austria, to formulate a draft cybercrime treaty, and civil society groups are worried.β¦
A suspected Nigerian fraudster is scheduled to appear in court Friday for his alleged role in a $6 million plot to scam businesses via email.β¦
Integrating the Local Administrator Password Solution (LAPS) into Windows and Windows Server that came with updates earlier this week is causing interoperability problems with what's called legacy LAPS, Microsoft says.β¦
As Elon Musk tears at Twitter's credibility by demanding businesses and individuals pay for their blue verification checks, Microsoft is pushing its own free digital ID tech to companies and their employees on LinkedIn.β¦
The Spectre vulnerability that has haunted hardware and software makers since 2018 continues to defy efforts to bury it.β¦
To improve security, the cybersecurity industry needs to follow the aviation industry's shift from a blame culture to a "just" culture, according to ISACA director Serge Christiaans.β¦
The FBI has detained a 21-year-old Air National Guardsman suspected of leaking a trove of classified Pentagon documents on Discord.β¦
AT&T is "concealing vital cybersecurity reporting" about its FirstNet phone network for first responders and the US military, according to US Senator Ron Wyden (D-OR), who said the network had been dubbed unsafe by CISA.β¦
Criminals posing as law enforcement agents of the Chinese government are shaking down Chinese nationals living the United States by accusing them of financial crimes and threatening to arrest or hurt them if they don't pay, according to the FBI.β¦
Webinar There's nothing like reading a report based on real world data to give IT teams an fresh sense of priority.β¦
The CEO of VoIP software provider 3CX has teased the imminent release of a security-focused upgrade to the companyβs progressive web application client.β¦
Bots like ChatGPT may not be able to pull off the next big Microsoft server worm or Colonial Pipeline ransomware super-infection but they may help criminal gangs and nation-state hackers develop some attacks against IT, according to Rob Joyce, director of the NSA's Cybersecurity Directorate.β¦