China has attacked critical infrastructure organizations in the US using a "living off the land" attack that hides offensive action among everyday Windows admin activity.β¦
Google Play has been caught with its cybersecurity pants down yet again after a once-legit Android screen-and-audio recorder app was updated to include malicious code that listened in on device microphones.β¦
The Philadelphia Inquirer has punched back at the Cuba ransomware gang after the criminals leaked what they said were files stolen from the newspaper.β¦
A former IT security analyst at Oxford Biomedica has admitted, five years after the fact, to turning to the dark side β by hijacking a cyber attack against his own company in an attempt to divert any ransom payments to himself.β¦
When businesses go shopping for IT services, North Korea-controlled companies probably struggle to make it into many lists.β¦
Personal and financial data describing almost 1.9 million Apria Healthcare patients and employees may have been accessed by crooks who breached the company's networks over a series of months in 2019 and 2021.β¦
Dish Network has admitted that a February cybersecurity incident and associated multi-day outage led to the extraction of data on nearly 300,000 people, while also appearing to indirectly admit it may have paid cybercriminals to delete said data.β¦
TikTok, the social video platform used by around 150 million people in the US, is set to hand access to its source code, algorithm and content moderation material to Oracle in a bid to allay data protection and national security concerns stateside.β¦
The FBI has issued a warning about fake job ads that recruit workers into forced labor operations in Southeast Asia β some of which enslave visitors and force them to participate in cryptocurrency scams.β¦
US memory-maker Micron has no idea why Chinese authorities have decided its products represent a security risk, or which customers it's not allowed to sell to.β¦
Uncle Sam announced its commenced over 4,000 legal actions in three months β mostly harshly worded letters β to rein in "money mules" involved in romance scams, business email compromise, and other fraudulent schemes.β¦
in brief Google has settled another location tracking lawsuit, yet again being fined a relative pittance.β¦
The bad news train keeps rolling for Capita, with more local British councils surfacing to say their data was put on the line by an unsecured AWS bucket, and, separately, pension clients warning of possible data theft in March's mega breach.β¦
Sponsored Post Cyber criminals never stop learning so nor should you. Fresh security hacks are being concocted and deployed every week, so it's a good idea for cyber security professionals to pool their knowledge when working out how best to defend against them.β¦
Who, Me? Wait? What? Is it Monday already? Not to fear, gentle readerfolk, for Uncle Reg is here with another instalment of Who, Me? β tales of readers having a much worse day than you. Enjoy the schadenfreude.β¦
An 18-year-old Wisconsin man has been charged with allegedly playing a central role in the theft of $600,000 from DraftKings customer accounts.β¦
A Russian IT worker accused of participating in pro-Ukraine denial of service attacks against Russian government websites has been sentenced to three years in a penal colony and ordered to pay 800,000 rubles (about $10,000).Β β¦
Biometrics and surveillance camera commissioner Professor Fraser Sampson has warned that independent oversight of facial recognition is at risk just as the policing minister plans to "embed" it into the force.β¦
Apple has issued a bushel of security updates and warned that three of the flaws it's fixed are under active attack.β¦
Cisco rolled out patches for four critical security vulnerabilities in several of its network switches for small businesses that can be exploited to remotely hijack the equipment.β¦
Microsoft wants to take the decision of which multi-factor authentication (MFA) method to use out of the users' hands and into its own.β¦
PharMerica, one of the largest pharmacy service providers in the US, has revealed its IT systems were breached β and it's feared the intruders stole personal and healthcare data belonging to more than 5.8 million past customersβ¦
The FBI and friends have warned organizations to "strictly limit the use of RDP and other remote desktop services" to avoid BianLian infections and the ransomware gang's extortion attempts that follow the data encryption.β¦
Capita is facing criticism about its security hygiene on a new front after an Amazon cloud bucket containing benefits data on residents in a south east England city council was left exposed to the public web.β¦
Comment In early May, Google Domains added support for eight new top-level domains, two of which β .zip, and .mov β raised the hackles of the security community.β¦
A new-ish messaging service that claimed to put privacy first has pulled its end-to-end encryption claims from its website and its app from both the Apple and Google software stores after being called out online.β¦
Business is very good for affiliates of the Qilin ransomware-as-a-service (RaaS) group, which is very bad for the rest of us.β¦
The Feds have sanctioned a Russian national accused of using LockBit, Babuk, and Hive ransomware to extort a law enforcement agency and nonprofit healthcare organization in New Jersey, and the Metropolitan Police Department in Washington DC, among "numerous" other victim organizations in the US and globally.β¦
A US Department of Transportation computer system used to reimburse federal government employees for commuting costs somehow suffered a security breach that exposed the personal info for 237,000 current and former workers.β¦
Sponsored Post Eminent US businessman Norman Ralph Augustine - who served as United States Under Secretary of the Army, as well as chairman and CEO of the Lockheed Martin Corporation - pointed to the importance of audit and compliance when he famously commented: "Two-thirds of the Earth's surface is covered with water. The other third is covered with auditors from headquarters."β¦
Police have arrested 69 people alleged to have used bots to book up nearly all of Spain's available appointments with immigration officials, and then sold those meeting slots for between β¬30 and β¬200 ($33 to $218) to aspiring migrants.β¦
A VoIP provider was at the heart of billions of robocalls made over the past five years that broke a slew of US regulations, from enabling telemarketing scams to calling numbers on the National Do Not Call Registry, it is claimed.β¦
False alarm: despite a patch notes suggesting otherwise, that mysterious blob of microcode released for many Intel microprocessors last week was not a security update, the x86 giant says.β¦
A cyber "incident" stopped The Philadelphia Inquirer's presses over the weekend, halting the Sunday edition's print edition and shutting down the newspaper's offices to staff until at least Tuesday.β¦
Video Presenting at Black Hat Asia 2023, two infosec researchers detailed how remote updates can be exploited to modify voltage on a Supermicro motherboard and remotely brick machines.β¦
Microsoft's decision to block internet-sourced macros by default last year is forcing attackers to find new and creative ways to compromise systems and deliver malware, according to threat researchers at Proofpoint.β¦
Who Me? Welcome once again to the horrors of Monday, dear reader. But fear not β The Register is here to cushion the blow of the working week's resumption with a instalment of Who, Me?, our reader-contributed stories of tech gone awry.β¦
Ransomware actors aim to spend the shortest amount of time possible inside your systems, and that means the encryption they employ is shoddy and often corrupts your data. That in turn means restoration after paying ransoms is often a more expensive chore than just deciding not to pay and working from our own backups.β¦
Black Hat Asia Arm issued a statement last Friday declaring that a successful side attack on its TrustZone-enabled Cortex-M based systems was "not a failure of the protection offered by the architecture."β¦
in brief Japanese automaker Toyota has admitted yet again to mishandling customer data β this time saying it exposed information on more than two million Japanese customers for the past decade, thanks to a misconfigured cloud environment.Β β¦
European police arrested three people in Belgrade described as "the biggest" drug lords in the Balkans in what cops are chalking up to another win in dismantling Sky ECC's encrypted messaging app last year.β¦
Microsoft in March fixed an interesting security hole in Outlook that was exploited by miscreants to leak victims' Windows credentials. This week the IT giant fixed that fix as part of its monthly Patch Tuesday update.β¦
Nickolas Sharp has been sentenced to six years in prison and ordered to pay almost $1.6 million to his now-former employer Ubiquiti β after stealing gigabytes of corporate data from the biz and then trying to extort almost $2 million from his bosses while posing as an anonymous hacker.β¦
Universities Superannuation Scheme, the UKβs largest private pension provider, says Capita has warned that details of almost half a million members were held on servers accessed during the recent breach.β¦
We hear Privacy International and a few other campaign groups set up camp outside Capita's AGM in London yesterday protesting Capita's involvement as an outsourcer in a UK government GPS tracking contract.β¦
The UK's National Crime Agency has partially won an important legal battle in a case that challenged the warrants used to obtain messages from cyber crook hangout EncroChat.β¦
India's IT minister Rajeev Chandrasekhar will ask WhatsApp to explain what's up, after the Meta-owned messaging service experienced a dramatic increase in spam calls.β¦
US voting machines would undergo deeper examination for computer security holes under proposed bipartisan legislation.β¦
Black Hat Asia Miscreants have infected millions of Androids worldwide with malicious firmware before the devices even shipped from their factories, according to Trend Micro researchers at Black Hat Asia.β¦
Cloud services providers that aren't based in Europe βΒ like the Big Three β may have to team up with a cloud that is operated and maintained from the EU if they want ENISA's stamp of approval for handling sensitive data.β¦
Exclusive Software supply chain management biz Sonatype has laid off 14 percent of its global workforce, according to internal documents seen by The Register.β¦
Updated Twitter has rolled out some quality of life updates for direct messages on the platform, and CEO Elon Musk reckons the site is to start encrypting DMs, beginning today, without providing proof that's the case.β¦
Sponsored Microsoft 365 has worked its way into so many facets of our organizations that it can be hard to imagine what life would be like without it.β¦
A 23-year-old British citizen has confessed to "multiple schemes" involving computer crimes, including playing a part in the July 2020 Twitter attack that saw the accounts of Amazon CEO Jeff Bezos, Kanye West, and former President Barack Obama hijacked by an unidentified crew.β¦
Britain's leaky outsourcing behemoth Capita is warning investors that the clean-up bill for its recent digital break-in will cost up to Β£20 million ($25.24 million).β¦
Japan's minister for digital transformation and digital reform, Taro Kono, has apologized after a government app breached citizens' privacy.β¦
Patch Tuesday May's Patch Tuesday brings some good and some bad news, and if you're a glass-half-full type, you'd lead off with Microsoft's relatively low number of security fixes: a mere 38.β¦
The FBI has cut off a network of Kremlin-controlled computers used to spread the Snake malware which, according to the Feds, has been used by Russia's FSB to steal sensitive documents from NATO members for almost two decades.β¦
Microsoft is hoping to curb a growing threat to multi-factor authentication (MFA) by enforcing a number-matching step for those using Microsoft Authenticator push notifications when signing into services.β¦
Tired of working for an egomaniacal startup boss or dull enterprise biz? A new org has been proposed called the Tech Lab, where you'd investigate the worst kinds of surveillance by governments on their citizens. In which despotic state, you ask? Surprise! You could base yourself in any European city.β¦