Login
Stanford University says the cybersecurity incident it dealt with last year was indeed ransomware, which it failed to spot for more than four months.β¦
Sponsored Feature The world is filled with choices. Whether it's the 20 different types of shampoo on offer at the grocery store, or the dozens of Linux distros you can try for free, you can have it all.β¦
Boffins have managed to pry open closed AI services from OpenAI and Google with an attack that recovers an otherwise hidden portion of transformer models.β¦
Patch Tuesday Microsoft's monthly patch drop has arrived, delivering a mere 61 CVE-tagged vulnerabilities β none listed as under active attack or already known to the public.β¦
An ex-Meta veep has been sued by his former bosses for "brazenly disloyal and dishonest conduct" β and by that, they mean he allegedly stole confidential documents to help him build and recruit colleagues for an AI cloud startup.Β β¦
US President Joe Biden has asked Congress to approve an extra $103 million in funding for the Cybersecurity and Infrastructure Security Agency, bringing CISA's total budget to $3 billion.β¦
Last week, we wrote about how security outfit Rapid7 threw JetBrains, the company behind the popular CI/CD platform TeamCity, under the bus over allegations of silent patching. Now, JetBrains has gone on the offensive.β¦
Leicester City Council says IT systems and a number of its critical service phone lines will remain down until later this week at the earliest following a "cyber incident".β¦
Several French government websites have been disrupted by a severe distributed denial of service attack.β¦
The Biden administration and US lawmakers are turning up the pressure on UnitedHealth group to ease medical providers' pain after the ransomware attack on Change Healthcare, by expediting payments to hospitals, physicians and pharmacists β among other tactics.β¦
The Kremlin has accused the United States of meddling in Russia's upcoming presidential election, and even accused Uncle Sam of planning a cyberattack on the country's online voting system.β¦
The British Library says legacy IT is the overwhelming factor delaying efforts to recover from the Rhysida ransomware attack in late 2023.β¦
The UK's Information Commissioner's Office (ICO) has opened a consultation on "consent or pay" business models. We're sure readers of The Register will have a fair few things to say.β¦
Infosec in brief Cybersecurity researchers informed Microsoft that Notorious North Korean hackers Lazarus Group discovered the "holy grail" of rootkit vulnerabilities in Windows last year, but Redmond still took six months to patch the problem.β¦
There's yet another group of miscreants out there hijacking insecure Ivanti devices: A new, financially motivated gang dubbed Magnet Goblin has emerged from the shadowy digital depths with a knack for rapidly exploiting newly disclosed vulnerabilities before vendors have issued a fix.β¦
Microsoft has now confirmed that the Russian cyberspies who broke into its executives' email accounts stole source code and gained access to internal systems. The Redmond giant also characterized the intrusion as "ongoing."β¦
Change Healthcare has taken the first steps toward a full recovery from the ransomware attack in February by bringing its electronic prescription services back online.β¦
Millions of Chrome users now have a way to guard against the threat of extension subversion, that is, if they don't mind installing yet another browser extension.β¦
The Swiss government had around 65,000 files related to it stolen by the Play ransomware gang during an attack on an IT supplier, its National Cyber Security Center (NCSC) says.β¦
Online graphic design platform Canva went looking for security problems in fonts, and found three β in "strange places."β¦
The US government and some of the largest open source foundations and package repositories have announced a series of initiatives intended to improve software supply-chain security, while also repeating calls for developers to increase support for such efforts.β¦
A group of 41 US state attorneys general, tired of serving as a customer complaint clearinghouse for Facebook and Instagram users, have sent a letter to Meta asking it to figure out how to reduce a "dramatic and persistent spike" in account takeovers.β¦
A criminal claiming to be an ALPHV/BlackCat affiliate β the gang responsible for the widely disruptive Change Healthcare ransomware infection last month βΒ may have ties to Chinese government-backed cybercrime syndicates.β¦
Security researchers are increasingly seeing active exploit attempts using the latest vulnerabilities in JetBrains' TeamCity that in some cases are leading to ransomware deployment.β¦
Belgian beer brewer Duvel says a ransomware attack has brought its facility to a standstill while its IT team works to remediate the damage.β¦
Hypervisors are supposed to provide an inviolable isolation layer between virtual machines and hardware. But hypervisor heavyweight VMware by Broadcom yesterday revealed its hypervisors are not quite so inviolable as it might like.β¦
Stolen ChatGPT credentials are a hot commodity on the dark web, according to Singapore-based threat intelligence firm Group-IB, which claims to have found some 225,000 log files containing login details for the service last year.β¦
A group of US lawmakers introduced legislation on Tuesday that, if passed, would force Chinese internet concern ByteDance to divest TikTok β its most valuable property β or see it banned in the US.β¦
Google has been accused of profiting from gift card scams.β¦
A now-former Google employee has been charged with stealing the ad giantβs AI trade secrets while quietly working for two Chinese companies β after easily defeating whatever security controls Big G had in place.β¦
Digital crimes potentially cost victims more than $12.5 billion last year, according to the FBI's latest Internet Crime Complaint Center (IC3) annual report.Β β¦
Apple's latest security patches address four vulnerabilities affecting iOS and iPadOS, including two zero-days that intel suggests attackers have already exploited.β¦
Outsourcing giant Capita today reported a net loss of Β£106.6 million ($135.6 million) for calendar 2023, with the costly cyberattack by criminals making a hefty dent in its annual financials.β¦
SEMI, an industry association representing 3,000 chip vendors, would really appreciate it if the European Union would back off plans to impose export controls on China, arguing that they should only be used as a "last resort" to protect national security.β¦
Japan's government has ordered local tech giants LINE and NAVER to disentangle their tech stacks, after a data breach saw over 510,000 users' data exposed.β¦
The US government has stepped in to help hospitals and other healthcare providers affected by the Change Healthcare ransomware infection, offering more relaxed Medicare rules and urging advanced funding to providers.β¦
Criminals have probably stolen nearly 30,000 Fidelity Investments Life Insurance customers' personal and financial information β including bank account and routing numbers, credit card numbers and security or access codes β after breaking into Infosys' IT systems in the fall.β¦
Yet another US military man is facing a potentially significant stretch in prison after allegedly sending secret national defense information (NDI) overseas.β¦
Video and audio calling features for X Premium users added last year to Elon Musk's version of Twitter have been expanded to everyone on the platform, and FYI: It may reveal your IP address to those you're nattering away to.β¦
Updated Security shop Rapid7 is criticizing JetBrains for flouting its policy against silent patching regarding fixes for two fresh vulnerabilities in the TeamCity CI/CD server.β¦
Typically it is energy improvement peddlers or debt help specialists that are disgraced by Britain's data watchdog for spamming unsuspecting households, but the latest entrant in the hall of shame is a charity.β¦
Cloudflare has tweaked its web application firewall (WAF) to add protections for applications using large language models.β¦
A security failure at a third-party vendor exposed an untold number of American Express card numbers, expiry dates, and other data to persons unknown.β¦
ALPHV/BlackCat, the gang behind the Change Healthcare cyberattack, has received more than $22 million in Bitcoin in what might be a ransomware payment.β¦
North Korean government spies have broken into the servers of at least two chipmakers and stolen product designs as part of attempts to spur Kim Jong Un's plans for a domestic semiconductor industry, according to Seoul's security agency.β¦
The German Ministry of Defense (Bundeswehr) has confirmed that a recording of a call between high-ranking officials discussing war efforts in Ukraine, leaked by Russian media, is legitimate.β¦
Global law enforcement authorities' attempts to shutter the LockBit ransomware crew have sparked a fresh call for a ban on ransomware payments to perpetrators.β¦
Opinion The best cop shows excel at mind games: who's tricking whom, who really wins, and what price they pay. A twist of humor adds to the drama and keeps us hooked. It's rare enough in real life, far less so in the grim meat grinder of cybersecurity, yet sometimes it happens. It's happening right now.β¦
Infosec in brief The infamous LockBit ransomware gang has been busy in the ten days since an international law enforcement operation took down many of its systems. But despite its posturing, the gang might have suffered more than it's letting on.β¦
Feature Two US intelligence bigwigs last week issued stark warnings about foreign threats to American election integrity and security β and the nation's ability to counter these adversaries.β¦
Updated Jack Teixeira, the Air National Guardsman accused of leaking dozens of classified Pentagon documents, is expected to plead guilty in a US court on Monday.β¦
NSO Group, the Israel-based maker of super-charged snoopware Pegasus, has been ordered by a federal judge in California to share the source code for "all relevant spyware" with Meta's WhatsApp.β¦
The US Department of Justice has unsealed an indictment accusing an Iranian national of a years-long campaign that compromised hundreds of thousands of accounts and attempting to infiltrate US defense contractors and multiple government agencies.β¦
Webinar The quantum threat might seem futuristic, more like something you'd encounter in a science fiction film. But it's arguably already a danger to real cyber security defences.β¦
The UK's Information Commissioner's Office has put the West Midlands Police (WMP) on the naughty step after the force was found to have repeatedly mixed up two people's personal data for years.β¦
Webinar Dealing with cyber security incidents is an expensive business. Each data breach costs an estimated $4.35 million on average and it's not as if the volume of cyber attacks is falling - last year, they rose by 38 percent according to Google Cloud.β¦
NTT West president Masaaki Moribayashi announced his resignation on Thursday, effective at the end of March, in atonement for the leak of data pertaining to 9.28 million customers that came to light last October.β¦
A malware distribution campaign that began last May with a handful of malicious software packages uploaded to the Python Package Index (PyPI) has spread to GitHub and expanded to reach at least 100,000 compromised repositories.β¦
More than 130 petitions seeking access to push notification metadata have been filed in US courts, according to a Washington Post investigation β a finding that underscores the lack of privacy protection available to users of mobile devices.β¦
The Biden Administration has asked a court, rather than Congress, to renew controversial warrantless surveillance powers used by American intelligence and due to expire within weeks. It's a move that is either business as usual or an end-run around spying reforms, depending on who in Washington you believe.β¦
FreshRSS