US authorities warn on China's new counter-espionage law
Almost anything you download from China could be considered spying, but at least one analyst isn't worried
Security03 Jul 2023 | 4
Security
Japan rebukes Fujitsu for cloud security fails
Asia In Brief PLUS: Philippines cyber-slave raid; South Korea’s crypto crackdown; AWS boosts Chinese exports; and more
Security03 Jul 2023 |
Us, hacked by LockBit? No, says TSMC, that would be our IT supplier
So, uh, who's gonna pay that $70M ransom?
Cyber-crime30 Jun 2023 | 2
Cops told: Er, no, you need a wiretap order if you want real-time Facebook snooping
Privacy: It's a Jersey Thing
Security30 Jun 2023 | 10
Life long cyber security learning
SANS training courses are scheduled for multiple locations across the EMEA region this Autumn
Sponsored Post
Quirky QWERTY killed a password in Paris
On Call Quelle tragédie – techie had to visit the city of lights twice to sort this one out
Security30 Jun 2023 | 280
Fujitsu admits it fluffed the fix for Japan’s flaky ID card scheme
Yet another snafu for digital services push
Security30 Jun 2023 | 25
Crook who stole $23m+ in YouTube song royalties gets five years behind bars
Claims he wants to stay in the music biz after time in a Sing Sing
Cyber-crime29 Jun 2023 | 26
It's 2023 and memory overwrite bugs are not just a thing, they're still number one
Cough, cough, use Rust. Plus: Eight more exploited bugs added to CISA's must-patch list
Research29 Jun 2023 | 41
Chinese balloon that US shot down was 'crammed' with American hardware
Blasted from the sky in February, device never transmitted photos, videos, or radar data it collected, officials say
CSO29 Jun 2023 | 67
Now Apple takes a bite out of encryption-bypassing 'spy clause' in UK internet law
Not the iPhone maker's first think-of-the-children rodeo
Security29 Jun 2023 | 117
Network security guy in extradition tug of war between US and Russia
Group-IB spinout confirms Kislitsin is wanted by both Washington and Moscow
Cyber-crime29 Jun 2023 | 7
Miscreants leak texts and info siphoned by Android stalkerware app LetMeSpy
Just as America's Supremes set a high bar for cyberstalking
Cyber-crime27 Jun 2023 | 9
Cops' total pwnage of 'secure' EncroChat nets 6,500+ arrests, €740m in funds – so far
Or so the Europlod says
Cyber-crime27 Jun 2023 | 11
Warning: JavaScript registry npm vulnerable to 'manifest confusion' abuse
Failure to match metadata with packaged files is perfect for supply chain attacks
Research27 Jun 2023 | 10
Tackling the cyber skills gap with AI
Why the future of cyber security could be fully autonomous where the AI works independently
Sponsored Feature
Cloud security advice and expertise at your fingertips
Join AWS, Google Cloud, Microsoft Azure, and SANS Institute for the Cloud Security Exchange 2023
Sponsored Post
American and Southwest Airlines pilot candidate data exposed
Time to start practising identity protection
Cyber-crime26 Jun 2023 | 2
Ex-FBI employee jailed for taking classified material home
Infosec in brief Also: a PII harvest at Dole's server farm, military members mailed mystery smartwatches, and this week's critical vulns
CSO26 Jun 2023 | 55
JP Morgan accidentally deletes evidence in multi-million record retention screwup
Fined $4m for Who-Me-esque mess, for which it blames unnamed archiving vendor's retention settings
CSO26 Jun 2023 | 51
Popular
JP Morgan accidentally deletes evidence in multi-million record retention screwup
Fined $4m for Who-Me-esque mess, for which it blames unnamed archiving vendor's retention settings
Canada plans brain drain of H-1B visa holders, with no-job, no-worries work permits
They're vetted, almost acculturated, and will be booted from the US if they lose their gig
Bosses face losing 'key' workers after forcing a return to office
Survey says most would prefer a gentle request
Rocky Linux claims to have found 'path forward' from CentOS source purge
Ripples rebounding and reflecting from Red Hat's rebuff of RHEL rebuilds
Chinese balloon that US shot down was 'crammed' with American hardware
Blasted from the sky in February, device never transmitted photos, videos, or radar data it collected, officials say
Microsoft, OpenAI sued for $3B after allegedly trampling privacy with ChatGPT
Where did they get the idea this bot was potentially spitting out personal info? Oh, from The Register
Way out in deep space, astronomers spot precursor of carbon based life
James Webb scope finds CH3+ – aka methyl cations – without which you probably wouldn't be reading this
Microsoft's GitHub under fire for DDoSing crucial open source project website
A tale of emergency firewalling, a little bit of victim blaming, and workflow scripts gone berserk
It's 2023 and memory overwrite bugs are not just a thing, they're still number one
Cough, cough, use Rust. Plus: Eight more exploited bugs added to CISA's must-patch list
Five billion phones are dead in drawers – carriers want to mine them
There's gold in them thar mobes. Also copper, silver and cobalt
STORIES
Google bug bounties inch closer to Microsoft's payouts
Chocolate Factory paid a record $12m in 2022
Security24 Jun 2023 | 8
UK cyberspies warn ransomware crews targeting law firms
Nation states will use you to get to your friends, says NCSC
CSO23 Jun 2023 | 8
Keep it schtum!
Ensuring communications stay secure
Webinar
Chinese malware intended to infect USB drives accidentally infects networked storage too
Hides itself from popular Asian AV, also uses games to do its dirty work
Security23 Jun 2023 | 23
US cyber ambassador says China knows how to steal its way to dominance of cloud and AI
Calls on governments to combat 'playbook' that propelled Huawei to prominence
Security23 Jun 2023 | 20
To kill BlackLotus malware, patching is a good start, but...
...that alone 'could provide a false sense of security,' NSA warns in this handy free guide for orgs
CSO22 Jun 2023 | 4
Now BlackCat extortionists threaten to leak stolen plastic surgery pics
Sharing a cancer patient's nude snaps earlier wasn't enough for these scumbags
Cyber-crime22 Jun 2023 | 10
The Log4j vulnerability – how can we all do better next time?
Accept there are some risks you don’t control but which nonetheless you can’t ignore
Sponsored Feature
Japan's digital ID card gets emergency review amid data leaks
PM wants response as urgent as that mustered for COVID-19
Security22 Jun 2023 | 12
A (cautionary) tale of two patched bugs, both exploited in the wild
One affects VMware's monitoring tool and the other TP-Link routers
Patches21 Jun 2023 | 8
Apple squashes kernel bug used by TriangleDB spyware
Snoops may be targeting macOS in addition to iPhones, Kaspersky says
Patches21 Jun 2023 | 3
FTC accuses DNA testing company of lying about dumping samples
1Health must strengthen protections for genetic information as part of settlement
CSO21 Jun 2023 | 4
Training in Spanish for cyber security pros
Sponsored Post
Oreo cookie maker says crooks gobbled up staff info
50K-plus employees' personal info swiped after law firm rolled
Cyber-crime20 Jun 2023 | 6
Reddit confirms BlackCat gang pinched some data
Crooks demand $4.5m to keep '80GB' of corp info private – and no API price hikes
Cyber-crime20 Jun 2023 | 4
Over 100,000 compromised ChatGPT accounts found for sale on dark web
UPDATED Cybercrooks hoping users have whispered employer secrets to chatbot
Cyber-crime20 Jun 2023 | 26
Data leak at major law firm sets Australia's government and elites scrambling
BlackCat attack sparks injunction preventing coverage of purloined docs
Security20 Jun 2023 | 24
Guess what happened to this US agency using outdated software?
Infosec in brief Also: Hackers target security researchers, MaaS model flourishing, and this week's vulnerabilities
Patches19 Jun 2023 | 16
Outsource to infill on cyber security
Automating, simplifying, and calling in external help can increase the chances of blocking and mitigating attacks
Sponsored Feature
With dead-time dump, Microsoft revealed DDoS as cause of recent cloud outages
Previous claims its own software updates were the issue remain almost, kinda, plausible
Security19 Jun 2023 | 20
Third MOVEit bug fixed a day after PoC exploit made public
Millions of people's personal info swiped, Clop leaks begin with 'Shell's stolen data'
Patches16 Jun 2023 | 18
LockBit suspect's arrest sheds more light on 'trustworthy' gang
Plus: Accused is innocent until proven guilty, but is known to be an Apple fan
Cyber-crime16 Jun 2023 | 10
Capita faces first legal Letter of Claim over mega breach
Barings Law claims 250 people that 'suspect' data theft signed up to class action
Cyber-crime16 Jun 2023 | 15
Microsoft: Russia sent its B team to wipe Ukrainian hard drives
WhisperGate-spreading Cadet Blizzard painted as haphazard but dangerous crew
Research16 Jun 2023 | 10
EU boss Breton: There's no Huawei that Chinese comms kit is safe to use in Europe
European Commission's own networks to toss Middle Kingdom boxes amid calls for total replacement
Security16 Jun 2023 | 55
US government hit by Russia's Clop in MOVEit mass attack
CISA chief tells us exploitation 'largely opportunistic', not on same level of SolarWinds
CSO15 Jun 2023 | 7
Chinese spies blamed for data-harvesting raids on Barracuda email gateways
Snoops 'aggressively targeted' specific govt, academic accounts
CSO15 Jun 2023 | 2
North Korea created very phishy evil twin of Naver, South Korea's top portal
Think of it as a fake Google tuned for credential capture and you'll understand why authorities want to kill it
Security15 Jun 2023 | 9
Decision to hold women-in-cyber events in abortion-banning states sparks outcry
'Many factors were considered,' WiCyS boss tells The Reg as (ISC)² suggests an end to 'girlfriend test' jargon
Security14 Jun 2023 | 130
LockBit victims in the US alone paid over $90m in ransoms since 2020
As America, UK, Canada, Australia and friends share essential bible to detect and thwart infections
CSO14 Jun 2023 | 2
Capita wins £50M fraud reporting contract with City of London cops
No, the irony isn't lost on us either
Security14 Jun 2023 | 22
Bringing security to account: why identity must be unified
As identity management becomes the new security perimeter, cyber risk underwriters want to see resilient IAM control ID sprawl
Sponsored Feature
Florida man insists he didn't violate the law by keeping Top Secret docs
Populist politician pleads not guilty at Miami arraignment
Security14 Jun 2023 | 449
June Patch Tuesday: VMware vuln under attack by Chinese spies, Microsoft kinda meh
Plus: Adobe, SAP and Android push updates
Patches13 Jun 2023 | 2
Last of the Gozi 3 sentenced over Windows info-stealing malware ops
Banking trojan still going strong as feds put bulletproof hosting point man behind bars
Cyber-crime13 Jun 2023 |
These Microsoft Office security signatures are 'practically worthless'
Updated Turns out it's easy to forge documents relying on OOXML
Research13 Jun 2023 | 13
Russia-Ukraine war sending shockwaves into cyber-ecosystem
Conflict could be first shooting war to deploy armies of ‘citizen hackers’ that cause at-risk organisations to rethink their defensive strategies
Sponsored Feature
UK telco watchdog Ofcom, Minnesota Dept of Ed named as latest MOVEit victims
As another CVE is assigned
Cyber-crime13 Jun 2023 | 12
China's cyber now aimed at infrastructure, warns CISA boss
Resilience against threats needs a boost
Security13 Jun 2023 | 2
India probes medical info 'leak' to Telegram
Asia In Brief PLUS: Vietnam's free domain names for youngsters; China's Cuba spy base; Hyundai and Samsung team for car chips; and more
Security13 Jun 2023 | 2
Unsealed: Charges against Russians blamed for Mt Gox crypto-exchange collapse
What a blast from the past, the past being a year before the pandemic
Cyber-crime12 Jun 2023 | 7
Fortinet squashes hijack-my-VPN bug in FortiOS gear
And it's already being exploited in the wild, probably
Patches12 Jun 2023 | 2
Posing as journalists, Pink Drainer pilfers $3.3M in crypto
First the interview, then the phishing attack
Cyber-crime12 Jun 2023 | 10
Microsoft stole our stolen dark web data, says security outfit
Suit claims Redmond took far more than allowed from Hold's 360M-credential database
Security12 Jun 2023 | 8
Lantum S3 bucket leak is prescription for chaos for thousands of UK doctors
Updated Freelance agency exposed personal details that would be highly valuable in the wrong hands
Cyber-crime12 Jun 2023 | 12
Hold it – another vulnerability found in MOVEit file transfer software
Infosec in brief Also, the FBI's $180k investment in AN0M keeps paying off, and this week's critical vulnerabilities
Cyber-crime12 Jun 2023 | 7
Online muggers make serious moves on unpatched Microsoft bugs
Win32k and Visual Studio flaws are under attack
Security09 Jun 2023 | 3
FBI: FISA Section 702 'absolutely critical' to spy on, err, protect Americans
No protection without surveillance?
Security09 Jun 2023 | 30
Ransomware scum hit Japanese pharma giant Eisai Group
Some servers encrypted in weekend attack, but product supply not affected
Cyber-crime09 Jun 2023 | 1
Seven steps for using zero trust to protect your multicloud estate
Your multicloud environment is complex. You need an uncompromising zero trust approach to manage and secure it.
Commissioned
Brit data watchdog fines sleazy sales ops £250K for 'bombarding' folk with calls
Crown Glazing and Maxen Power Supply fall foul of PECR
Security09 Jun 2023 | 25
Darkweb credit card marts in decline across Asia, researchers claim
India tops the charts for document theft
Security09 Jun 2023 | 1
Google changes email authentication after spoof shows a bad delivery for UPS
Google's blue tick proves untrustworthy
Security09 Jun 2023 | 27
Robot can rip the data out of RAM chips with chilling technology
'The more important a thing is for the world, the less security it has' says inventor
Security09 Jun 2023 | 21
North Korea's Lazarus Group linked to Atomic Wallet heist
Users' cryptocurrency wallets look unlikely to be refilled
Cyber-crime08 Jun 2023 | 6
Barracuda tells its ESG owners to 'immediately' junk buggy kit
That patch we issued? Yeah, it wasn't enough
Security08 Jun 2023 | 12
Google puts $1M behind its promise to detect cryptomining malware
If the chocolate factory's scans don't stop the miners, customers don't foot the bill
Security08 Jun 2023 | 4
New York City latest to sue Hyundai and Kia claiming their cars are too easy to steal
What started as a TikTok craze has become a 'public nuisance'
Security08 Jun 2023 | 29
Microsoft says share the wealth with cyber-info for business
It's better to take action than wait for attacks
Security08 Jun 2023 | 9
Helping Windows 11 fight the hackers
How Intel is using hardware-assisted security to beef up Microsoft OS protection
Sponsored Feature
UK government to set deadline for removal of Chinese surveillance cams
And compile a list of vendors considered threats to national security
Security08 Jun 2023 | 40
Deepfakes being used in 'sextortion' scams, FBI warns
AI technology raises the bar in an already troubling crime
Cyber-crime08 Jun 2023 | 22
Clop ransomware crew sets June extortion deadline for MOVEit victims
Plus: The Feds weigh in with advice, details
CSO07 Jun 2023 | 2
10 years after Snowden's first leak, what have we learned?
Feature Spies gonna spy
Security07 Jun 2023 | 36
Police use of PayPal records under fire after raid on 'Cop City' protest fund trio
Nearly anything can look like money laundering if you squint hard enough
Security06 Jun 2023 | 10
Malwarebytes may not be allowed to label rival's app as 'potentially unwanted'
Legal prof warns: 'This case is like a wrecking ball for internet law'
Security06 Jun 2023 | 53
US govt now bans TikTok from contractors' work gear
BYODALAINGTI (as long as it's not got TikTok installed)
CSO06 Jun 2023 | 11
Microsoft cops $20M slap on the wrist for mishandling kids' Xbox data
Pocket change, in other words
Security06 Jun 2023 | 4
Identity thieves can hunt us for 'rest of our lives,' claims suit after university data leak
Crooks steal Social Security numbers and post them on dark web, victims blame holes in Mercer's security
Cyber-crime06 Jun 2023 | 36
Taking the art of email security to the next level
AI is beefing up the cyber arsenals of both attackers and defenders
Sponsored Feature
SEC drops 42 cases after staff bungle data protection
Corporate watchdog fouled its info-separation regime, let the wrong people read sensitive docs
CSO06 Jun 2023 | 2
British Airways, Boots, BBC payroll data stolen in MOVEit supply-chain attack
Microsoft blames Russian Clop ransomware crew for theft of staff info
Cyber-crime05 Jun 2023 | 27
Crypto catastrophe strikes some Atomic Wallet users, over $35M thought stolen
Victims nursing huge losses haven't the foggiest how heist happened, yet
Security05 Jun 2023 | 22
Qbot malware adapts to live another day … and another …
Operators stay ahead of defenders with new access methods and C2 infrastructure
Research05 Jun 2023 | 3
Australian cyber-op attacked ISIL with the terrifying power of Rickrolling
Commanders in the field persuaded to give up, let their guard down, run around and desert their posts
Security05 Jun 2023 | 10
Toyota admits to yet another cloud leak
infosec in brief Also, hackers publish RaidForum user data, Google's $180k Chrome bug bounty, and this week's vulnerabilities
Security05 Jun 2023 | 6
Meet TeamT5, the Taiwanese infosec outfit taking on Beijing and defeating its smears
Living in the eye of the geopolitical storm is not easy, but is good for business
Security05 Jun 2023 | 2
Malaysia goes its own Huawei, won't ban Chinese vendor from 5G network
Country to have two networks as first buildout falls behind schedule
Security02 Jun 2023 | 22
Microsoft stashes nearly half a billion in case LinkedIn data drama hits
Irish regulators sniffing around Facebook-for-suits subsidiary have threatened fine
CSO02 Jun 2023 | 12
This malicious PyPI package mixed source and compiled code to dodge detection
Oh cool, something else to scan for
Security02 Jun 2023 | 11
Biting the hand that feeds IT
