News

Proving yet again that crims are bad at search hygiene

An Alabama man who SIM-swapped his way into the SEC's official X account, enabling a fake ETF announcement that briefly pumped Bitcoin, has been sentenced to 14 months in prison and three years of supervised release.…

Cybercriminals lifted info including addresses, ID numbers, and financial records from agency systems

A "significant amount of personal data" belonging to legal aid applicants dating back to 2010 in the UK was stolen by cybercriminals, the Ministry of Justice (MoJ) confirmed today.…

Enormous org has been hit by ransomware again and again, on multiple fronts, over the past year

Top cybersecurity officials within the UK government and the National Health Service (NHS) are asking CEOs of tech suppliers to pledge their allegiance to sound security by signing a public charter.…

PLUS: Euro-cops take down investment scammers; Fancy Bear returns to Ukraine; and more

Infosec In Brief  The Alabama state government is investigating an unspecified "cybersecurity event" that it said has affected some state systems, but didn't involve the theft of citizen's personal info.…

PLUS: South Korea signs for massive supercomputer; HCL gets into chipmaking; US tariffs slow APAC tech buying; and more

Asia In Brief  Chinese company Guoxing Aerospace last launched a dozen satellites, each packing a 744 TOPS of computing power, in the first step towards creating an orbiting constellation of 2,800 such satellites.…

Plus, Co-op tells The Reg: 'we took early and decisive action' to block the crooks

INTERVIEW  The call came into the help desk at a large US retailer. An employee had been locked out of their corporate accounts. …

ZKLP system allows apps to confirm user presence in a region without exposing exactly where

Computer scientists from universities in Germany, Hong Kong, and the United Kingdom have proposed a way to provide verifiable claims about location data without surrendering privacy.…

Phony LinkedIn recruitment ads? Groundbreaking

Chinese government snoops - hiding behind the guise of fake consulting companies - are actively trying to recruit the thousands upon thousands of US federal employees who have been fired since President Trump took office.…

Crooks must be licking their lips at the possibilities

Uncle Sam's consumer watchdog has scrapped plans to implement Biden-era rules that would've treated certain data brokers as credit bureaus, forcing them to follow stricter laws when flogging Americans' sensitive data.…

'We hope it makes attendees feel safe reporting violations'

A Seattle court this week dismissed with prejudice the defamation case brought against DEF CON and its organizer Jeff Moss by former conference stalwart Christopher Hadnagy.…

The tech biz was in the process of dropping the payroll company as it learned of the breach

EXCLUSIVE  A ransomware attack at a Middle Eastern subsidiary of payroll company ADP has led to customer data theft at Broadcom, The Register has learned.…

We suspect Philippe Salle will need it, not to mention staff and customers

If at first you don't succeed, transform, transform, and transform again is the corporate motto at Atos these days. The lumbering French-based megacorp has created another blueprint to return to its glory days, and it includes job cuts, offshoring and... AI.…

AI attacks are keeping most practitioners up at night, says Darktrace, and with good reason

Sponsored feature  From the written word through to gunpowder and email, whenever an enabling technology comes along, you can be sure someone will be ready to use it for evil. Most tech is dual-use, and AI is no exception.…

They're smishing, they're vishing

The FBI has warned that fraudsters are impersonating "senior US officials" using deepfakes as part of a major fraud campaign.…

Entire process took less than five minutes, prosecutors say

A former DoorDash driver has pleaded guilty to participating in a $2.59 million scheme that used fake accounts, insider access to reassign orders, and bogus delivery reports to trigger payouts for food that was never delivered.…

DragonForce-riding ransomware ring also has 'shiny object syndrome' so will likely move on to another sector soon

Interview  The same miscreants behind recent cyberattacks on British retailers are now trying to dig their claws into major American retailers' IT environments – and in some cases even deploying ransomware, according to Google.…

One expert tells us: 'It is the most unique breach disclosure I've ever seen'

Coinbase says some of its overseas support staff were paid off to steal information on behalf of cybercriminals, and the company is now being extorted for $20 million.…

Sometimes, less information is more

In its latest gambit to reduce the noise of unnecessary security alerts, Socket has acquired Coana, a startup founded in 2022 by researchers from Aarhus University in Denmark that tells users which vulnerabilities they can safely ignore.…

Lessons learned from last year's security snafu

interview  Being the chief information security officer at Snowflake is never an easy job, but last spring it was especially challenging.…

Would you believe it, this RaaS cartel says Russia is off limits

DragonForce, a new-ish ransomware-as-a-service operation, has given organizations another cyber threat to worry about — unless they’re in Russia, which is off limits to the would-be extortionists.…