News

Enterprise tech dominates zero-day exploits with no signs of slowdown

The Register - Tue, 29/04/2025 - 18:02
As Big Tech gets used to the pain, smaller vendors urged to up their game
Categories: News

China now America's number one cyber threat – US must get up to speed

The Register - Tue, 29/04/2025 - 16:02
Former Rear Admiral calls for National Guard online deployment and corporates to be held accountable

RSAC  Russia used to be considered America's biggest adversary online, but over the past couple of years China has taken the role, and is proving highly effective at it.…

Categories: News

Infosec pros tell Trump to quit bullying Chris Krebs – it's undermining security

The Register - Tue, 29/04/2025 - 14:15
Top voices warn that political retaliation puts democracy and national defense at risk

The Electronic Frontier Foundation (EFF) and numerous infosec leaders are lobbying US President Donald Trump to drop his enduring investigation into Chris Krebs, claiming that targeting the former CISA boss amounts to bullying.…

Categories: News

China is using AI to sharpen every link in its attack chain, FBI warns

The Register - Tue, 29/04/2025 - 12:34
Artificial intelligence is helping Beijing's goons break in faster and stay longer

RSAC  The biggest threat to US critical infrastructure, according to FBI Deputy Assistant Director Cynthia Kaiser, can be summed up in one word: "China."…

Categories: News

The one interview question that will protect you from North Korean fake workers

The Register - Tue, 29/04/2025 - 10:15
FBI and others list how to spot NK infiltrators, but AI will make it harder

RSAC  Concerned a new recruit might be a North Korean stooge out to steal intellectual property and then hit an org with malware? There is an answer, for the moment at least.…

Categories: News

Swiss boffins admit to secretly posting AI-penned posts to Reddit in the name of science

The Register - Tue, 29/04/2025 - 07:47
They’re sorry/not sorry for testing if bots can change minds by pretending to be a trauma counselor or a victim of sexual abuse

Researchers from the University of Zurich have admitted to secretly posting AI-generated material to popular Subreddit r/changemyview in the name of science.…

Categories: News

Open source text editor poisoned with malware to target Uyghur users

The Register - Tue, 29/04/2025 - 04:15
Who could possibly be behind this attack on an ethnic minority China despises?

Researchers at Canada’s Citizen Lab have spotted a phishing campaign and supply chain attack directed at Uyghur people living outside China, and suggest it’s an example of Beijing’s attempts to target the ethnic minority group.…

Categories: News

Ex-Disney employee gets 3 years in the clink for goofy attacks on mousey menus

The Register - Tue, 29/04/2025 - 01:26
Florida man altered allergen info, DoSed former colleagues

Former Disney employee Michael Scheuer was sentenced to 36 months in prison and fined almost $688,000 for screwing up a software application the entertainment giant used to cook up its restaurant menus.…

Categories: News

Cybersecurity CEO accused of running malware on hospital PC blabs about it on LinkedIn

The Register - Tue, 29/04/2025 - 00:28
Sometimes, silence is the best option

An Oklahoma City cybersecurity professional accused of installing spyware on a hospital PC confirmed on LinkedIn key details of the drama.…

Categories: News

How to survive as a CISO aka 'chief scapegoat officer'

The Register - Mon, 28/04/2025 - 22:57
Whistleblowing, email is evidential mail, HR is not your friend, and more discussed by CxO panel

RSAC  Chief security officers should negotiate personal liability insurance and a golden parachute when they start a new job – in case things go sideways and management tries to scapegoat them for a network breach.…

Categories: News

Admission impossible: NSA, CISA brass absent from RSA Conf

The Register - Mon, 28/04/2025 - 22:03
Homeland Security boss Noem added as last-minute keynote, mind you

RSAC  There's a notable absence from this year's RSA Conference that kicked off today in San Francisco: The NSA's State of the Hack panel.…

Categories: News

The future of AI in cybersecurity in a word: Optimistic

The Register - Mon, 28/04/2025 - 20:11
Think of artificial intelligence as your embedded ally

Sponsored post  AI is reshaping cybersecurity in real time, raising the stakes on both sides of the battlefield. For defenders, it brings speed, precision, and automation at scale, helping security teams detect threats earlier and respond faster than ever. But adversaries aren’t standing still. They’re using AI to sharpen their own tactics, accelerating attacks and probing defenses with unprecedented sophistication.…

Categories: News

From 112k to 4 million folks' data – HR biz attack goes from bad to mega bad

The Register - Mon, 28/04/2025 - 14:40
It took a 1 year+ probe, plenty of client calls for VeriSource to understand just how much of a yikes it has on its hands

Houston-based VeriSource Services' long-running probe into a February 2024 digital break-in shows the data of 4 million people – not just a few hundred thousand as it first claimed - was accessed by an "unknown actor".…

Categories: News

Back online after 'catastrophic' attack, 4chan says it's too broke for good IT

The Register - Mon, 28/04/2025 - 13:27
Image board hints that rumors of a poorly maintained back end may be true

Clearweb cesspit 4chan is back up and running, but says the damage caused by a cyberattack earlier this month was "catastrophic."…

Categories: News

Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025

The Register - Mon, 28/04/2025 - 07:37
Redmond reckons $1.50/core/month hotpatch service is worth it to avoid eight Patch Tuesday scrambles each year

Microsoft has announced that its preview of hotpatching for on-prem Windows Server 2025 will become a paid subscription service in July.…

Categories: News

Samsung admits Galaxy devices can leak passwords through clipboard wormhole

The Register - Mon, 28/04/2025 - 03:59
PLUS: Microsoft fixes messes China used to attack it; Mitre adds ESXi advice; Employee-tracking screenshots leak; and more!

Infosec in brief  Samsung has warned that some of its Galaxy devices store passwords in plaintext.…

Categories: News

Signalgate lessons learned: If creating a culture of security is the goal, America is screwed

The Register - Sat, 26/04/2025 - 00:58
Infosec is a team sport … unless you're in the White House

Opinion  Just when it seems they couldn't be that careless, US officials tasked with defending the nation go and do something else that puts American critical infrastructure, national security, and troops' lives in danger.…

Categories: News

Amid CVE funding fumble, 'we were mushrooms, kept in the dark,' says board member

The Register - Fri, 25/04/2025 - 23:19
What next for US-bankrolled vulnerability tracker? It's edging closer to a more independent, global future

Kent Landfield, a founding member of the Common Vulnerabilities and Exposures (CVE) program and member of the board, learned through social media that the system he helped create was just hours away from losing funding.…

Categories: News

More Ivanti attacks may be on horizon, say experts who are seeing 9x surge in endpoint scans

The Register - Fri, 25/04/2025 - 20:00
GreyNoise says it is the kind of activity that typically precedes new vulnerability disclosures

Ivanti VPN users should stay alert as IP scanning for the vendor's Connect Secure and Pulse Secure systems surged by 800 percent last week, according to threat intel biz GreyNoise.…

Categories: News

Oh, cool. Microsoft melts bug that froze Server 2025 Remote Desktop sessions

The Register - Fri, 25/04/2025 - 19:00
Where have we heard this before? Feb security update needs its own fix

More than one month after complaints starting flying, Microsoft has fixed a Windows bug that caused some Remote Desktop sessions to freeze.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News