News

Intruders accessed important systems but tells customers their data is safe

A UK-based multinational that provides tech stock availability tools is telling customers that its website outage is due to a cyber attack.…

Are UK taxpayers getting real value from SPA24 — or just high cost convenience?

Register debate series  The UK government's five-year Strategic Partnership Agreement (SPA24) with Microsoft is set to see public sector bodies spend around £1.9 billion each year—nearly £9 billion in total over half a decade. It's a vast sum for software and services, and one that deserves close scrutiny.…

If there's smoke?

Fortinet warned customers about a critical FortiSIEM bug that could allow an unauthenticated attacker to execute unauthorized commands, and said working exploit code for the flaw has been found in the wild.…

CVE-2017-11882 in discontinued Equation Editor still attracting keylogger campaigns despite software being killed off in 2018

Very few people are immune to the siren song of nostalgia, a yearning for a "better time" when this was all fields and kids respected their elders - and it looks like cyber criminals are no exception.…

Seven additional regions across England will now have access to the controversial tech

A fresh expansion of UK crimefighters' access to live facial recognition (LFR) technology is being described by officials as "an excellent opportunity for policing." Privacy campaigners diagree.…

Shock news: billionaire techpreneur is not a fan

Geek-turned-venture-capitalist Marc Andreessen has weighed in on the arguments surrounding the UK's Online Safety Act, accusing the UK government of leaking his input.…

For now at least, even though government buying can improve, open source is not all it's cracked up to be

Debate  Not for the first time, Microsoft is in the spotlight for the UK government's money it voraciously consumes – apparently £1.9 billion a year in software licensing, and roughly £9 billion over five years. Not surprisingly, there are plenty of voices challenging whether this is good use of public money. After all, aren't there plenty of open source alternatives?…

Foundation warns federated servers face biggest risk, but single-instance users can take their time

The maintainers of the federated secure chat protocol Matrix are warning users of a pair of "high severity protocol vulnerabilities," addressed in the latest version, saying patching them requires a breaking change in servers and clients.…

Minnesota’s capital is the latest to feature on Interlock’s leak blog after late-July cyberattack

The Interlock ransomware gang has flaunted a 43GB haul of files allegedly stolen from the city of Saint Paul, following a late-July cyberattack that forced the Minnesota capital to declare a state of national emergency.…

Tells court 'What I did was wrong and I want to apologize for my conduct'

Terraform Labs founder Do Kwon has pled guilty to committing fraud when promoting the so-called "stablecoin" Terra USD and now faces time in jail.…

None under active exploit…yet

Microsoft’s August Patch Tuesday flaw-fixing festival addresses 111 problems in its products, a dozen of which are deemed critical, and one moderate-severity flaw that is listed as being publicly known.…

And yes, there’s the usual credit monitoring

Global staffing firm Manpower confirmed ransomware criminals broke into its Lansing, Michigan franchise's network and stole personal information belonging to 144,189 people, months after the extortionists claimed that they pilfered "all of [the company's] confidential data." …

Website, emails, and phones are down for a second day

The Pennsylvania's Office of Attorney General (OAG) is blaming a digital blackout of its services on a "cyber incident."…

US cops yank servers, domains, and crypto from the Russia-linked gang - but the crooks remain at large

In a display of bureaucratic bravado, US law enforcement agencies say they've “disrupted” the BlackSuit ransomware gang (also known as Royal), freeing millions of dollars in virtual currency from its clutches.…

Scattered Spider, ShinyHunters, and Lapsus$ spent the weekend bragging to each other on a Telegram channel

Prolific cybercrime collectives Scattered Spider, ShinyHunters, and Lapsus$ appear to have come together in a new Telegram channel that shares news of their exploits.…

Automaker's answer to spate of car thefts is to charge customers for extra

Hyundai is charging UK customers £49 ($66) for a security upgrade to prevent thieves from bypassing its car locks.…

Home Office officials reportedly concede Brit government on back foot as Trump moves to protect US Big Tech players

Analysis  The Home Office's war on encryption – its most technically complex and controversial aspect of modern policymaking yet – is starting to look like battlefield failure after more than ten years of skirmishes.…

Sysadmins, your job is safe

Automating IT operations using AI may not be the best idea at the moment.…

A few weeks earlier 'zeroplayer' advertised an $80K WinRAR 0-day exploit

Russia-linked attackers found and exploited a high-severity WinRAR vulnerability before the maintainers of the Windows file archiver issued a fix.…

The alleged perpetrators remain at large

The US Department of Justice is trying to recoup around $1 million that three IT specialists secretly working for the North Korean government allegedly stole from a New York company.…