News

Sofa, not-so-good: Angry customers still can't access systems, phones, and deliveries delayed

Furniture Village – the UK's largest independent furniture retailer with 54 stores nationwide – has been hit by a "cyber-attack", the company confirmed to The Register.…

Millions of Rust, JavaScript, Go, Maven repositories scanned and visualized

Google has built an online tool that maps out all the dependencies in millions of open-source software libraries and flags up any unpatched vulnerabilities.…

We'll explain everything for you

The US Supreme Court on Thursday limited the scope of the 1986 Computer Fraud and Abuse Act (CFAA) in a ruling that found a former sergeant did not violate the law by misusing his access to a police database.…

Another big name buyout by STG

FireEye has been sold for $1.2bn to the same American private equity fund that bought McAfee’s enterprise security business, severing it from infosec stablemate Mandiant.…

Plus: Judgement in immigration exemption case makes things worse

Comment  Almost two weeks ago, the European Parliament took the step of objecting to the Commission decisions to grant the UK data adequacy.…

Down continues to be the new up

NortonLifeLock, the company that offers the consumer products Broadcom didn’t want when it bought Symantec, has started to offer Ethereum mining as a feature of its Norton 360 security suite.…

'A stalker can abuse it to stalk people better. There are no mitigations mentioned'

Owners of Amazon Echo assistants and Ring doorbells have until June 8 to avoid automatically opting into Sidewalk, the internet giant's mesh network that taps into people's broadband and may prove to be a privacy nightmare.…

Embarrassing flaw in E3372 device finally patched

Huawei has belatedly fixed a mild vulnerability in a USB connectivity dongle spotted by Trustwave after The Register intervened.…

Aussie cops start probe and FBI and USDA lend a hand

Australian police are investigating a ransomware attack at the facilities of JBS Foods — one of the largest producers of meat in the world – as the White House fingers Russia-based cybercriminals.…

Bizarre promotion practice leads to near-inevitable breach

Exclusive  An astonishing data security blunder saw the personal data of Special Forces soldiers circulating around WhatsApp in a leaked British Army spreadsheet.…

Not the obvious function, the other obvious function

OpenPGP project RNP has patched its flagship product after Mozilla Thunderbird, a major user, was found to be saving users’ private keys in plain text.…

Info-stealing scheme, attributed to Russia-affiliated crew, relied on spoof USAID marketing messages

Uncle Sam on Tuesday said it had seized two web domains used to foist malware on victims using spoofed emails from the US Agency for International Development (USAID).…

What’s the remedy? Read on…

Promo  The thought of ransomware gripping the corporate systems we manage is enough to give any of us sleepless nights. The thought of a ransomware attack crippling the healthcare infrastructure all of us rely on is terrifying.…

'Medieval mixed with athletic wear' chic from 1995

Fans of 'cyber' flick Hackers can amuse themselves by visiting an exhibition of the characters’ costumes in London – but time is running short if you want to catch a glimpse of Angelina Jolie’s bizarre getups.…

Hear from one of the first providers to support this security functionality

Sponsored  Cloud infrastructure has many advantages over a corporate server. It’s easier to set it up and to get access to almost any resources in a matter of minutes, and you only pay for the capacity used. However, businesses are often concerned about how secure cloud solutions are.…

Plus: More Rowhammer research, Feds warn of Fortinet attacks, etc

In brief  The creator of the Have I Been Pwned (HIBP) website, which alerts you if it turns out your credentials have been swiped and leaked from an account database, has open sourced the project's internals.…

Leaked data proves very educational

Details of some US nuclear missile bunkers in Europe, which contain live warheads, along with secret codewords used by guards to signal that they’re being threatened by enemies, were exposed for nearly a decade through online flashcards used for education, but which were left publicly available.…

Microsoft says Nobelium scored access to Constant Contact email marketing tool

Nobelium, the Russia-aligned gang identified as the perpetrators of the supply chain attack on SolarWinds' Orion software, has struck again, Microsoft vice president Tom Burt in a blogpost Thursday.…

Special Administrative Region recorded plunge in ransomware attacks

Criminals tried to exploit Hong Kong residents' COVID-related anxiety, according to new security data released yesterday by the Special Administrative Region's secretary for innovation and technology Alfred Sit.…

No sign of ransomware - or attacker's identity, so far

A Fujitsu project management suite is causing red faces at the Japanese company’s HQ after “unauthorised access” resulted in data being stolen from government agencies, local reports say.…