News

No word on whether gang got their mitts on data, though

Outsourcing and accounting firm Accenture has been struck by Lockbit ransomware.…

Vaccine deceit is infectious

The number of COVID cases in the US and elsewhere is again rising, thanks to the Delta Variant, lagging vaccination rates, and mask resistance among some.…

StarHub's breach announcement came a month after discovery of customer file on dump site

Singapore pay YV, internet and mobile phone provider StarHub is in the process of notifying 57,191 customers via email that they are victims of a cyber attack that leaked national identity card numbers, mobile numbers and email addresses.…

It was just a prank, bro

Whoever drained roughly $600m in cryptocurrencies from Poly Network is said to have returned at least $260m so far.…

Have they forgotten SysAdmin Appreciation Day so soon?

Microsoft appears intent on turning the print spooler remote code execution vulnerability known as "PrintNightmare" into an AdminNightmare, judging by its latest mitigation, which requires administrator privileges for Point and Print driver installation and update.…

FireEye says Israeli defense agencies were alert to compromises as China works to protect Belt and Road investments

Security vendor FireEye says it has spotted a Chinese espionage group that successfully compromised targets within Israel, and that trying to make its efforts look like the work of Iranian actors is part of the group's modus operandi.…

$8B deal will create smallbiz and consumer security monster

The discussions between security vendors NortonLifelock and Avast that The Register reported had reached an advanced stage in July have proved fruitful, to the tune of more than $8 billion.…

Ready to go for telcos, but what's their incentive to lose all that lovely money?

Computer science boffins have devised a way to prevent the location of mobile phone users from being snarfed and sold to marketers, though the technique won't affect targeted nation-state surveillance.…

Here's the addresses you need to block

Poly Network, a Chinese software biz that processes cryptocurrency transactions across different blockchain platforms, urged hackers to return $600m worth of stolen digital cash in what it called the “biggest [attack] in DeFi history.”…

It's just temporary relief from the typical monthly repair routine

Now is the winter of our discontent made glorious summer by the fact that it's August and Patch Tuesday brings word of only 44 vulnerabilities in Microsoft's software.…

Someone must have broken in and taken docs, said Leathermarket Community Benefit Society

A man who viewed documents online for a controversial London property development and shared them on social media was raided by police after developers claimed there had been a break-in to their systems.…

Doc reveals more of what's causing industry to tear its hair out

Britain's Telecoms Security Bill will be accompanied by a detailed code of practice containing 70 specific security requirements for telcos and their suppliers to meet, The Register can reveal.…

RDP-enabled instances attacked, perhaps via Iran and China, then use Telegram desktop client for command and control

Data analysis firm Splunk says it's found a resurgence of the Crypto botnet – malware that attacks virtual servers running Windows Server inside Amazon Web Services.…

Offer may not apply in China, or anywhere else warn experts

Apple's announcement last week that it will soon be scanning photos on iPhones and iPads that sync to iCloud for child sexual abuse material (CSAM) prompted pushback from thousands of security and privacy professionals and a response from the company that attempts to mollify its critics.…

And a very scary story of a job that went from white hat to murky shades of gray in the United Arab Emirates

In Brief  After a year off due to a certain virus, the Black Hat and DEF CON security conferences returned to Las Vegas last week, just in time for the US government's attempts to foster more collaboration across the infosec industry.…

Security researchers found they could snoop on dynamic DNS traffic

Until February this year, Amazon Route53's DNS service offered largely unappreciated network eavesdropping capabilities. And this undocumented spying option was also available at Google Cloud DNS and at least one other DNS-as-a-service provider.…

Back on terra firma, ransomware rampage sees elevated security threat levels and giveaways to SMBs

South Korea has this week announced two new weapons: grenade-launching drones for its military, and anti-ransomware software for businesses.…

Edge is getting a 'Super Duper Security Mode' to test the idea. Yes, that is the actual name

Microsoft is conducting an experiment it hopes will improve browser security – by making its Edge offering worse at running JavaScript…

Players in ‘Joint Cyber Defense Collaborative’ include Microsoft, AWS, and Google

The United States' Cybersecurity and Infrastructure Security Agency (CISA) has announced the "standup" of a body called the "Joint Cyber Defense Collaborative" (JCDC) that it hopes will spark ideas for new and improved national responses against electronic threats.…

Where there's a will, there's Huawei

Andy Purdy, CSO for Huawei USA, believes the US needs to be more active in the development of global security standards rather than being aloof.…