News

Amazon confirms employee data exposed in leak linked to MOVEit vulnerability

The Register - Tue, 12/11/2024 - 13:29
Over 5 million records from 25 organizations posted to black hat forum

Amazon employees' data is part of a stolen trove posted to a cybercrime forum linked to last year's MOVEit vulnerability.…

Categories: News

FBI issues warning as crooks ramp up emergency data request scams

The Register - Mon, 11/11/2024 - 16:23
Just because it's .gov doesn't mean that email is trustworthy

Cybercrooks abusing emergency data requests in the US isn't new, but the FBI says it's becoming a more pronounced issue as the year draws to a close.…

Categories: News

Dark web crypto laundering kingpin sentenced to 12.5 years in prison

The Register - Mon, 11/11/2024 - 12:38
Prosecutors hand Russo-Swede a half-billion bill

The operator of the longest-running money laundering machine in dark web history, Bitcoin Fog, has been sentenced to 12 years and six months in US prison.…

Categories: News

Alleged Snowflake attacker gets busted by Canadians – politely, we assume

The Register - Mon, 11/11/2024 - 03:28
Also: Crypto hacks will continue; CoD hacker gets thousands banned, and more

in brief  One of the suspected masterminds behind the widespread Snowflake breach has been arrested in Canada – but the saga isn't over, eh. …

Categories: News

Scattered Spider, BlackCat claw their way back from criminal underground

The Register - Fri, 08/11/2024 - 14:57
We all know by now that monsters never die, right?

Two high-profile criminal gangs, Scattered Spider and BlackCat/ALPHV, seemed to disappear into the darkness like their namesakes following a series of splashy digital heists last year, after which there were arrests and website seizures.…

Categories: News

Winos4.0 abuses gaming apps to infect, control Windows machines

The Register - Fri, 08/11/2024 - 02:30
'Multiple' malware samples likely targeting education orgs

Criminals are using game-related applications to infect Windows systems with a malicious software framework called Winos4.0 that gives the attackers full control over compromised machines.…

Categories: News

Don't open that 'copyright infringement' email attachment – it's an infostealer

The Register - Thu, 07/11/2024 - 22:18
Curiosity gives crims access to wallets and passwords

Organizations should be on the lookout for bogus copyright infringement emails as they might be the latest ploy by cybercriminals to steal their data.…

Categories: News

Cisco scores a perfect CVSS 10 with critical flaw in its wireless system

The Register - Thu, 07/11/2024 - 11:48
Ultra-Reliable Wireless Backhaul doesn't live up to its name

Cisco is issuing a critical alert notice about a flaw that makes its so-called Ultra-Reliable Wireless Backhaul systems easy to subvert.…

Categories: News

Officials warn of Russia's tech-for-troops deal with North Korea amid Ukraine conflict

The Register - Thu, 07/11/2024 - 02:30
10,000 of Kim Jong Un's soldiers believed to be headed for front line

The EU has joined US and South Korean officials in expressing concern over a Russian transfer of technology to North Korea in return for military assistance against Ukraine.…

Categories: News

Cybercrooks are targeting Bengal cat lovers in Australia for some reason

The Register - Wed, 06/11/2024 - 21:47
In case today’s news cycle wasn’t shocking enough, here’s a gem from Sophos

Fresh from a series of serious reports detailing its five-year battle with Chinese cyberattackers, Sophos has dropped a curious story about users of a popular infostealer-cum-RAT targeting a niche group of victims.…

Categories: News

Operation Synergia II sees Interpol swoop on global cyber crims

The Register - Wed, 06/11/2024 - 15:25
22,000 IP addresses taken down, 59 servers seized, 41 arrests in 95 countries

Interpol is reporting a big win after a massive combined operation against online criminals made 41 arrests and seized hardware thought to be used for nefarious purposes.…

Categories: News

Cyberattackers stole Microlise staff data following DHL, Serco disruption

The Register - Wed, 06/11/2024 - 12:06
Experts say incident has 'all the hallmarks of ransomware'

Telematics tech biz Microlise says an attack that hit its network likely did not expose customer data, although staff aren't so lucky.…

Categories: News

China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks

The Register - Wed, 06/11/2024 - 02:30
Alleged intrusion spotted in June

Chinese government cyberspies Volt Typhoon reportedly breached Singapore Telecommunications over the summer as part of their ongoing attacks against critical infrastructure operators.…

Categories: News

Scumbag puts 'stolen' Nokia source code, SSH and RSA keys, more up for sale

The Register - Wed, 06/11/2024 - 00:01
Data pinched from pwned outside supplier, thief claims

IntelBroker, a notorious peddler of stolen data, claims to have pilfered source code, private keys, and other sensitive materials belonging to Nokia.…

Categories: News

Schneider Electric ransomware crew demands $125k paid in baguettes

The Register - Tue, 05/11/2024 - 21:51
Hellcat crew claimed to have gained access via the company's Atlassian Jira system

Schneider Electric confirmed that it is investigating a breach as a ransomware group Hellcat claims to have stolen more than 40 GB of compressed data — and demanded the French multinational energy management company pay $125,000 in baguettes or else see its sensitive customer and operational information leaked.…

Categories: News

A Kansas pig butchering: CEO who defrauded bank, church, friends gets 24 years

The Register - Tue, 05/11/2024 - 20:30
FBI recovers just $8M after scam crashes Heartland Tri-State Bank

The FBI has recovered $8 million in funds from a cryptocurrency scam that netted $47 million and devastated the Kansas city of Elkhart.…

Categories: News

Criminals open DocuSign's Envelope API to make BEC special delivery

The Register - Tue, 05/11/2024 - 18:34
Why? Because that's where the money is

Business email compromise scammers are trying to up their success rate by using a DocuSign API.…

Categories: News

Ongoing typosquatting campaign impersonates hundreds of popular npm packages

The Register - Tue, 05/11/2024 - 16:28
Puppeteer or Pupeter? One of them will snoop around on your machine and steal your credentials

An ongoing typosquatting campaign is targeting developers via hundreds of popular JavaScript libraries, whose weekly downloads number in the tens of millions, to infect systems with info-stealing and snooping malware.…

Categories: News

Washington courts grapple with statewide outage after 'unauthorized activity'

The Register - Tue, 05/11/2024 - 14:29
Justice still being served, but many systems are down

A statewide IT outage attributed to "unauthorized activity" is affecting the availability of services provided by all courts in Washington.…

Categories: News

Google claims Big Sleep 'first' AI to spot freshly committed security bug that fuzzing missed

The Register - Tue, 05/11/2024 - 06:38
You snooze, you lose, er, win

Google claims one of its AI models is the first of its kind to spot a memory safety vulnerability in the wild – specifically an exploitable stack buffer underflow in SQLite – which was then fixed before the buggy code's official release.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News