News

Time to zero in on Zero Trust?

The Register - Thu, 13/06/2024 - 04:12
Recently discovered vulnerabilities in VPN services should push ASEAN organizations to rethink their perimeter security approach

Sponsored Post  Companies the ASEAN region have long relied on a virtual private network (VPN) to help encrypt their Internet traffic and protect users' online identities.…

Categories: News

Crooks crack customer info at tracking device vendor Tile, issue 'extortion' demands

The Register - Thu, 13/06/2024 - 02:15
Who tracks the trackers?

Life360, purveyor of "Tile" Bluetooth tracking devices and developer of associated apps, has revealed it is dealing with a "criminal extortion attempt" after unknown miscreants contacted it with an allegation they had customer data in their possession.…

Categories: News

Ransomware crew may have exploited Windows make-me-admin bug as a zero-day

The Register - Wed, 12/06/2024 - 23:10
Symantec suggests Black Basta crew beat Microsoft to the patch

The Black Basta ransomware gang may have exploited a now-patched Windows privilege escalation bug as a zero-day, according to Symantec's threat hunters.…

Categories: News

White House report dishes deets on all 11 major government breaches from 2023

The Register - Wed, 12/06/2024 - 17:15
The MOVEit breach and ransomware weren’t kind to the Feds last year

The number of cybersecurity incidents reported by US federal agencies rose 9.9 percent year-on-year (YoY) in 2023 to a total of 32,211, per a new White House report, which also spilled the details on the most serious incidents suffered across the government.…

Categories: News

China's FortiGate attacks more extensive than first thought

The Register - Wed, 12/06/2024 - 15:00
Dutch intelligence says at least 20,000 firewalls pwned in just a few months

The Netherlands' cybersecurity agency (NCSC) says the previously reported attack on the country's Ministry of Defense (MoD) was far more extensive than previously thought.…

Categories: News

Let's kick off our summer with a pwn-me-by-Wi-Fi bug in Microsoft Windows

The Register - Wed, 12/06/2024 - 01:29
Redmond splats dozens of bugs as does Adobe while Arm drivers and PHP under active attack

Patch Tuesday  Microsoft kicked off our summer season with a relatively light June Patch Tuesday, releasing updates for 49 CVE-tagged security flaws in its products – including one bug deemed critical, a fairly terrifying one in wireless networking, and one listed as publicly disclosed.…

Categories: News

Pure Storage pwned, claims data plundered by crims who broke into Snowflake workspace

The Register - Tue, 11/06/2024 - 19:01
Secure storage company hasn't spilled details on how they got in

Pure Storage is the latest company to confirm it's a victim of mounting Snowflake-related data breaches.…

Categories: News

Cylance clarifies data breach details, except where the data came from

The Register - Tue, 11/06/2024 - 17:30
Customers, partners, operations remain uncompromised, BlackBerry says

BlackBerry-owned cybersecurity shop Cylance says the data allegedly belonging to it and being sold on a crime forum doesn't endanger customers, yet it won't say where the information was stored originally.…

Categories: News

UK and Canada's data chiefs join forces to investigate 23andMe mega-breach

The Register - Tue, 11/06/2024 - 14:30
Three-pronged approach aims to uncover any malpractice at the Silicon Valley biotech biz

The data protection watchdogs of the UK and Canada are teaming up to hunt down the facts behind last year's 23andMe data breach.…

Categories: News

Snowflake customers not using MFA are not unique – over 165 of them have been compromised

The Register - Tue, 11/06/2024 - 04:27
Mandiant warns criminal gang UNC5537, which may be friendly with Scattered Spider, is on the rampage

An unknown financially motivated crime crew has swiped a "significant volume of records" from Snowflake customers' databases using stolen credentials, according to Mandiant.…

Categories: News

Cyber attack flattens Japanese vid-sharing site Niconico and others

The Register - Tue, 11/06/2024 - 03:00
Total rebuild needed after four days off the air

Japanese media conglomerate Kadokawa and several of its properties have been offline for four days after a major cyber attack.…

Categories: News

Christie's confirms RansomHub crooks stole data on 45K clients

The Register - Mon, 10/06/2024 - 18:00
A far cry from the half-million claim that crims originally boasted

Auction house to the wealthy Christie's says 45,798 people were affected by its recent cyberattack and resulting data theft.…

Categories: News

Snowflake tells customers to enable MFA as investigations continue

The Register - Mon, 10/06/2024 - 13:30
Also, industry begs Uncle Sam for infosec reg harmony, dueling container-compromise campaigns, and crit vulns

infosec in brief  Cloud data analytics platform Snowflake said it is going to begin forcing customers to implement multi-factor authentication to prevent more intrusions. …

Categories: News

Two arrested in UK over fake cell tower-powered smishing campaign

The Register - Mon, 10/06/2024 - 12:31
Thousands of dodgy SMS messages bypassed network filters in UK-first case

British police have arrested two individuals following an investigation into illegal homebrew phone masts used for SMS-based phishing campaigns.…

Categories: News

Akira: Perhaps the next big thing in ransomware, says Tidal threat intelligence chief

The Register - Sun, 09/06/2024 - 13:10
Scott Small tells us gang's 'intent and capability' should get the attention of CSOs

Interview  It might not be as big a name as BlackCat or LockBit, but the Akira ransomware is every bit as dangerous, says one cybersecurity researcher – and it's poised to make a big impact. …

Categories: News

Uber ex-CSO Joe Sullivan: We need security leaders running to work, not giving up

The Register - Sat, 08/06/2024 - 15:40
Lessons learned from the infosec chief convicted and punished for covering up theft of data from taxi app maker

Interview  Joe Sullivan – the now-former Uber chief security officer who was found guilty of covering-up a theft of data from Uber in 2016 – remembers sitting down and thinking through the worst-case scenarios he faced following that guilty verdict in 2022.…

Categories: News

'New York Times source code' leaks online via 4chan

The Register - Sat, 08/06/2024 - 00:39
Breaking breaking-news news

A 4chan user claims to have leaked 270GB of internal New York Times data, including source code, via the notorious image board.…

Categories: News

FCC takes some action against notorious BGP

The Register - Fri, 07/06/2024 - 23:29
How's your RPKI-based security plan coming along? Feds want to know

US broadband providers will soon have to provide proof to Uncle Sam that they are taking steps to prevent Border Gateway Protocol (BGP) hijacking and locking down internet routing in general.…

Categories: News

Defiant Microsoft pushes ahead with controversial Recall – tho as an opt-in

The Register - Fri, 07/06/2024 - 20:40
Windows maker acknowledges 'clear signal' from everyone, then mostly ignores it

Microsoft is not giving up on its controversial Windows Recall, though says it will give customers an option to opt in instead of having it on by default, and will beef up the security of any data the software stores.…

Categories: News

Frontier Communications: 750k people's data stolen in April attack on systems

The Register - Fri, 07/06/2024 - 19:09
Company says just names and SSNs affected, watering down RansomHub’s claims

Frontier Communications has confirmed more than 750,000 individuals were affected in an April cyberattack on its systems, according to a regulatory filing.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News