News

Biden-Putin summit went well, then

Details of 30 servers thought to be used by Russia's SVR spy agency (aka APT29) as part of its ongoing campaigns to steal Western intellectual property were made public today by RiskIQ.…

The company's IT might be on fire, but my needs trump those of the many

On Call  A call from the executive floor is rarely a harbinger of happiness, especially when one is wading knee-deep through the molasses of malware. Welcome to one Register reader's experience in On Call.…

You just save it in Chrome or Firefox? Ugh. And then it autofills when you need it again? Oh the horror

It seems some of us are, in the year of our lord 2021, still reusing the same password for multiple sites, plugging personal gear into work networks, and perhaps overly relying on browser-managed passwords, judging from this poll.…

More than 120 messages caught trying to filch credentials from customers of USAA Bank, Microsoft

Between July 13 and July 16, someone took over the Mailgun account owned by restaurant chain Chipotle Mexican Grill and placed an order for login credentials using misappropriated marketing messages.…

New policies give users more control, but ad tracking still on by default

Google has shared details of upcoming changes to Android including the ability to blank a device's advertising ID, and a new safety section for apps in the Play store.…

Reason for probe unknown, but CEO claims it will vindicate company's claims

Israel's Ministry of Defense says the nation's government has visited spyware-for-governments developer NSO Group to investigate allegations its wares have been widely – and perhaps willingly – misused.…

And you've patched them all, haven't you, diligent readers?

Western cybersecurity agencies have published a list of 30 of the most exploited vulnerabilities abused by hostile foreign states in 2020, urging infosec bods to ensure their networks and deployments are fully patched against them.…

Memorandum details plans to turn that around with rapid development of security baselines, not mandates

The Biden administration has issued a National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems to address what it describes as a "woefully insufficient" security posture.…

Attack turned off encryption function, which made snooping rather easier

Law enforcement agencies in Taiwan are investigating a cyberattack on over 100 local political figures and dignitaries who used the messaging app LINE.…

Great, it's not like employers need more reasons to haul you back to the office

Firms looking to save money by shifting to more flexible ways of working will need to think carefully about IT security and the additional cost of breaches linked to staff working from home.…

Recognise this one? Oh dear...

Iranian state-backed hackers posed as a flirty Liverpudlian aerobics instructor in order to trick defence and aerospace workers into revealing secrets, according to a newly-published study.…

May need to upgrade 'bunfight' into 'cake-flinging war' over this one

Parliamentary criticism of the National Cyber Security Centre's "image over cost" London HQ is being shrugged off by the government because of the GCHQ offshoot's successful response to the WannaCry ransomware outbreak.…

Announces that it's paid out for 11,000 bugs in under eleven years

Google has revealed that its bug bounty program – which it styles a "Vulnerability Reward Program" – has paid out for 11,055 bugs found in its services since 2010.…

Suggests incident 'of great consequence' in the real world could be a tipping point

United States President Joe Biden has shared his view that a "real shooting war" could be sparked by a severe cyber attack.…

Promises everything will be back to normal sometime in early August

Chinese web giant Tencent has suspended new signups to its WeChat messaging service.…

Four others at online tat bazaar admit trying to silence newsletter couple, two senior execs fight charges

The former global security manager for eBay was sentenced on Tuesday to 18 months in prison and was ordered to pay a $15,000 fine for his role in the cyber-stalking and harassment of a Massachusetts couple who published a newsletter critical of the internet yard sale.…

18GB of Dutch fishing supplier's data left in unsecured server

Dutch fishing supply specialist Raven Hengelsport left details of around 246,000 customers visible to anyone on a misconfigured Microsoft Azure cloud server for months.…

'It was pretty convincing until the very end,' says host Jim Browning

The Tech Support Scams YouTube channel has been erased from existence in a blaze of irony as host and creator Jim Browning fell victim to a tech support scam that convinced him to secure his account – by deleting it.…

Breach reporting law might have effect on overseas operators too

The British government wants to make Amazon, Google, and other digital service providers report cybersecurity breaches to the Information Commissioner, according to newly published plans.…

First-timer wins maximum payout through HackerOne programme

Shopify has forked out $50,000 (£36,150) in a bug bounty payment to computer science student Augusto Zanellato following the discovery of a publicly available access token which gave world+dog read-and-write access to the company's source code repositories.…