News

Someone's popular!

One of the teens behind the 2015 hack on UK telco TalkTalk has been indicted in the US over a huge cryptocurrency heist.…

Another ex-customer struggles to get hacked account killed off

Months after The Register first wrote about TalkTalk failing to close a former customer's email address, the firm is still using the General Data Protection Regulation as an excuse for dragging its heels.…

Cyber-terrorists, your game is through, 'cause now you have to answer to: America, fsck yeah!

The US Congress has, near enough, approved a law bill to create a new set of dedicated cyber-security teams within the Department of Homeland Security.…

Security biz that probed 2016 DNC hack makes an odd cameo in revealed transcript

A garbled remark by President Donald Trump in a just-released phone-call transcript with the Ukrainian head of state has focused attention on cloudy security shop CrowdStrike.…

Half of government grant to infosec training biz suspended as MPs demand probe

Infosec training biz Hacker House has been catapulted to Parliamentary prominence after reports that co-founder Jennifer Arcuri secured government funding because of her personal relationship with now-Prime Minister Boris Johnson.…

While you're at it, fix Java too

Adobe has released an update to clean up a trio of vulnerabilities in ColdFusion, its long-running web application platform.…

Lone 'no' vote nixes renewal of W3C's Privacy Interest Group

Google has blocked a proposed revision of the charter of the Privacy Interest Group (PING), a part of the W3C web standards body, over concerns that establishing an unchecked "authoritarian review group" will create "significant unnecessary chaos in the development of the web platform."…

Hack spee included 2014 JP Morgan Chase data theft

On Monday, Andrei Tyurin, a 35-year-old Russian national, pleaded guilty in New York to charges of computer intrusion, bank and wire fraud, and online gambling in connection with a sustained hacking campaign targeting US financial institutions.…

Hackers can inject system commands via version 5 of software, no patch available

An anonymous bug hunter has publicly disclosed a zero-day flaw in the version 5 of the popular vBulletin forum software than can be exploited over the internet to hijack servers. No patch is known to be available.…

As Reg readers will know, you'll have to click a few buttons first

Firebox builder Mozilla has confirmed to UK Culture Secretary Nicky Morgan that Britons won't be getting DNS-over-HTTPS (DoH) by default once the feature is included in the next run of browser updates.…

UK.gov wants 'algorithm' to be shared with other tech firms

UK prime minister (at time of writing) Boris Johnson announced to the UN Security Council today a plan to block the sharing of violent videos on social media after terrorist attacks.…

McAfee study finds poor setups, even worse visibility

The ongoing rash of data leaks caused by misconfigured clouds is the result of companies having virtually no visibility into how their cloud instances are configured, and very little ability to audit and manage them.…

Update browser ASAP after Google gurus spot miscreants abusing bug to hijack PCs

Microsoft today issued a rare emergency security update for Internet Explorer to address a critical flaw in the browser that's being exploited right now in the wild.…

Maybe check your credit rating, says red-faced firm

T-shirt flogger CafePress has finally informed its customers about a serious data loss dating back to February and first reported last month.…

Gov.uk portal finally lurched back to life after lunch

Furious parents have lashed out at Her Majesty's Revenue and Customs after the UK tax authority let a key HTTPS certificate expire on its childcare tax credit portal.…

Plus, a Windows NTSF flaw, Fortnite hacking, and much, much more

Security roundup  Here are a handful of security happenings in the past week that are worth noting - aside from what The Reg has already covered.…

Oh no I didn't, says disgraced ex-Kaspersky guy

An accused Russian hacker has claimed Kaspersky's former head of investigations blackmailed him into stealing approximately £150,000 from local banks.…

37-year-old was extradited to Blighty to stand trial

A Bulgarian phishing criminal who created fake versions of legitimate companies' websites as part of a £40m fraud has been jailed.…

Perception is an illusion, grasshopper

Security surveys tend to confirm what we already knew a few months ago and the 2019 Global Cyber Risk Perception Survey (PDF) from Marsh and Microsoft does not disappoint.…

~~~WaRNiG!! Ur PC has THe Da Vinci m4Lw4rez!! CaLL 1-555-NOSCAM 2 f!x it~~~

Two Americans used bogus virus-infection alerts to bilk $10m out of PC owners, it is alleged.…