The Register

Infosec pro: 'OneDrive abuse has been going on for years'

Microsoft has been branded as "the world's best malware hoster for about a decade," thanks to abuse of the Office 365 and Live platform, as well as its slow response to reports by security researchers.…

Ongoing crackdown saw apps 1.83 million apps tested, 4,200 told to clean up their act, pop-up ads popped

China's Minister of Industry and Information Technology, Xiao Yaqing, has given a rare interview in which he signalled the nation's crackdown on the internet and predatory companies will continue.…

Here’s how zero trust and immutability can save you

Sponsored  When you’re putting your enterprise security and data management strategy in place, should you worry more about ransomware or natural disasters?…

Names and bars crypto exchange SUEX, warns paying ransoms could spell trouble

Ransomware extracted at least $590 million for the miscreants who create and distribute it in the first half of 2021 alone – more than the $416 million tracked in all of 2020, according to the US government’s Financial Crimes Enforcement Network (FinCEN). Total ransomware-related financial activity may have reached $5.2 billion.…

Plus rifle-toting robot dogs, but makers insist they're really dumb

In brief  Whether or not non-fungible tokens are a flash in the pan or forever, malware operators have been keen to weaponise the technology.…

Michigan man arrested for borrowing costly textbooks and selling them

A 36-year-old man from Portage, Michigan, was arrested on Thursday for allegedly renting thousands of textbooks from Amazon and selling them rather than returning them.…

Learn how at our Ransomware Remediation Masterclass

Sponsored  You wouldn’t want to learn to box just as Tyson Fury steps out of the opposing corner. Likewise, the time to learn how to recover from ransomware is long before your systems come under attack.…

Inconsistent regulation means crooks can sneak cryptos through cracks – pretty much everyone wants them filled

The 30-nation gabfest convened under the auspices of the US National Security Council’s Counter-Ransomware Initiative has ended with agreement that increased regulation of virtual assets is required to curb the digital coins' allure to criminals.…

Hopefully we're still listening to experts

Fourteen of the world's leading computer security and cryptography experts have released a paper arguing against the use of client-side scanning because it creates security and privacy risks.…

Global messaging giant extends security and privacy to Google Drive and Apple iCloud

Facebook's WhatsApp on Thursday began a global rollout of end-to-end (E2E) encryption for message backups, which offers Android and iOS users with the ability to protect WhatsApp messages stored in Google Drive and Apple iCloud.…

Criminals follow the money, code flaws

Google's VirusTotal service showing that 95 per cent of ransomware malware identified by its systems targets Windows.…

So says Have I Been Pwned's maintainer

Thingiverse, a site that hosts free-to-use 3D printer designs, has suffered a data breach – and at least 228,000 unlucky users' email addresses have been circulating on black-hat crime forums.…

Perps not welcome at anti-ransomware gabfest that Biden admin would rather portray as bold infosec alliance

The United States has kicked off meetings attended by representatives of nations that all hope to address the scourge of ransomware – without Russia or China in the room.…

Oi, Google: how did this get past your review process? And Imperva: why does your web page offer to install software?

Security vendor Imperva’s research labs have found a browser extension that claims to block ads, but actually injects them into Chrome or Opera.…

Plus: Extortionist gang threatens victims who talk to the press

Olympus, the Japanese company once known for making cameras, is investigating "suspicious" activity on its networks again – a month after those same networks were ravaged by ransomware.…

Much of the 2.4Tbit/sec came from across Asia and targeted a single Euro-customer

Microsoft claims its Azure cloud has fended off the largest DDOS attack it's detected, which clocked in at 2.4Tbit/sec.…

With 71 new CVEs, there are patches enough for everyone

Microsoft's October Patch Tuesday has arrived with fixes for 71 new CVEs, two patch revisions to address bugs from previous months that just won't die, and three CVEs tied to OpenSSL flaws. That's in addition to eight Edge-Chromium CVEs dealt with earlier this month.…

'So sorry' says Microsoft Identity VP – but its unhelpful support systems will be hard to fix

Interview  Konstantin Gizdov, an IT professional, was locked out of his Microsoft account by a bug in the company's Multi-Factor Authentication (MFA), but says support refused to acknowledge the bug or recover his account.…

Tech breakdown and proof-of-concept code is already out there

If you're using an iPhone, install the iOS 15.0.2 update immediately: Apple has warned that the latest OS upgrade patches an "actively exploited" zero-day.…

Usernames and passwords could be read (and abused) by anyone in since fixed flaw

An email marketing company claiming to hold details on a million UK teachers and school admin personnel was potentially exposing those to the public internet thanks to a misconfigured error page on its website.…