The Register

Subscribe to The Register feed
Biting the hand that feeds IT — sci/tech news and views for the world
Updated: 2 hours 40 min ago

Russian super-crook behind $20m internet fraud den Cardplanet and malware-exchange forum pleads guilty

3 hours 47 min ago
Now 29-year-old faces years in the clink after long battle to bring him to justice

A 29-year-old Russian scumbag has admitted masterminding the Cardplanet underworld marketplace as well as a second forum for elite fraudsters.…

Categories: News

We need to make it even easier for UK terror cops to rummage about in folks' phones, says govt lawyer

Thu, 23/01/2020 - 15:31
Don't want to incriminate yourself? Tough luck, you terrorist

The Government Reviewer of Terrorism Laws has declared that safeguards protecting Britons from police workers demanding passwords for their devices must be watered down.…

Categories: News

Ooh, watch out Google. You've got competition. Verizon has a new 'privacy-focused' search engine

Thu, 23/01/2020 - 13:30
Yep, the Verizon that sold subscribers' location data

Verizon has slung out a new, privacy-focused search engine in an effort to win over customers who prefer not to have their browsing habits tracked by ad-slingers and the like.…

Categories: News

Still losing sleep over that awful Citrix bug? This scanner is here to help... you realize you've already been pwned

Thu, 23/01/2020 - 07:04
Handy FireEye tool roots out indicators of compromise

Citrix and FireEye have released a new security tool to help admins find out if their servers have been hacked via the high-profile CVE-2019-19781 flaw that was disclosed in December but only patched on Monday.…

Categories: News

Who honestly has a crown prince in their threat model? UN report officially fingers Saudi royal as Bezos hacker

Wed, 22/01/2020 - 23:13
Rapporteurs call for investigation, technical security report leaks

The Crown Prince of Saudi Arabia, Mohammad bin Salman, has been officially fingered as the man responsible for hacking Amazon CEO Jeff Bezos’s phone, causing a massive stir in diplomatic circles.…

Categories: News

Safari's 'Intelligent Tracking Protection' is misspelled, says Google: It should be 'dumb browser stalking enabler'

Wed, 22/01/2020 - 21:53
Chocolate Factory boffins doubt Apple can fix it, either

Google security researchers have published details about the flaws they identified last year in Intelligent Tracking Protection (ITP), a privacy scheme developed by Apple's WebKit team for the company's Safari browser.…

Categories: News

Academics call for UK's Computer Misuse Act 1990 to be reformed

Wed, 22/01/2020 - 16:06
Report suggests public interest defences for infosec professionals, academics and journalists

Britain's main anti-hacker law, the Computer Misuse Act 1990, is "confused", "outdated" and "ambiguous", according to a group of pro-reform academics.…

Categories: News

WindiLeaks: Microsoft exposes 250 million customer support records dating back to 2005. (Not on purpose though)

Wed, 22/01/2020 - 14:00
Quickly shuttered partially redacted exposed DB, which included 'internal notes marked as confidential'

Five identical Elasticsearch databases containing 250 million records of Microsoft customer support incidents were exposed on the internet for all to see for at least two days right at the end of 2019.…

Categories: News

Capita Education Services accidentally spaffs email addresses in Helpdesk snafu

Wed, 22/01/2020 - 10:30
Emailing stuff is hard, m'kay?

Capita Education Services had a bit of an oopsie yesterday as a new helpdesk system spurted potentially thousands of email addresses at unsuspecting users.…

Categories: News

Crown Prince of Saudi Arabia accused of hacking Jeff Bezos' phone with malware-laden WhatsApp message

Wed, 22/01/2020 - 00:31
Mid-East nation slams 'absurd' claims, UN report to emerge

Updated  Candid pictures used to threaten Amazon boss Jeff Bezos were exposed not by his current parmour's brother, as some have suggested, but through a sophisticated hacking operation personally directed by the crown prince of Saudi Arabia, Mohammad bin Salman, The Guardian has asserted.…

Categories: News

No backdoors needed: Apple ditched plans to fully encrypt iCloud backups after heavy pressure from FBI – claim

Tue, 21/01/2020 - 20:04
Convenient timing for this story to emerge

Apple ditched plans to fully encrypt its iCloud backups two years ago after being pressured by the FBI, it is claimed.…

Categories: News

WTF, EFS? Experts warn Windows encryption could spawn nasty new ransomware

Tue, 21/01/2020 - 14:00
Redmond's own security tools could be abused to create hard-to-scrub infections

The encryption technology Microsoft uses to protect its own file system could also be turned into a weapon for ransomware attackers.…

Categories: News

Leaving your admin interface's TLS cert and private key in your router firmware in 2020? Just Netgear things

Mon, 20/01/2020 - 21:23
Finding sparks debate over bug disclosure – and how do you secure a local gateway's web control panel

Netgear left in its router firmware key ingredients needed to intercept and tamper with secure connections to its equipment's web-based admin interfaces.…

Categories: News

As miscreants prey on thousands of vulnerable boxes, Citrix finally emits patches to fill in hijacking holes in Gateway and ADC

Mon, 20/01/2020 - 17:40
SD-WAN WANOP will have to wait a few days, though

Citrix has rushed out official fixes for the well-publicised vuln in some of its server products after miscreants were seen deploying their own custom patches that left a backdoor open for later exploitation.…

Categories: News

Ubisoft sues handful of gamers for DDoSing <i>Rainbow Six: Siege</i>

Mon, 20/01/2020 - 16:23
Two Germans, a Nigerian, and a Dutchman walk into a bar. What happens next? A lawsuit, of course

Game developer Ubisoft has lodged a claim against the owners of a website that allegedly sells DDoS attacks against the servers of its best-selling game, Tom Clancy's Rainbow Six: Siege (R6S).…

Categories: News

LastPass stores passwords so securely, not even its users can access them

Mon, 20/01/2020 - 13:24
Login management service sulks in days-long TITSUP* for some

Updated  Password manager LastPass appears to have had a big night out on Friday, to the point where the service needed a lenghty lie down over the weekend. In fact, for some users it is still horizontal.…

Categories: News

Hospital hacker spared prison after plod find almost 9,000 cardiac images at his home

Mon, 20/01/2020 - 11:30
NHS working with cops and ICO to determine if patients must be told

A Stoke-on-Trent hospital administrator has avoided prison after hacking his NHS trust and helping himself to almost 9,000 heart scan images.…

Categories: News

To catch a thief, go to Google with a geofence warrant – and it will give you all the details

Sat, 18/01/2020 - 14:06
Investigators ask Chocolate Factory to help them connect the geographic dots

At 1030 on April 27, 2019, four unidentified individuals attempted to rob a Brinks armored truck parked outside of Michaels, an art supply and home decor store at the Point Loomis Shopping Center in Milwaukee, Wisconsin. To find out who they are, local authorities plan to ask Google.…

Categories: News

It's Friday, the weekend has landed... and Microsoft warns of an Internet Explorer zero day exploited in the wild

Sat, 18/01/2020 - 01:17
Plus, WeLeakInfo? Not anymore!

Roundup  Welcome to another Reg roundup of security news.…

Categories: News

'Friendly' hackers are seemingly fixing the Citrix server hole – and leaving a nasty present behind

Fri, 17/01/2020 - 19:49
Congratulations, you've won a secret backdoor

Hackers exploiting the high-profile Citrix CVE-2019-19781 flaw to compromise VPN gateways are now patching the servers to keep others out.…

Categories: News