The Register

Subscribe to The Register feed
Biting the hand that feeds IT — Enterprise Technology News and Analysis
Updated: 1 hour 9 min ago

Texan's alleged Amazon bombing effort fizzles: Militia man wanted to take out 'about 70 per cent of the internet'

Fri, 09/04/2021 - 22:57
Someone hasn't heard of redundancy

The US Justice Department on Friday announced the arrest of Seth Aaron Pendley, 28, for allegedly planning to blow up a single Amazon data center in Ashburn, Virginia, which he thought would knock out around 70 per cent of the internet.…

Categories: News

UK's National Cyber Security Centre recommends password generation idea suggested by El Reg commenter

Fri, 09/04/2021 - 16:58
Who says everything below the line is a cesspit of useless filth?

Nearly a third of Britons use the name of their pet or a family member as a password, the National Cyber Security Centre has said as it advised folk to adopt what looks very much like a Register forum user's suggestion for secure password generation.…

Categories: News

CyberBattleSim: Microsoft's open-source Holodeck in which autonomous attackers, defenders duke it out

Fri, 09/04/2021 - 12:06
Very 2021 to have AI bots fight in simulated networks for our entertainment (and science)

Microsoft has open-sourced software that pits machine-learning-powered network intruders against automated defenders inside virtual networks.…

Categories: News

How do we stamp out the ransomware business model? Ban insurance payouts for one, says ex-GCHQ director

Fri, 09/04/2021 - 11:02
New laws needed to cut off incentive to crooks, argues Marcus Willett

Increasing numbers of senior ex-GCHQ people have called for laws preventing businesses using cyber insurance to buy off ransomware attackers – with the money merely perpetuating the criminals' business model.…

Categories: News

India uses controversial Aadhaar facial biometrics to identify COVID vaccination recipients

Fri, 09/04/2021 - 06:01
Safer than eyeballs or fingerprints, apparently

India’s National Health Authority has commenced a pilot of facial recognition software as a means of identifying people as they queue in the nation's COVID-19 vaccine centres.…

Categories: News

Belgian police seize 28 tons of cocaine after 'cracking' Sky ECC's chat app encryption

Thu, 08/04/2021 - 11:39
Euro cops take $1.65bn of blow off the streets after poring over messages

The Belgian plod says it seized 27.64 tons of cocaine worth €1.4bn (£1.2bn, $1.65bn) from shipments into Antwerp in the past six weeks after defeating the encryption in the Sky ECC chat app to read drug smugglers' messages.…

Categories: News

There’s a whole wide world of web application firewall options – so how do you choose the right one?

Thu, 08/04/2021 - 08:30
Take the heat out of your firewall deployment

Webcast  If you’ve got an application which faces the web, no one would dispute that you should probably have a web application firewall sitting in front of it.…

Categories: News

Indian defense chief admits China’s cyber-weapons would ‘disrupt large number of systems’ whenever Beijing presses the button

Thu, 08/04/2021 - 05:14
Working to improve 'cyberwalls', but for now swift recovery is main strategy

Video  The highest-ranked officer in India’s armed forces has admitted that China has cyber-war capabilities that can overwhelm his nation’s defenses and suggested that only cross-forces collaboration will get India to parity with its giant neighbor.…

Categories: News

Another supply-chain attack? Android maker Gigaset injects malware into victims' phones via poisoned update

Wed, 07/04/2021 - 21:11
Software nasty also 'persists after a factory reset'

Android smartphones from Gigaset have been infected by malware direct from the manufacturer in what appears to be a supply-chain attack.…

Categories: News

Update on PHP source code compromise: User database leak suspected

Wed, 07/04/2021 - 15:38
Possible culprit: Ancient code running in production. A vuln 'would not be terribly surprising' says maintainer

PHP maintainer Nikita Popov has posted an update concerning how the source code was compromised and malicious code inserted – blaming a user database leak rather than a problem with the server itself.…

Categories: News

Cybercrooks targeting UK organisations started 2020 strong only for attacks to wither away by Christmas

Wed, 07/04/2021 - 14:58
Aww, did the big bad criminals get a little lockdown burnout too?

Compromising every web-connected server and service you can find gets tiring after a while – and by the end of 2021 internet criminals targeting British companies were as fatigued as the rest of us, according to Bitdefender.…

Categories: News

Atheists appeal to higher power for intercession over alleged sins against privacy

Wed, 07/04/2021 - 07:58
Membership data row ascends to desk of California attorney-general

The Atheist Alliance International, an organisation that works to demystify atheism and advocate for secular governance, has taken legal action it hopes will prove that members’ personal data does not remain in the possession of the rival International Association of Atheists.…

Categories: News

SAP: It takes exploit devs about 72 hours to turn one of our security patches into a weapon against customers

Tue, 06/04/2021 - 22:04
So please don't delay in applying updates, says, well, everyone

SAP and security analysts Onapsis say cyber-criminals are pretty quick to analyze the enterprise software outfit's patches and develop exploits to get into vulnerable systems.…

Categories: News

Their 'next job could be in cyber': UK Cyber Security Council launches itself by pointing world+dog to domain it doesn't own

Tue, 06/04/2021 - 14:50
Shouting cyber cyber cyber, mega mega fail thing

The UK Cyber Security Council announced itself to the public realm last week by touting a domain it doesn't own. Helpfully, internet jokesters then bought up variations on the official address.…

Categories: News

What is operations-centric security?

Tue, 06/04/2021 - 08:30
Let’s find out... with Cybereason CEO Lior Div

Sponsored  The SolarWinds attacks compromised tens of thousands of systems across US federal government agencies and private sector companies alike. The US will feel its effects for years, and it was largely avoidable. In fact, according to Lior Div, CEO and co-founder of Cybereason, if those systems had been using a concept called operation-centric security, they could have spotted it immediately.…

Categories: News

'Anomalous surge in DNS queries' knocked Microsoft's cloud off the web last week

Tue, 06/04/2021 - 03:41
Plus: Top universities hit by data-stealing extortionists

in Brief  It was a tsunami of DNS queries that ultimately took out a host of Microsoft services, from Xbox Live to Teams, for some netizens about an hour on April Fools' Day, Redmond has said.…

Categories: News

Facebook says leak of 533m accounts is old news. But my date of birth, name, etc haven't changed in years, Zuck

Mon, 05/04/2021 - 22:05
Account info swiped in 2019 via security hole, sold online, now given away for free

Reams of personal data – including phone numbers, email addresses, and birthdays – obtained from 533 million Facebook accounts was offered to all for free on a cyber-crime forum over the weekend.…

Categories: News

QNAP caught napping as disclosure delay expires, critical NAS bugs revealed

Sat, 03/04/2021 - 00:07
Remote code execution hole, arbitrary file writing flaw could make a mess of stored files

Some QNAP network attached storage devices are vulnerable to attack because of two critical vulnerabilities, one that enables unauthenticated remote code execution and another that provides the ability to write to arbitrary files.…

Categories: News

Dutch watchdog fines €475k after it kept customer data thefts quiet for more than 3 weeks

Thu, 01/04/2021 - 17:12
Thousands of people's personal information purloined after UAE hotels compromised

The Netherlands Data Protection Authority has fined €475,000 for notifying it too late that criminals had accessed the data of 4,109 people who booked a hotel room via the website.…

Categories: News

Wi-Fi slinger Ubiquiti hints at source code leak after claim of ‘catastrophic’ cloud intrusion emerges

Thu, 01/04/2021 - 05:58
Says customer data wasn't touched, doesn't say much about being rooted

Wi-Fi kit-slinger Ubiquiti has suggested the attacker that accessed some of its cloud-hosted systems in January 2021 may have made off with source code and employee logins, not the customer data it initially warned could be in peril.…

Categories: News