The Register

Subscribe to The Register feed
Biting the hand that feeds IT — Enterprise Technology News and Analysis
Updated: 1 hour 21 min ago

Israeli authorities investigate NSO Group over Pegasus spyware abuse claims

7 hours 15 min ago
Reason for probe unknown, but CEO claims it will vindicate company's claims

Israel's Ministry of Defense says the nation's government has visited spyware-for-governments developer NSO Group to investigate allegations its wares have been widely – and perhaps willingly – misused.…

Categories: News

Here's a list of the flaws Russia, China, Iran and pals exploit most often, say Five Eyes infosec agencies

7 hours 49 min ago
And you've patched them all, haven't you, diligent readers?

Western cybersecurity agencies have published a list of 30 of the most exploited vulnerabilities abused by hostile foreign states in 2020, urging infosec bods to ensure their networks and deployments are fully patched against them.…

Categories: News

'Woefully insufficient': Biden administration's assessment of critical infrastructure infosec protection

9 hours 24 sec ago
Memorandum details plans to turn that around with rapid development of security baselines, not mandates

The Biden administration has issued a National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems to address what it describes as a "woefully insufficient" security posture.…

Categories: News

Over 100 Taiwanese political figures' messages leaked outta LINE app

9 hours 41 min ago
Attack turned off encryption function, which made snooping rather easier

Law enforcement agencies in Taiwan are investigating a cyberattack on over 100 local political figures and dignitaries who used the messaging app LINE.…

Categories: News

Security breaches where working from home is involved are costlier, claims IBM report

Wed, 28/07/2021 - 20:47
Great, it's not like employers need more reasons to haul you back to the office

Firms looking to save money by shifting to more flexible ways of working will need to think carefully about IT security and the additional cost of breaches linked to staff working from home.…

Categories: News

Iranian state-backed hackers posed as flirty Scouser called Marcy to target workers in defence and aerospace

Wed, 28/07/2021 - 17:45
Recognise this one? Oh dear...

Iranian state-backed hackers posed as a flirty Liverpudlian aerobics instructor in order to trick defence and aerospace workers into revealing secrets, according to a newly-published study.…

Categories: News

UK's National Cyber Security Centre needs its posh Westminster digs, says Cabinet Office, because of WannaCry

Wed, 28/07/2021 - 08:30
May need to upgrade 'bunfight' into 'cake-flinging war' over this one

Parliamentary criticism of the National Cyber Security Centre's "image over cost" London HQ is being shrugged off by the government because of the GCHQ offshoot's successful response to the WannaCry ransomware outbreak.…

Categories: News

Google revamps bug bounty program

Wed, 28/07/2021 - 07:58
Announces that it's paid out for 11,000 bugs in under eleven years

Google has revealed that its bug bounty program – which it styles a "Vulnerability Reward Program" – has paid out for 11,055 bugs found in its services since 2010.…

Categories: News

Biden warns 'real shooting war' will be sparked by severe cyber attack

Wed, 28/07/2021 - 05:58
Suggests incident 'of great consequence' in the real world could be a tipping point

United States President Joe Biden has shared his view that a "real shooting war" could be sparked by a severe cyber attack.…

Categories: News

Tencent suspends signups to WeChat, citing 'security upgrade' and need to comply with Chinese laws

Wed, 28/07/2021 - 02:30
Promises everything will be back to normal sometime in early August

Chinese web giant Tencent has suspended new signups to its WeChat messaging service.…

Categories: News

eBay ex-security boss sent down for 18 months for cyber-stalking, witness tampering

Wed, 28/07/2021 - 01:26
Four others at online tat bazaar admit trying to silence newsletter couple, two senior execs fight charges

The former global security manager for eBay was sentenced on Tuesday to 18 months in prison and was ordered to pay a $15,000 fine for his role in the cyber-stalking and harassment of a Massachusetts couple who published a newsletter critical of the internet yard sale.…

Categories: News

Misconfigured Azure Blob at Raven Hengelsport exposed records of 246,000 anglers – and took months to tackle, claim infosec researchers

Tue, 27/07/2021 - 21:49
18GB of Dutch fishing supplier's data left in unsecured server

Dutch fishing supply specialist Raven Hengelsport left details of around 246,000 customers visible to anyone on a misconfigured Microsoft Azure cloud server for months.…

Categories: News

Scam-baiting YouTube channel Tech Support Scams taken offline by tech support scam

Tue, 27/07/2021 - 20:44
'It was pretty convincing until the very end,' says host Jim Browning

The Tech Support Scams YouTube channel has been erased from existence in a blaze of irony as host and creator Jim Browning fell victim to a tech support scam that convinced him to secure his account – by deleting it.…

Categories: News

Tech biz must tell us about more security breaches, says as it ponders lowering report thresholds

Tue, 27/07/2021 - 19:15
Breach reporting law might have effect on overseas operators too

The British government wants to make Amazon, Google, and other digital service providers report cybersecurity breaches to the Information Commissioner, according to newly published plans.…

Categories: News

Compsci student walks off with $50,000 after bug bounty report blows gaping hole in Shopify software repos

Tue, 27/07/2021 - 13:14
First-timer wins maximum payout through HackerOne programme

Shopify has forked out $50,000 (£36,150) in a bug bounty payment to computer science student Augusto Zanellato following the discovery of a publicly available access token which gave world+dog read-and-write access to the company's source code repositories.…

Categories: News

It takes intuition and skill to find hidden evidence and hunt for elusive threats

Tue, 27/07/2021 - 08:28
Try the SANS DFIR-ence in Berlin this October

Promo  Whether it’s hunting for threats, tracking down security breaches, or gathering evidence, intuition helps though a thorough grounding in the latest techniques and tools for the platform in question is essential.…

Categories: News

SSD belonging to Euro-cloud Scaleway was stolen from back of a truck, then turned up on YouTube

Tue, 27/07/2021 - 04:58
Has since been recovered, and Scaleway now ships disks with GPS trackers

It sounds like a "dog ate my homework" excuse for the cloud age, but Euro-cloud Scaleway says one of its solid-state disks was stolen from a truck, turned up in the hands of a YouTuber, and has now made its way back home.…

Categories: News

Apple patches zero-day vulnerability in iOS, iPadOS, macOS under active attack

Tue, 27/07/2021 - 01:53
Characteristically mum about details

Apple on Monday patched a zero-day vulnerability in its iOS, iPadOS, and macOS operating systems, only a week after issuing a set of OS updates addressing about three dozen other flaws.…

Categories: News

You, too, can be a Windows domain controller and do whatever you like, with this one weird WONTFIX trick

Mon, 26/07/2021 - 21:31
Microsoft offers some mitigations for thwarting PetitPotam attacks

Microsoft completed a vulnerability hat-trick this month as yet another security weakness was uncovered in its operating systems. And this one doesn't even need authentication to work its magic.…

Categories: News

Somebody is destined for somewhere hot, and definitely not Coventry

Mon, 26/07/2021 - 08:30
Praise be for Firewalls

Who, Me?  Welcome to Who, Me?, where hallowed ground gets trampled as a reader inadvertently cleans up the collective act of the senior staff.…

Categories: News