The Register
Texan's alleged Amazon bombing effort fizzles: Militia man wanted to take out 'about 70 per cent of the internet'
The US Justice Department on Friday announced the arrest of Seth Aaron Pendley, 28, for allegedly planning to blow up a single Amazon data center in Ashburn, Virginia, which he thought would knock out around 70 per cent of the internet.…
UK's National Cyber Security Centre recommends password generation idea suggested by El Reg commenter
Nearly a third of Britons use the name of their pet or a family member as a password, the National Cyber Security Centre has said as it advised folk to adopt what looks very much like a Register forum user's suggestion for secure password generation.…
CyberBattleSim: Microsoft's open-source Holodeck in which autonomous attackers, defenders duke it out
Microsoft has open-sourced software that pits machine-learning-powered network intruders against automated defenders inside virtual networks.…
How do we stamp out the ransomware business model? Ban insurance payouts for one, says ex-GCHQ director
Increasing numbers of senior ex-GCHQ people have called for laws preventing businesses using cyber insurance to buy off ransomware attackers – with the money merely perpetuating the criminals' business model.…
India uses controversial Aadhaar facial biometrics to identify COVID vaccination recipients
India’s National Health Authority has commenced a pilot of facial recognition software as a means of identifying people as they queue in the nation's COVID-19 vaccine centres.…
Belgian police seize 28 tons of cocaine after 'cracking' Sky ECC's chat app encryption
The Belgian plod says it seized 27.64 tons of cocaine worth €1.4bn (£1.2bn, $1.65bn) from shipments into Antwerp in the past six weeks after defeating the encryption in the Sky ECC chat app to read drug smugglers' messages.…
There’s a whole wide world of web application firewall options – so how do you choose the right one?
Webcast If you’ve got an application which faces the web, no one would dispute that you should probably have a web application firewall sitting in front of it.…
Indian defense chief admits China’s cyber-weapons would ‘disrupt large number of systems’ whenever Beijing presses the button
Video The highest-ranked officer in India’s armed forces has admitted that China has cyber-war capabilities that can overwhelm his nation’s defenses and suggested that only cross-forces collaboration will get India to parity with its giant neighbor.…
Another supply-chain attack? Android maker Gigaset injects malware into victims' phones via poisoned update
Android smartphones from Gigaset have been infected by malware direct from the manufacturer in what appears to be a supply-chain attack.…
Update on PHP source code compromise: User database leak suspected
PHP maintainer Nikita Popov has posted an update concerning how the source code was compromised and malicious code inserted – blaming a user database leak rather than a problem with the server itself.…
Cybercrooks targeting UK organisations started 2020 strong only for attacks to wither away by Christmas
Compromising every web-connected server and service you can find gets tiring after a while – and by the end of 2021 internet criminals targeting British companies were as fatigued as the rest of us, according to Bitdefender.…
Atheists appeal to higher power for intercession over alleged sins against privacy
The Atheist Alliance International, an organisation that works to demystify atheism and advocate for secular governance, has taken legal action it hopes will prove that members’ personal data does not remain in the possession of the rival International Association of Atheists.…
SAP: It takes exploit devs about 72 hours to turn one of our security patches into a weapon against customers
SAP and security analysts Onapsis say cyber-criminals are pretty quick to analyze the enterprise software outfit's patches and develop exploits to get into vulnerable systems.…
Their 'next job could be in cyber': UK Cyber Security Council launches itself by pointing world+dog to domain it doesn't own
The UK Cyber Security Council announced itself to the public realm last week by touting a domain it doesn't own. Helpfully, internet jokesters then bought up variations on the official address.…
What is operations-centric security?
Sponsored The SolarWinds attacks compromised tens of thousands of systems across US federal government agencies and private sector companies alike. The US will feel its effects for years, and it was largely avoidable. In fact, according to Lior Div, CEO and co-founder of Cybereason, if those systems had been using a concept called operation-centric security, they could have spotted it immediately.…
'Anomalous surge in DNS queries' knocked Microsoft's cloud off the web last week
in Brief It was a tsunami of DNS queries that ultimately took out a host of Microsoft services, from Xbox Live to Teams, for some netizens about an hour on April Fools' Day, Redmond has said.…
Facebook says leak of 533m accounts is old news. But my date of birth, name, etc haven't changed in years, Zuck
Reams of personal data – including phone numbers, email addresses, and birthdays – obtained from 533 million Facebook accounts was offered to all for free on a cyber-crime forum over the weekend.…
QNAP caught napping as disclosure delay expires, critical NAS bugs revealed
Some QNAP network attached storage devices are vulnerable to attack because of two critical vulnerabilities, one that enables unauthenticated remote code execution and another that provides the ability to write to arbitrary files.…
Dutch watchdog fines Booking.com €475k after it kept customer data thefts quiet for more than 3 weeks
The Netherlands Data Protection Authority has fined Booking.com €475,000 for notifying it too late that criminals had accessed the data of 4,109 people who booked a hotel room via the website.…
Wi-Fi slinger Ubiquiti hints at source code leak after claim of ‘catastrophic’ cloud intrusion emerges
Wi-Fi kit-slinger Ubiquiti has suggested the attacker that accessed some of its cloud-hosted systems in January 2021 may have made off with source code and employee logins, not the customer data it initially warned could be in peril.…