The Register
Biden's budget proposal boosts CISA funding to $3B
US President Joe Biden has asked Congress to approve an extra $103 million in funding for the Cybersecurity and Infrastructure Security Agency, bringing CISA's total budget to $3 billion.…
JetBrains is still mad at Rapid7 for the ransomware attacks on its customers
Last week, we wrote about how security outfit Rapid7 threw JetBrains, the company behind the popular CI/CD platform TeamCity, under the bus over allegations of silent patching. Now, JetBrains has gone on the offensive.…
UK council yanks IT systems and phone lines offline following cyber ambush
Leicester City Council says IT systems and a number of its critical service phone lines will remain down until later this week at the earliest following a "cyber incident".…
French government sites disrupted by <i>très grande</i> DDoS
Several French government websites have been disrupted by a severe distributed denial of service attack.…
White House and lawmakers increase pressure on UnitedHealth to ease providers' pain
The Biden administration and US lawmakers are turning up the pressure on UnitedHealth group to ease medical providers' pain after the ransomware attack on Change Healthcare, by expediting payments to hospitals, physicians and pharmacists – among other tactics.…
Kremlin accuses America of plotting cyberattack on Russian voting systems
The Kremlin has accused the United States of meddling in Russia's upcoming presidential election, and even accused Uncle Sam of planning a cyberattack on the country's online voting system.…
British Library pushes the cloud button, says legacy IT estate cause of hefty rebuild
The British Library says legacy IT is the overwhelming factor delaying efforts to recover from the Rhysida ransomware attack in late 2023.…
How do you lot feel about Pay or say OK to ads model, asks ICO
The UK's Information Commissioner's Office (ICO) has opened a consultation on "consent or pay" business models. We're sure readers of The Register will have a fair few things to say.…
Microsoft waited 6 months to patch actively exploited admin-to-kernel vulnerability
Infosec in brief Cybersecurity researchers informed Microsoft that Notorious North Korean hackers Lazarus Group discovered the "holy grail" of rootkit vulnerabilities in Windows last year, but Redmond still took six months to patch the problem.…
Cybercrime crew Magnet Goblin bursts onto the scene exploiting Ivanti holes
There's yet another group of miscreants out there hijacking insecure Ivanti devices: A new, financially motivated gang dubbed Magnet Goblin has emerged from the shadowy digital depths with a knack for rapidly exploiting newly disclosed vulnerabilities before vendors have issued a fix.…
Microsoft confirms Russian spies stole source code, accessed internal systems
Microsoft has now confirmed that the Russian cyberspies who broke into its executives' email accounts stole source code and gained access to internal systems. The Redmond giant has characterized the intrusion as "ongoing."…
Change Healthcare registers pulse after crippling ransomware attack
Change Healthcare has taken the first steps toward a full recovery from the ransomware attack in February by bringing its electronic prescription services back online.…
Swiss cheese security? Play ransomware gang milks government of 65,000 files
The Swiss government had around 65,000 files related to it stolen by the Play ransomware gang during an attack on an IT supplier, its National Cyber Security Center (NCSC) says.…
Font security 'still a Helvetica of a problem' says Australian graphics outfit Canva
Online graphic design platform Canva went looking for security problems in fonts, and found three – in "strange places."…
Securing open source software: Whose job is it, anyway?
The US government and some of the largest open source foundations and package repositories have announced a series of initiatives intended to improve software supply-chain security, while also repeating calls for developers to increase support for such efforts.…
We're not Meta support: State AGs tell Zuck to fix rampant account takeover problem
A group of 41 US state attorneys general, tired of serving as a customer complaint clearinghouse for Facebook and Instagram users, have sent a letter to Meta asking it to figure out how to reduce a "dramatic and persistent spike" in account takeovers.…
Chrome users – get an alert when extensions are in danger of falling into wrong hands
Millions of Chrome users now have a way to guard against the threat of extension subversion, that is, if they don't mind installing yet another browser extension.…
Possible China link to Change Healthcare ransomware attack
A criminal claiming to be an ALPHV/BlackCat affiliate — the gang responsible for the widely disruptive Change Healthcare ransomware infection last month — may have ties to Chinese government-backed cybercrime syndicates.…
JetBrains TeamCity under attack by ransomware thugs after disclosure mess
Security researchers are increasingly seeing active exploit attempts using the latest vulnerabilities in JetBrains' TeamCity that in some cases are leading to ransomware deployment.…
Belgian ale legend Duvel’s brewery borked as ransomware halts production
Belgian beer brewer Duvel says a ransomware attack has brought its facility to a standstill while its IT team works to remediate the damage.…