The Register

Roses are red, violets are blue, CVE-2024-53704 is sweet for a ransomware crew

Miscreants are actively abusing a high-severity authentication bypass bug in unpatched internet-facing SonicWall firewalls following the public release of proof-of-concept exploit code.…

High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further

A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US Treasury in December, researchers say.…

Officer says mistakenly published police details were shared 'a considerable amount of times'

Two suspected New IRA members were arrested on Tuesday and charged under the Terrorism Act 2000 after they were found in possession of spreadsheets containing details of staff that the Police Service of Northern Ireland (PSNI) mistakenly published online.…

Germany's Federal Cartel Office voices concerns iPhone maker may be breaking competition law

Apple is feeling the heat over its acclaimed iPhone privacy policy after a German regulator's review of iOS tracking consent alleged that the tech giant exempted itself from the rules it enforces on third-party developers.…

Some employees steal sticky notes, others 'borrow' malicious code

A crew identified as a Chinese government-backed espionage group appears to have started moonlighting as a ransomware player – further evidence that lines are blurring between nation-state cyberspies and financially motivated cybercriminals.…

Networks in US and beyond compromised by Beijing's super-snoops pulling off priv-esc attacks

China's Salt Typhoon spy crew exploited vulnerabilities in Cisco devices to compromise at least seven devices linked to global telecom providers and other orgs, in addition to its previous victim count.…

Senator, Congressman tell DNI to threaten infosec agreements if Blighty won't back down

US lawmakers want newly confirmed Director of National Intelligence Tulsi Gabbard to back up her tough talk on backdoors. They're urging her to push back on the UK government's reported order for Apple to weaken iCloud security for government access.…

Yet another cash grab from Kim's cronies and an intel update from Microsoft

North Korea has changed tack: its latest campaign targets the NPM registry and owners of Exodus and Atomic cryptocurrency wallets.…

Limited-edition hotfix to get wider release before end of month

Administrators of Palo Alto Networks' firewalls have complained the equipment falls over unexpectedly, and while a fix has bee prepared, it's not yet generally available.…

‘What are customers actually getting from resellers other than massive price markups?’ asks Troy Hunt

Troy Hunt, proprietor of data breach lookup site Have I Been Pwned, is likely to ban resellers from the service.…

FBI, CISA harrumph at Microsoft and VMware in call for coders to quit baking avoidable defects into stuff

US authorities have labelled buffer overflow vulnerabilities "unforgivable defects”, pointed to the presence of the holes in products from the likes of Microsoft and VMware, and urged all software developers to adopt secure-by-design practices to avoid creating more of them.…

De-dupes some roles, hints others aren't needed as the infosec scene shifts

Nine days after completing its $859 million acquisition of managed detection and response provider Secureworks, Sophos has laid off around six percent of its staff.…

GOP lawyer Sean Cairncross will be learning on the fly, as we also say hi to new intelligence boss Tulsi Gabbard

President Trump has reportedly chosen a candidate for National Cyber Director — another top tech appointee with no professional experience in that role.…

300+ US companies, 70+ individuals hit by the fraudsters

An Arizona woman who created a "laptop farm" in her home to help fake IT workers pose as US-based employees has pleaded guilty in a scheme that generated over $17 million for herself... and North Korea.…

Analysts tell El Reg why Russia's operators aren't that careful, and why North Korea wants money AND data

Feature  Ransomware gangsters and state-sponsored online spies fall on opposite ends of the cyber-crime spectrum.…

'Near-global' initial access campaign active since 2021

An initial-access subgroup of Russia's Sandworm last year wriggled its way into networks within the US, UK, Canada and Australia, stealing credentials and data from "a limited number of organizations," according to Microsoft.…

Only lawmakers can stop them. Plus: software needs to be more secure, but what's in it for us?

Google says the the world's lawmakers must take action against the increasing links between criminal and state-sponsored cyber activity.…

Don't relax just yet: Redmond has made some certificate-handling changes that could trip unprepared admins

Patch Tuesday  Microsoft’s February patch collection is mercifully smaller than January’s mega-dump. But don't get too relaxed – some deserve close attention, and other vendors have stepped in with plenty more fixes.…

Numerous systemic vulnerabilities could scuttle $5.4T industry

Despite the escalating cyber threats targeting America's maritime transportation system, the US Coast Guard still lacks a comprehensive strategy to secure this critical infrastructure - nor does it have reliable access to data on cybersecurity vulnerabilities and past attacks, the Government Accountability Office (GAO) warns.…

Which is why Cisco is adding these Pensando DPUs to more switches

Cisco is cramming into more of its switches Pensando data processing units (DPUs) from AMD, which will be dedicated to handling security, storage, and other tasks.…