The Register

Remaining services are expected to return in the coming weeks after $22M ALPHV ransom

Change Healthcare has taken the first steps toward a full recovery from the ransomware attack in February by bringing its electronic prescription services back online.…

Classified docs, readable passwords, and thousands of personal information nabbed in Xplain breach

The Swiss government had around 65,000 files related to it stolen by the Play ransomware gang during an attack on an IT supplier, its National Cyber Security Center (NCSC) says.…

Who knew that unzipping a font archive could unleash a malicious file

Online graphic design platform Canva went looking for security problems in fonts, and found three – in "strange places."…

CISA announces more help, and calls on app makers to step up

The US government and some of the largest open source foundations and package repositories have announced a series of initiatives intended to improve software supply-chain security, while also repeating calls for developers to increase support for such efforts.…

'We refuse to operate as customer service representatives'

A group of 41 US state attorneys general, tired of serving as a customer complaint clearinghouse for Facebook and Instagram users, have sent a letter to Meta asking it to figure out how to reduce a "dramatic and persistent spike" in account takeovers.…

Under New Management is an early-warning system for potential poisoning of add-ons with malware

Millions of Chrome users now have a way to guard against the threat of extension subversion, that is, if they don't mind installing yet another browser extension.…

Alleged crim bought SmartScreen Killer, Cobalt Strike on dark-web markets

A criminal claiming to be an ALPHV/BlackCat affiliate — the gang responsible for the widely disruptive Change Healthcare ransomware infection last month —  may have ties to Chinese government-backed cybercrime syndicates.…

More than 1,000 servers remain unpatched and vulnerable

Security researchers are increasingly seeing active exploit attempts using the latest vulnerabilities in JetBrains' TeamCity that in some cases are leading to ransomware deployment.…

Company reassures public it has enough beer, expects quick recovery before weekend

Belgian beer brewer Duvel says a ransomware attack has brought its facility to a standstill while its IT team works to remediate the damage.…

Critical vulns in USB under ESXi and desktop hypervisors found by Chinese researchers at cracking contest

Hypervisors are supposed to provide an inviolable isolation layer between virtual machines and hardware. But hypervisor heavyweight VMware by Broadcom yesterday revealed its hypervisors are not quite so inviolable as it might like.…

Singaporean researchers note rising presence of ChatGPT creds in Infostealer malware logs

Stolen ChatGPT credentials are a hot commodity on the dark web, according to Singapore-based threat intelligence firm Group-IB, which claims to have found some 225,000 stealer logs containing login details for the service last year.…

The American mind must not be at the mercy of Chinese algorithms

A group of US lawmakers introduced legislation on Tuesday that, if passed, would force Chinese internet concern ByteDance to divest TikTok – its most valuable property – or see it banned in the US.…

Play Store commissions are a nice little earner, wherever they come from

Google has been accused of profiting from gift card scams.…

Moonlighted for PRC companies after side-stepping Big G's security, allegedly

A now-former Google employee has been charged with stealing the ad giant’s AI trade secrets while quietly working for two Chinese companies – after easily defeating whatever security controls Big G had in place.…

Jump in overall cybercrime reports, $60M-plus reportedly lost to extortionists alone, Feds reckon

Digital crimes potentially cost victims more than $12.5 billion last year, according to the FBI's latest Internet Crime Complaint Center (IC3) annual report. …

Two flaws fixed, one knee bent to the EU, and a budding cybersecurity star feature in iOS 17.4

Apple's latest security patches address four vulnerabilities affecting iOS and iPadOS, including two zero-days that intel suggests attackers have already exploited.…

Additional cuts announced, sparking fears of further layoffs

Outsourcing giant Capita today reported a net loss of £106.6 million ($135.6 million) for calendar 2023, with the costly cyberattack by criminals making a hefty dent in its annual financials.…

Please don't scare away foreign investors - who do you think pays for this stuff?

SEMI, an industry association representing 3,000 chip vendors, would really appreciate it if the European Union would back off plans to impose export controls on China, arguing that they should only be used as a "last resort" to protect national security.…

Government mighty displeased about a shared Active Directory that led to a big data leak

Japan's government has ordered local tech giants LINE and NAVER to disentangle their tech stacks, after a data breach saw over 510,000 users' data exposed.…

As the crooks behind the attack - probably ALPHV/BlackCat - fake their own demise

The US government has stepped in to help hospitals and other healthcare providers affected by the Change Healthcare ransomware infection, offering more relaxed Medicare rules and urging advanced funding to providers.…