The Register
CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame
The US Cybersecurity and Infrastructure Security Agency (CISA) says vulnerabilities in Fortinet and Ivanti products are now being exploited, earning them places in its Known Exploited Vulnerabilities (KEV) catalog.…
Mozilla patches critical Firefox vuln that attackers are already exploiting
It's patch time for Firefox fans as Mozilla issues a security advisory for a critical code execution vulnerability in the browser.…
How to enable secure use of AI
Sponsored Post It's Cybersecurity Awareness Month again this October - a timely reminder for public and private sector organisations to work together and raise awareness about the importance of cybersecurity.…
How should CISOs respond to the rise of GenAI?
Partner Content As generative AI (GenAI) becomes increasingly integrated into the corporate world, it is transforming everyday operations across various industries.…
Dutch cops reveal takedown of 'world's largest dark web market'
The alleged administrators of the infamous Bohemia and Cannabia dark web marketplaces have been arrested after apparently shuttering the sites and trying to flee with their earnings.…
Internet Archive leaks user info and succumbs to DDoS
The Internet Archive had a bad day on the infosec front, after being DDoSed and exposing user data.…
Moscow-adjacent GoldenJackal gang strikes air-gapped systems with custom malware
A cyberespionage APT crew named GoldenJackal hacked air-gapped PCs belonging to government and diplomatic entities at least twice using two sets of custom malware, according to researchers from antivirus vendor ESET.…
Smart TVs are spying on everyone
Smart TVs are watching their viewers and harvesting their data to benefit brokers using the same ad technology that denies privacy on the internet.…
Marriott settles for a piddly $52M after series of breaches affecting millions
Marriott has agreed to pay a $52 million penalty and develop a comprehensive infosec program following a series of major data breaches between 2014 and 2020 that affected more than 344 million people worldwide.…
National Public Data files for bankruptcy, admits 'hundreds of millions' potentially affected
The Florida business behind data brokerage National Public Data has filed for bankruptcy, admitting "hundreds of millions" of people were potentially affected in one of the largest information leaks of the year.…
Microsoft cleans up hot mess of Patch Tuesday preview
Microsoft says that the problems with the Windows 11 Patch Tuesday preview have now been resolved.…
Ransomware gang Trinity joins pile of scumbags targeting healthcare
At least one US healthcare provider has been infected by Trinity, an emerging cybercrime gang with eponymous ransomware that uses double extortion and other "sophisticated" tactics that make it a "significant threat," according to the feds.…
Microsoft issues 117 patches – some for flaws already under attack
Patch Tuesday It's the second Tuesday of the month, which means Patch Tuesday, bringing with it fixes for numerous flaws, bugs and vulnerabilities in major software. And this one is a doozy.…
Qualcomm urges device makers to push patches after 'targeted' exploitation
Qualcomm has issued 20 patches for its chipsets' firmware, including one Digital Signal Processor (DSP) software flaw that has been exploited in the wild.…
Using iPhone Mirroring at work? You might have just overshared to your boss
If you're using iPhone Mirroring at work: it's time to stop, lest you give your employer's IT department the capability to snoop through your dating apps, photos, messages — and anything else you might want to keep to yourself.…
Happy birthday, Putin – you've been pwned
Ukrainian hackers shut down Russian state news agency VGTRK's online broadcasting and streaming services on Monday – president Vladimir Putin's 72nd birthday – as Kremlin officials vowed to bring those responsible for the "unprecedented" cyber attack to justice.…
Google brings better bricking to Androids, to curtail crims
Google has apparently started a global rollout of three features in Android designed to make life a lot harder for thieves to profit from purloined phones.…
Feds reach for sliver of crypto-cash nicked by North Korea's notorious Lazarus Group
The US government is attempting to claw back more than $2.67 million stolen by North Korea's Lazarus Group, filing two lawsuits to force the forfeiture of millions in Tether and Bitcoin.…
American Water stops billing for H2O due to 'cybersecurity incident'
American Water, which supplies over 14 million people in the US and numerous military bases, has stopped issuing bills and has taken its MyWater app offline while it investigates a hacking incident.…
Cops love facial recognition, and withholding info on its use from the courts
Police around the United States are routinely using facial recognition technology to help identify suspects, but those departments rarely disclose they've done so - even to suspects and their lawyers. …