The Register

Admins urged to rotate machine keys, restart IIS after emergency fix

Microsoft has good news for administrators running SharePoint Server 2016. The cloud and software megacorp has published updates to close a gaping hole in the document management service.…

'We're going to smash the business model' NHS, councils, and schools told

The UK government is proposing to "ban" public sector organizations and critical national infrastructure from paying criminal operators behind ransomware attacks, under new measures outlined today.…

The modern art form that redeemed a Windows utility has lessons for all

Opinion  The speedrun is one of the internet's genuinely new artforms. At its best, it's akin to a virtuoso piano recital. Less emotional depth, more adrenalin. Watching an expert fly through a game creates an endorphin rush without the expense or time of doing it for yourself. …

No customer, partner info stolen, spokesperson tells The Reg

Dell has confirmed that criminals broke into its IT environment and stole some of its data — but told The Register that it's "primarily synthetic (fake) data."…

Move along, nothing to see here

comment  Here we go again. Another major Microsoft attack, with this one seeing someone — most likely government-backed hackers — exploiting a zero-day bug in SharePoint Server that Redmond failed to fix.…

Persians added snooping capabilities to DCHSpy after Israeli bombs fell

Four new samples of Android spyware linked to the Iranian Ministry of Intelligence and Security (MOIS) that collects WhatsApp data, records audio and video, and hunts for files by name, surfaced shortly after the Iran-Israel conflict began.…

Now flying again, but not saying what went wrong

UPDATED  US carrier Alaska Airlines has grounded its fleet due to an unspecified IT issue.…

PLUS: Perplexity AI scores 360-million-customer win in India; Australian billionaire’s political party suffers data breach, won’t contact victims; and more

Asia In Brief  Japan’s National Astronomical Observatory last week announced the discovery of a small body with an orbit beyond Pluto’s, and scientists think its presence means the “Planet 9” theory should be revisited.…

PLUS: China upgrades smartphone surveillance tools; Ring eases anti-snooping stance; and more

Infosec In Brief  Microsoft has warned users of SharePoint Server that three on-prem versions of the product include a zero-day flaw that is under attack – and that its own failure to completely fix past problems is the cause.…

Fancy Bear can't keep its claws out of Outlook inboxes

The UK government is warning that Russia's APT28 (also known as Fancy Bear or Forest Blizzard) has been deploying previously unknown malware to harvest Microsoft email credentials and steal access to compromised accounts.…

Keep It Simple, Stupid

Interview  Scattered Spider and Iranian government-backed cyber units have more in common than a recent uptick in hacking activity, according to Ariel Parnes, a former colonel in the Israeli Defense Forces' cyber unit 8200.…

WeTransfer added the magic words 'machine learning' to its ToS and users reacted predictably

Analysis  WeTransfer this week denied claims it uses files uploaded to its ubiquitous cloud storage service to train AI, and rolled back changes it had introduced to its Terms of Service after they deeply upset users. The topic? Granting licensing permissions for an as-yet-unreleased LLM product.…

Ads giant complains of damage to its reputation and finances ... and crime, too

Google has filed a lawsuit against 25 unnamed individuals in China it accuses of breaking into more than 10 million devices worldwide and using them to build a botnet, called BadBox 2.0, and then to carry out other cybercrimes and fraud.…

Three perfect 10s in the last month - ISE, ISE, baby

Cisco has issued a patch for a critical 10 out of 10 severity bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could allow an unauthenticated, remote attacker to run arbitrary code on the operating system with root-level privileges. …

Computer scientist Peter Gutmann tells The Reg why it's 'bollocks'

The US National Institute for Standards and Technology (NIST) has been pushing for the development of post-quantum cryptographic algorithms since 2016.…

It looks like enough of you are struggling to migrate that Redmond is willing to help out – for a price that might buy nothing

Microsoft has extended its security update programs for Exchange Server 2016 and 2019, and Skype for Business 2015 and 2019.…

'Deeply penetrated' Gaskar 'to the very tonsils of demilitarization'

Ukrainian hackers claim to have taken out the IT infrastructure at Russia's Gaskar Integration plant, one of the largest suppliers of drones for its army, and also destroyed massive amounts of technical data related to drone production. …

Two Russian suspects in cuffs, seven warrants out

International cops shut down more than 100 servers belonging to the pro-Russian NoName057(16) network this week as part of the Europol-led Operation Eastwood.…

Someone's OVERSTEPing the mark

Unknown miscreants are exploiting fully patched, end-of-life SonicWall VPNs to deploy a previously unknown backdoor and rootkit, likely for data theft and extortion, according to Google's Threat Intelligence Group.…

Supermarket announces white hat education scheme as four suspects released on bail

Co-op Group's chief executive officer has confirmed that all 6.5 million of the organization's members had their data stolen during its April cyberattack - Scattered Spider is believed to be behind the digital heist.…