The Register
Kaspersky culls staff, closes doors in US amid Biden's ban
Kaspersky has confirmed it will shutter its American operations and cut US-based jobs following President Biden's ban on the Russian business last month.…
ZDI shames Microsoft for – yet another – coordinated vulnerability disclosure snafu
Exclusive A Microsoft zero-day exploit that Trend Micro's Zero Day Initiative team claims it found and reported to Redmond in May was disclosed and patched by the Windows giant in July's Patch Tuesday – but without any credit given to ZDI.…
Infoseccers claim Squarespace migration linked to DNS hijackings at Web3 firms
Security researchers are claiming a spate of DNS hijackings at web3 businesses is linked to Squarespace's acquisition of Google Domains last year.…
Google reportedly in talks to buy infosec outfit Wiz for $23 billion
Ask any techie to name who leads the market for OSes, databases, networks or ERP and the answers are clear: Microsoft, Oracle, Cisco, and SAP.…
I spy another mSpy breach: Millions more stalkerware buyers exposed
Infosec in brief Commercial spyware maker mSpy has been breached – again – and millions of purchasers can be identified from the spilled records.…
UK cyber-boss slams China's bug-hoarding laws
ASIA IN BRIEF The interim CEO of the UK's National Cyber Security Centre (NCSC) has criticized China's approach to bug reporting.…
Three words to send a chill down your spine: Snowflake. Intrusion. Alert
Kettle For this week's Kettle episode, in which our journos as usual get together for an end-of-week chat about the news, it's security, security, security.…
Car dealer software slinger CDK Global said to have paid $25M ransom after cyberattack
CDK Global reportedly paid a $25 million ransom in Bitcoin after its servers were knocked offline by crippling ransomware.…
White House urged to double check Microsoft isn't funneling AI to China via G42 deal
Two House committee chairs have sent a public letter to the White House asking it to look into a deal between AI R&D outfit G42 and Microsoft.…
CISA broke into a US federal agency, and no one noticed for a full 5 months
The US Cybersecurity and Infrastructure Security Agency (CISA) says a red team exercise at a certain unnamed federal agency in 2023 revealed a string of security failings that exposed its most critical assets.…
Identity: the new security perimeter
Webinar Threat actors are always looking for that easy way in by testing weak spots, and user identities are one of their favourite targets.…
Break-in at 'third-party cloud platform' leaked 110M customer records, says AT&T
AT&T has admitted that cyberattackers grabbed a load of its data for the second time this year, and if you think the first haul was big you haven't seen anything: This one includes data on "nearly all" AT&T wireless customers - and those served by mobile virtual network operators (MVNOs) running on AT&T's network. …
Singapore's banks to ditch texted one-time passwords
After around two decades of allowing one-time passwords (OTPs) delivered by text message to assist log ins to bank accounts in Singapore, the city-state will abandon the authentication technique.…
China's APT41 crew adds a stealthy malware loader and fresh backdoor to its toolbox
Chinese government-backed cyber espionage gang APT41 has very likely added a loader dubbed DodgeBox and a backdoor named MoonWalk to its malware toolbox, according to cloud security service provider Zscaler’s ThreatLabz research team.…
'Gay furry hackers' say they've disbanded after raiding Project 2025's Heritage Foundation
After claiming to break into a database belonging to The Heritage Foundation, and then leaking 2GB of files belonging to the ultra-conservative think tank, the hacktivist crew SiegedSec claims to have disbanded. …
OpenSSH bug leaves RHEL 9 and the RHELatives vulnerable
The founder of Openwall has discovered a new signal handler race condition in the core sshd daemon used in RHEL 9.x and its various offshoots.…
Advance Auto Parts: 2.3M people's data accessed when crims broke into our Snowflake account
Advance Auto Parts' CISO just revealed for the first time the number of individuals affected when criminals broke into its Snowflake instance – a hefty 2.3 million.…
Privacy expert put away for 9 years after 'grotesque' cyberstalking campaign
A scumbag who used to work as a privacy consultant has been put behind bars for nine years for a "grotesque" cyberstalking campaign against more than a dozen victims.…
You had a year to patch this Veeam flaw and now it's going to hurt
Yet another new ransomware gang, this one dubbed EstateRansomware, is exploiting a Veeam vulnerability that was patched more than a year ago to drop file-encrypting malware, a LockBit variant, and extort payments from victims.…
Japanese space agency spotted zero-day attacks while cleaning up attack on M365
The Japanese Space Exploration Agency (JAXA) discovered it was under attack using zero-day exploits while working with Microsoft to probe a 2023 cyberattack on its systems.…