The Register

Mummy, where do zero days come from?

Opinion  One of the charms of coding is that malice can be indistinguishable from incompetence. Last week's Who, Me? story about financial transfer test software running amok is a case in point.…

Dual Russian-Israeli national arrested in August

An alleged LockBit ransomware developer is in custody in Israel and awaiting extradition to the United States.…

Also, Ascension notifies 5.6M victims, Krispy Kreme bandits come forward, LockBit 4.0 released, and more

in brief  Google has announced plans to allow its business customers to begin "fingerprinting" users next year, and the UK Information Commissioner's Office (ICO) isn't happy about it. …

Yes, LLMs can do the heavy lifting. But good luck getting one to give evidence

CANALYS FORUMS APAC  Generative AI is being enthusiastically adopted in almost every field, but infosec experts are divided on whether it is truly helpful for red team raiders who test enterprise systems.…

Recent campaign targeted 20,000 folk across UK and Europe with this tactic, Unit 42 warns

Unknown criminals went on a phishing expedition that targeted about 20,000 users across the automotive, chemical and industrial compound manufacturing sectors in Europe, and tried to steal account credentials and then hijack the victims' Microsoft Azure cloud infrastructure.…

It could end up like Huawei -Trump's gonna get ya, get ya, get ya

The Feds may ban the sale of TP-Link routers in the US over ongoing national security concerns about Chinese-made devices being used in cyberattacks.…

Enrolment invitations will continue until security improves

Microsoft last week lauded the success of its efforts to convince customers to use passkeys instead of passwords, without actually quantifying that success.…

All it took to make an Google Edge TPU give up model hyperparameters was specific hardware, a novel attack technique … and several days

Computer scientists from North Carolina State University have devised a way to copy AI models running on Google Edge Tensor Processing Units (TPUs), as used in Google Pixel phones and third-party machine learning accelerators.…

Not that you needed another reason to enable the 'known senders' setting

Criminals are spoofing Google Calendar emails in a financially motivated phishing expedition that has already affected about 300 organizations with more than 4,000 emails sent over four weeks, according to Check Point researchers.…

Victims' feelings might get hurt, global cops contend, and that could hinder reporting

Interpol wants to put an end to the online scam known as "pig butchering" – through linguistic policing, rather than law enforcement.…

You applied the patch that could stop possible RCE attacks last week, right?

A critical security hole in Apache Struts 2, patched last week, is now being exploited using publicly available proof-of-concept (PoC) code.…

€251 million? Zuck can find that in his couch cushions, but Meta still vows to appeal

It's been six years since miscreants abused some sloppy Facebook code to steal access tokens belonging to 30 million users, and the slow-turning wheels of Irish justice have finally caught up with a €251 million ($264 million) fine for the social media biz. …

Fresh attempt to mix the perfect cocktail of IoT and Infosec

BlackBerry's ambition to mix infosec and the Internet of Things has been squeezed, after the Canadian firm announced it is offloading Cylance's endpoint security products.…

The likes of SHA-256, RSA, ECDSA and ECDH won't be welcome in just five years

Australia's chief cyber security agency has decided local orgs should stop using the tech that forms the current cryptographic foundation of the internet by the year 2030 – years before other nations plan to do so – over fears that advances in quantum computing could render it insecure.…

But can you really take crims at their word?

Supply chain integration vendor Cleo has urged its customers to upgrade three of its products after an October security update was circumvented, leading to widespread ransomware attacks that Russia-linked gang Cl0p has claimed are its evil work.…

The US has never attacked Chinese critical infrastructure before, right?

President-elect Donald Trump's team wants to go on the offensive against America's cyber adversaries, though it isn't clear how the incoming administration plans to achieve this. …

Personal and financial data probably stolen

A cyberattack on a Deloitte-managed government system in Rhode Island carries a "high probability" of sensitive data theft, the state says.…

Plus: Netscaler brute force barrage; BeyondTrust API key stolen; and more

Infosec in brief  There's a problem of titanic proportions brewing for users of the Prometheus open source monitoring toolkit: hundreds of thousands of servers and exporters are exposed to the internet, creating significant security risks and leaving organizations vulnerable to attack.…

IOCONTROL targets IoT and OT devices from a ton of makers, apparently

An Iranian government-linked cybercriminal crew used custom malware called IOCONTROL to attack and remotely control US and Israel-based water and fuel management systems, according to security researchers.…

'Today’s sentencing is more than just a punishment. It’s a message'

A Texan who ran a forum on the dark web where depraved netizens could swap child sex abuse material (CSAM), and chat freely about abusing kids, has been sentenced to 30 years in prison.…