The Register

Subscribe to The Register feed
Biting the hand that feeds IT — Enterprise Technology News and Analysis
Updated: 1 hour 4 min ago

Feeld dating app's security too open-minded as private data swings into public view

Fri, 13/09/2024 - 19:22
No love for months-long wait to fix this, either

Security researchers have revealed a litany of failures in the Feeld dating app that could be abused to access all manner of private user data, including the most sensitive images not intended to be kept or shared.…

Categories: News

Cambodian senator sanctioned by US over alleged forced labor cyber-scam camps

Fri, 13/09/2024 - 06:29
Do not go on holiday to the O Smach Resort

The US Department of the Treasury’s Office of Foreign Assets Control issued sanctions on Thursday against Cambodian entrepreneur and senator Ly Yong Phat, for his "role in serious human rights abuse related to the treatment of trafficked workers subjected to forced labor in online scam centers."…

Categories: News

Australia’s government spent the week boxing Big Tech

Fri, 13/09/2024 - 05:47
With social media age limits, anti-scam laws, privacy tweaks, and misinformation rules Elon Musk labelled 'fascist'

Australia's government has spent the week reining in Big Tech.…

Categories: News

Feds pull plug on domains linked to import of Chinese gun conversion devices

Fri, 13/09/2024 - 02:58
Illegal goods allegedly shipped to the US labeled as toys or jewels

The US Attorney's Office in the District of Massachusetts has seized more than 350 internet domains allegedly used by Chinese outfits to sell US residents kits that convert semiautomatic pistols into fully automatic guns – and silence them as they fire.…

Categories: News

Fortinet admits miscreant got hold of customer data in the cloud

Fri, 13/09/2024 - 01:58
That would explain this 440GB leak, then

Fortinet has admitted that bad actors accessed cloud-hosted data about its customers, but insisted it was a "limited number" of files. The question is: how limited is "limited"?…

Categories: News

'Hadooken' Linux malware targets Oracle WebLogic servers

Fri, 13/09/2024 - 01:31
Nastyware seeks creds, mines crypto, and plants ransomware that isnt deployed - for now?

An unknown attacker is exploiting weak passwords to break into Oracle WebLogic servers and deploy an emerging Linux malware called Hadooken, according to researchers from cloud security outfit Aqua.…

Categories: News

I stole 20GB of data from Capgemini – and now I'm leaking it, says cyber-crook

Thu, 12/09/2024 - 21:48
Allegedly pilfered database has source code, private keys, staff info, T-Mobile VM logs, more

A miscreant claims to have broken into Capgemini and leaked a large amount of sensitive data stolen from the technology services giant – including source code, credentials, and T-Mobile's virtual machine logs.…

Categories: News

Mastercard splurges $2.65B on another big cyber buy – Recorded Future

Thu, 12/09/2024 - 20:00
The startup is already the go-to intel shop for 45 govs and half the Fortune 100

Mastercard has added another security asset to its growing portfolio, laying down $2.65 billion for threat intelligence giant Recorded Future.…

Categories: News

Adobe patches Acrobat bug, neglects to mention whole zero-day, exploit thing

Thu, 12/09/2024 - 19:29
SaaS seller sets severity to 'critical'

Adobe's patch for a remote code execution (RCE) bug in Acrobat doesn't mention that the vulnerability is considered a zero-day nor that a proof-of-concept (PoC) exploit exists, a researcher warns.…

Categories: News

Google Chrome gets a mind of its own for some security fixes

Thu, 12/09/2024 - 17:00
Browser becomes more proactive about trimming unneeded permissions and deceptive notifications

Google has enhanced Chrome's Safety Check so that it can make some security decisions on the user's behalf.…

Categories: News

Transport for London confirms 5,000 users' bank data exposed, pulls large chunks of IT infra offline

Thu, 12/09/2024 - 15:54
NCA confirms arrest of 17-year-old 'on suspicion of Computer Misuse Act offences' – now bailed

Breaking  Transport for London's ongoing cyber incident has taken a dark turn as the organization confirmed that some data, including bank details, might have been accessed, and 30,000 employees' passwords will need to be reset via in-person appointments.…

Categories: News

EU kicks off an inquiry into Google's AI model

Thu, 12/09/2024 - 13:15
Privacy regulator taking a closer look at data privacy and PaLM 2

The European Union's key regulator for data privacy, Ireland's Data Protection Commission (DPC), has launched a cross-border inquiry into Google's AI model to ascertain if it complies with the bloc's rules.…

Categories: News

About that Windows Installer 'make me admin' security hole. Here's how it's exploited

Thu, 12/09/2024 - 12:30
What kind of OS can be hijacked by clicking a link at just the right time? Microsoft's

In this week's Patch Tuesday Microsoft alerted users to, among other vulnerabilities, a flaw in Windows Installer that can be exploited by malware or a rogue user to gain SYSTEM-level privileges to hijack a PC.…

Categories: News

Mind your header! There's nothing refreshing about phishers' latest tactic

Thu, 12/09/2024 - 10:15
It could lead to a costly BEC situation

Palo Alto's Unit 42 threat intel team wants to draw the security industry's attention to an increasingly common tactic used by phishers to harvest victims' credentials.…

Categories: News

NIS2, DORA, and Tiber-EU expanding cybersecurity regulation

Thu, 12/09/2024 - 09:57
Get essential insights for IT security compliance and effectiveness from SANS

Webinar  As cybersecurity threats evolve, so do the regulations designed to protect businesses.…

Categories: News

If HDMI screen rips aren't good enough for you pirates, DeCENC is another way to beat web video DRM

Thu, 12/09/2024 - 08:25
Academically interesting technique for poking holes in paywalled tech specs

An anti-piracy system to protect online video streams from unauthorized copying is flawed – and can be broken to allow streamed media from Amazon, Netflix, and others to be saved, replayed, and spread at will, we're told.…

Categories: News

Pokémon GO was an intelligence tool, claims Belarus military official

Thu, 12/09/2024 - 07:32
Augmented reality meets warped reality

A defense ministry official from Belarus has claimed augmented reality game Pokémon GO was a tool of Western intelligence agencies.…

Categories: News

Healthcare giant to pay $65M settlement after crooks stole and leaked nude patient pics

Thu, 12/09/2024 - 03:24
Would paying a ransom - or better security - have been cheaper and safer?

A US healthcare giant will pay out $65 million to settle a class-action lawsuit brought by its own patients after ransomware crooks stole their data – including their nude photographs – and published at least some of them online.…

Categories: News

Cyber crooks shut down UK, US schools, thousands of kids affected

Wed, 11/09/2024 - 23:43
No class: Black Suit ransomware gang boasts of 200GB haul from one raid

Cybercriminals closed some schools in America and Britain this week, preventing kindergarteners in Washington state from attending their first-ever school day and shutting down all internet-based systems for Biggin Hill-area students in England for the next three weeks.…

Categories: News

Major sales and ops overhaul leads to much more activity ... for Meow ransomware gang

Wed, 11/09/2024 - 19:45
You hate to see it

The Meow ransomware group has grabbed the second most active gang spot in an unexpected surge in activity following a major brand overhaul.…

Categories: News

Pages