The Register
New year, more bugs in Windows, Adobe, Android to be fixed
Patch Tuesday Microsoft rang in the New Year with a relatively calm Patch Tuesday: Just 49 Windows security updates including fixes for two critical-rated bugs, plus four high-severity Chrome flaws in Microsoft Edge.…
SEC Twitter hijacked to push fake news of hotly anticipated Bitcoin ETF approval
The SEC today said its Twitter account was hijacked to wrongly claim it had approved hotly anticipated Bitcoin ETFs, causing the cryptocurrency to spike and then slip in price.…
US Navy sailor swaps sea for cell after accepting bribes from Chinese snoops
A US Naval sailor will face more than two years behind bars after pleading guilty to taking bribes from Chinese spies in exchange for sensitive military information.…
And that's a wrap for Babuk Tortilla ransomware as free decryptor released
Security researchers have put out an updated decryptor for the Babuk ransomware family, providing a free solution for victims of the Tortilla variant.…
Apache OFBiz zero-day pummeled by exploit attempts after disclosure
SonicWall says it has observed thousands of daily attempts to exploit an Apache OFBiz zero-day for nearly a fortnight.…
British Library: Finances remain healthy as ransomware recovery continues
The British Library is denying reports suggesting the recovery costs for its 2023 ransomware attack may reach highs of nearly $9 million as work to restore services remains ongoing.…
Facebook, Instagram now mine web links you visit to fuel targeted ads
Infosec in brief We gather everyone's still easing themselves into the New Year. Deleting screens of unread emails, putting on a brave face in meetings, and slowly getting up to speed. While you're recovering from the Christmas break, Meta has been busy introducing fresh ways to monetize your web surfing habits while dressing it up as a user experience improvement.…
Ransomware payment ban: Wrong idea at the wrong time
Opinion A general ban on ransomware payments, as was floated by some this week, sounds like a good idea. Eliminate extortion as a source of criminal income, and the attacks are undoubtedly going to drop. …
After injecting cancer hospital with ransomware, crims threaten to swat patients
Extortionists are now threatening to swat hospital patients — calling in bomb threats or other bogus reports to the police so heavily armed cops show up at victims' homes — if the medical centers don't pay the crooks' ransom demands.…
BreachForums boss busted for bond blunders – including using a VPN
The cybercriminal behind BreachForums was this week arrested for violating the terms of his pretrial release and will now be held in custody until his sentencing hearing.…
Sandworm's Kyivstar attack should serve as a reminder of the Kremlin crew's 'global reach'
Russia's Sandworm crew appear to have been responsible for knocking out mobile and internet services to about 24 million users in Ukraine last month with an attack on telco giant Kyivstar.…
X-ploited: Mandiant restores hijacked Twitter account after attempted crypto heist
Miscreants took over security giant Mandiant's Twitter account for several hours on Wednesday in an attempt to steal cryptocurrency, then trolled the Google-owned security shop, telling its admins to change the password.…
Infosec experts divided over 23andMe's 'victim-blaming' stance on data breach
23andMe users' godawful password practices were supposedly to blame for the biotech company's October data disaster, according to its legal reps.…
Infostealer malware, weak password leaves Orange Spain RIPE for plucking
A weak password exposed by infostealer malware is being blamed after a massive outage at Orange Spain disrupted around half of its network's traffic.…
As lawmakers mull outlawing poor security, what can they really do to tackle online gangs?
Comment In some ways, the ransomware landscape in 2023 remained unchanged from the way it looked in previous years. Vendor reports continue to show a rise in attacks, major organizations are still getting hit, and the inherent issues that enable it as a business model remain unaddressed.…
Three Chinese balloons float near Taiwanese airbase
Four Chinese balloons have reportedly floated over the Taiwan Strait, three of them crossing over the island's land mass and near its Ching-Chuan-Kang air base before disappearing, according to the Taiwan's defense ministry.…
Microsoft kills off Windows app installation from the web, again
Microsoft has disabled a protocol that allowed the installation of Windows apps after finding that miscreants were abusing the mechanism to install malware.…
Estes refuses to deliver ransom, but admits client data got opened
One of America's biggest private freight shippers, Estes Express Lines, has told more than 20,000 customers that criminals may have stolen their personal information.…
Atos confirms talks with Airbus over cybersecurity wing sale
French IT services provider Atos has entered talks with Airbus to sell its tech security division in an effort to ease its financial burdens.…
Copy that? Xerox confirms 'security incident' at subsidiary
Xerox has officially confirmed that a cyber baddie broke into the systems of its US subsidiary - a week after INC Ransom claimed to have exfiltrated data from the copier and print giant.…