The Register
Fortinet: FortiGate config leaks are genuine but misleading
Fortinet has confirmed that previous analyses of records leaked by the Belsen Group are indeed genuine FortiGate configs stolen during a zero-day raid in 2022.…
Clock ticking for TikTok as US Supreme Court upholds ban
updated The US Supreme Court has upheld a law requiring TikTok to either divest from its Chinese parent company ByteDance or face a ban in the United States. The decision eliminates the final legal obstacle to the federal government forcing a shutdown of the platform on January 19.…
Six vulnerabilities in ubiquitous rsync tool announced and fixed in a day
Don't panic. Yes, there were a bunch of CVEs affecting potentially hundreds of thousands of users found in rsync in early December – and made public on Tuesday – but a fixed version came out the same day, and was further tweaked for better compatibility the following day.…
Medusa ransomware group claims attack on UK's Gateshead Council
Another year and yet another UK local authority has been pwned by a ransomware crew. This time it's Gateshead Council in North East England at the hands of the Medusa group.…
Microsoft eggheads say AI can never be made secure – after testing Redmond's own products
Microsoft brainiacs who probed the security of more than 100 of the software giant's own generative AI products came away with a sobering message: The models amplify existing security risks and create new ones.…
Just as your LLM once again goes off the rails, Cisco, Nvidia are at the door smiling
Cisco and Nvidia have both recognized that as useful as today's AI may be, the technology can be equally unsafe and/or unreliable – and have delivered tools in an attempt to help address those weaknesses.…
GM parks claims that driver location data was given to insurers, pushing up premiums
General Motors on Thursday said that it has reached a settlement with the FTC "to address privacy concerns about our now-discontinued Smart Driver program."…
Russia's Star Blizzard phishing crew caught targeting WhatsApp accounts
Star Blizzard, a prolific phishing crew backed by the Russian Federal Security Service (FSB), conducted a new campaign aiming to compromise WhatsApp accounts and gain access to their messages and data, according to Microsoft.…
Enzo Biochem settles lawsuit over 2023 ransomware attack for $7.5M
Enzo Biochem has settled a consolidated class-action lawsuit relating to its 2023 ransomware incident for $7.5 million.…
Cybersecurity rethink - from reaction to resilience
Webinar Are you tired of constant firefighting in the ever-changing cybersecurity landscape?…
Raspberry Pi hands out prizes to all in the RP2350 Hacking Challenge
Raspberry Pi has given out prizes for extracting a secret value from the one-time-programmable (OTP) memory of the Raspberry Pi RP2350 microcontroller – awarding a pile of cash to all four entrants.…
Infoseccer: Private security biz let guard down, exposed 120K+ files
A London-based private security company allegedly left more than 120,000 files available online via an unsecured server, an infoseccer told The Register.…
GoDaddy slapped with wet lettuce for years of lax security and 'several major breaches'
GoDaddy has failed to protect its web-hosting platform with even basic infosec tools and practices since 2018, according to the FTC, but the internet giant won’t face any immediate consequences for its many alleged acts of omission.…
DJI loosens flight restrictions, decides to trust operators to follow FAA rules
Drone maker DJI has decided to scale back its geofencing restrictions, meaning its software won't automatically stop operators from flying into areas flagged as no-fly zones. …
China's Salt Typhoon spies spotted on US govt networks before telcos, CISA boss says
Beijing's Salt Typhoon cyberspies had been seen in US government networks before telcos discovered the same foreign intruders in their own systems, according to CISA boss Jen Easterly.…
Even modest makeup can thwart facial recognition
Researchers at cyber-defense contractor PeopleTec have found that facial-recognition algorithms' focus on specific areas of the face opens the door to subtler surveillance avoidance strategies.…
Windows Patch Tuesday hits snag with Citrix software, workarounds published
Devices that have Citrix's Session Recording software installed are having problems completing this month's Microsoft Patch Tuesday update, which includes important fixes.…
Crypto klepto North Korea stole $659M over just 5 heists last year
North Korean blockchain bandits stole more than half a billion dollars in cryptocurrency in 2024 alone, the US, Japan, and South Korea say.…
Microsoft fixes under-attack privilege-escalation holes in Hyper-V
Patch Tuesday The first Patch Tuesday of 2025 has seen Microsoft address three under-attack privilege-escalation flaws in its Hyper-V hypervisor, plus plenty more problems that deserve your attention.…
FBI wipes Chinese PlugX malware from thousands of Windows PCs in America
The FBI, working with French cops, obtained nine warrants to remotely wipe PlugX malware from thousands of Windows-based computers that had been infected by Chinese government-backed criminals, according to newly unsealed court documents.…