The Register

More than a dozen women came forward with accusations

Details about the harassment allegations leveled at DEF CON veteran Christopher Hadnagy have now been revealed after a motion for summary judgment was filed over the weekend.…

Why organizations should protect everything, everywhere, all at once

Sponsored Feature  Considering it has such a large share of the data protection market, Veeam doesn't talk much about backups in meetings with enterprise customers these days.…

Sly like a PRC cyberattack

A Chinese government-backed group is spoofing legitimate medical software to hijack hospital patients' computers, infecting them with backdoors, credential-swiping keyloggers, and cryptominers.…

Fuxnet and FrostyGoop were both used in the Russia-Ukraine war

Two new malware variants specifically designed to disrupt critical industrial processes were set loose on operational technology networks last year, shutting off heat to more than 600 apartment buildings in one instance and jamming communications to gas, water, and sewage network sensors in the other.…

Leaked chats and spilled secrets as AI helps decode circa 200K private talks

Southern Water neither confirms nor denies offering Black Basta a $750,000 ransom payment following its ransomware attack in 2024.…

Blueprints shared for jail-breaking models that expose their chain-of-thought process

Analysis  AI models like OpenAI o1/o3, DeepSeek-R1, and Gemini 2.0 Flash Thinking can mimic human reasoning through a process called chain of thought.…

Everyone knew texted OTPs were a dud back in 2016

Google has confirmed it will phase out the use of SMS text messages for multi-factor authentication in favor of more secure technologies.…

'Appropriate action will be taken,' we're told – as federal HR email sparks uproar, ax falls on CISA staff

Visitors to the US Department of Housing and Urban Development's headquarters in the capital got some unpleasant viewing on Monday morning after TV screens across the building began showing a deepfake video of President Trump kissing and sucking Elon Musk's toes.…

Four domains to build resilience

Partner Content  Security can feel like fighting a losing battle, but it doesn't have to be.…

No matter how deep you are in Apple's 'ecosystem,’ there are ways to stay encrypted in the UK

Apple customers, privacy advocates, and security sleuths have now had the weekend to stew over the news of the iGadget maker's decision to bend to the UK government and disable its Advanced Data Protection (ADP) feature.…

PLUS: SEC launches new crypto crime unit; Phishing toolkit upgraded; and more

Infosec in brief  Apple has responded to the UK government's demand for access to its customers’ data stored in iCloud by deciding to turn off its Advanced Data Protection (ADP) end-to-end encryption service for UK users.…

Researchers say there's dissent in the ranks. Plus: An AI tool lets you have a go yourself at analysing the data

Hundreds of thousands of internal messages from the Black Basta ransomware gang were leaked by a Telegram user, prompting security researchers to bust out their best Russian translations post haste.…

PoC exploit code shows why this is a patch priority

Security engineers have released a proof-of-concept exploit for four critical Ivanti Endpoint Manager bugs, giving those who haven't already installed patches released in January extra incentive to revisit their to-do lists.…

It comes amid a major crackdown on the abusive industry that started during COVID

Thailand is preparing to receive thousands of people rescued from scam call centers in Myanmar as the country launches a major crackdown on the pervasive criminal activity across its border.…

Nobody wants memory bugs. Penguinistas continue debate on how to squish 'em

Some Linux kernel maintainers remain unconvinced that adding Rust code to the open source project is a good idea, but its VIPs are coming out in support of the language's integration.…

Said bugs 'can have significant implications' – glad to hear that from Redmond

Microsoft is so concerned about security in its Copilot products for folks that it’s lifted bug bounty payments for moderate-severity vulnerabilities from nothing to a maximum of $5,000, and expanded the range of vulnerabilities it will pay people to find and report.…

Don't think this is SaaS and you can relax: Redmond wants a few of you to check your websites

Microsoft has fixed a security flaw in its Power Pages website-building SaaS, after criminals got there first – and urged users to check their sites for signs of exploitation.…

A painful loss for young company that's yet to generate revenue

A NASDAQ-listed US minerals company says cybercriminals broke into its systems on Valentine's Day and paid themselves around $500,000 – money earmarked for a vendor.…

Bugs fixed, updating to the latest version is advisable

Security sleuths found two critical vulnerabilities in a third-party library that MongoDB relies on, which means bad guys can potentially steal data and run code.…

The latest in a long line of fraud stings worth billions each year

Two men are in police custody after being arrested in connection with a July cryptocurrency fraud involving a man in his seventies.…