News

Second attack on McLaren Health Care in a year affects 743k people

The Register - Mon, 23/06/2025 - 16:48
Criminals targeted the hospital and physician network’s Detroit cancer clinic this time

McLaren Health Care is in the process of writing to 743,131 individuals now that it fully understands the impact of its July 2024 cyberattack.…

Categories: News

Experts count staggering costs incurred by UK retail amid cyberattack hell

The Register - Mon, 23/06/2025 - 12:29
Cyber Monitoring Centre issues first severity assessment since February launch

Britain's Cyber Monitoring Centre (CMC) estimates the total cost of the cyberattacks that crippled major UK retail organizations recently could be in the region of £270-440 million ($362-591 million).…

Categories: News

Former US Army Sergeant pleads guilty after amateurish attempt at selling secrets to China

The Register - Mon, 23/06/2025 - 01:33
PLUS: 5.4M healthcare records leak; AI makes Spam harder to spot; Many nasty Linux vulns; and more

Infosec in brief  A former US Army sergeant has admitted he attempted to sell classified data to China.…

Categories: News

Netflix, Apple, BofA websites hijacked with fake help-desk numbers

The Register - Fri, 20/06/2025 - 22:10
Don’t trust mystery digits popping up in your search bar

Scammers are hijacking the search results of people needing 24/7 support from Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal in an attempt to trick victims into handing over personal or financial info, according to Malwarebytes senior director of research Jérôme Segura.…

Categories: News

Looks like Aflac is the latest insurance giant snagged in Scattered Spider’s web

The Register - Fri, 20/06/2025 - 18:55
If it looks like a duck and walks like a duck...

Aflac is the latest insurance company to disclose a security breach following a string of others earlier this week, all of which appear to be part of Scattered Spider's most recent data theft campaign.…

Categories: News

Qilin ransomware top dogs treat their minions to on-call lawyers for fierier negotiations

The Register - Fri, 20/06/2025 - 18:31
It's a marketing move to lure more affiliates, says infosec veteran

The latest marketing ploy from the ransomware crooks behind the Qilin operation involves offering affiliates access to a crack team of lawyers to ramp up pressure in ransom negotiations.…

Categories: News

Attack on Oxford City Council exposes 21 years of election worker data

The Register - Fri, 20/06/2025 - 11:45
Services coming back online after legacy systems compromised

Oxford City Council says a cyberattack earlier this month resulted in 21 years of data being compromised.…

Categories: News

Boffins devise voice-altering tech to jam 'vishing' schemes

The Register - Thu, 19/06/2025 - 20:25
To stop AI scam callers, break automatic speech recognition systems

Researchers based in Israel and India have developed a defense against automated call scams.…

Categories: News

Uncle Sam seeks time in tower dump data grab case after judge calls it 'unconstitutional'

The Register - Thu, 19/06/2025 - 17:30
Feds told they can't demand a haystack to find a needle

The United States is requesting [PDF] a month-long extension to the deadline for its final decision regarding an appeal against a judge's ruling that obtaining tower dumps is unconstitutional.…

Categories: News

Glazed and confused: Hole lotta highly sensitive data nicked from Krispy Kreme

The Register - Thu, 19/06/2025 - 14:29
Experts note 'major red flags' in donut giant's security as 161,676 staff and families informed of attack details

Krispy Kreme finally revealed the number of people affected by its November cyberattack, and it's easy to see why analyzing the incident took the well-resourced company several months.…

Categories: News

UK gov asks university boffins to pinpoint cyber growth areas where it should splash cash

The Register - Thu, 19/06/2025 - 12:57
Good to see government that values its academics (cough cough). Plus: New board criticized for lacking 'ops' people

Cybersecurity experts have started a formal review into the UK cybersecurity market, at the government's request, to identify future growth opportunities as it looks to grow the industry that's core to the country's Industrial Strategy.…

Categories: News

Sneaky Serpentine#Cloud slithers through Cloudflare tunnels to inject orgs with Python-based malware

The Register - Thu, 19/06/2025 - 07:29
Phishing, Python and RATs, oh my

A sneaky malware campaign slithers through Cloudflare tunnel subdomains to execute in-memory malicious code and give unknown attackers long-term access to pwned machines.…

Categories: News

Iran’s internet goes offline for hours amid claims of ‘enemy abuse’

The Register - Thu, 19/06/2025 - 04:46
Bank and crypto outfits hit after Israeli commander mentioned attacks expanding to ‘other areas’

The government of Iran appears to have shut down the internet within its borders, perhaps in response to Israel-linked cyberattacks.…

Categories: News

Minecraft cheaters never win ... but they may get malware

The Register - Wed, 18/06/2025 - 22:06
Infostealers posing as popular cheat tools are cropping up on GitHub

Trojanized Minecraft cheat tools hosted on GitHub have secretly installed stealers that siphon credentials, crypto wallets, and other sensitive data when executed by players.…

Categories: News

Asana's cutting-edge AI feature ran into a little data leakage problem

The Register - Wed, 18/06/2025 - 20:32
New MCP server was shut down for nearly two weeks

Asana has fixed a bug in its Model Context Protocol (MCP) server that could have allowed users to view other organizations' data, and the experimental feature is back up and running after nearly two weeks of downtime to fix the issue.…

Categories: News

Veeam patches third critical RCE bug in Backup & Replication in space of a year

The Register - Wed, 18/06/2025 - 14:33
Version 13 can’t come soon enough

Veeam Backup & Replication users are urged to apply the latest patches that fix another critical bug leading to remote code execution (RCE) on backup servers.…

Categories: News

How to bridge the MFA gap

The Register - Wed, 18/06/2025 - 09:00
If a credential is worth protecting, it's worth protecting well.

Sponsored feature  What do flossing and multi-factor authentication (MFA) have in common? Each is highly beneficial, yet far too few people do them consistently. MFA helps protect organizations from credential-based attacks, but according to the Cyber Readiness Institute, only 35% of businesses globally bother with it.…

Categories: News

Amazon CISO: Iranian hacking crews ‘on high alert’ since Israel attack

The Register - Wed, 18/06/2025 - 08:29
Meanwhile, next-gen script kiddies are levelling up faster thanks to agentic AI

Interview  Iran's state-sponsored cyber operatives and hacktivists have all increased their activities since the military conflict with Israel erupted last week – but not necessarily in the way that Amazon chief information security officer CJ Moses expected.…

Categories: News

Trump administration set to waive TikTok sell-or-die deadline for a third time

The Register - Wed, 18/06/2025 - 04:33
Quick reminder: The law that banned the app is called ‘Protecting Americans from Foreign Adversary Controlled Applications Act’

The Trump administration is set to again waive the 2024 law that requires the made-in-China social network TikTok to either sell its US operations to a local company or stop operating on US soil.…

Categories: News

AWS locks down cloud security, hits 100% MFA enforcement for root users

The Register - Tue, 17/06/2025 - 22:15
Plus adds a ton more security capabilities for cloud customers at re:Inforce

Amazon Web Services hit a major multi-factor authentication milestone, achieving 100 percent MFA enforcement for root users across all types of AWS accounts.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News