Remember that cost-cutting group once led by Elon Musk? Federal employees are still dealing with it A Social Security Administration employee has filed a whistleblower complaint alleging that Donald Trump's DOGE cost-cutting unit has put the records of every single American at risk by duplicating an agency database in …
Bill would let US President commission white hat hackers to go after foreign threats, seize assets on the online seas It's been more than 200 years since the United States issued a letter of marque allowing privateers to attack the vessels of foreign nations, but those letters may return …
PLUS: Kryptos solution up for auction; Canadian parliament springs a leak; Fake crypto lawyers; And more Infosec In Brief New York State is suing bank-owned peer-to-peer payment app Zelle, claiming that the banks behind it knew fraud was rampant on the platform but allowed scammers to conduct business with …
The agency offered some tips for operational technology environments, where attacks are rising CISA is urging companies with operational technology environments to set a better cybersecurity posture, and not just by adopting some new best practices and purchasing some new software.... [...]
PLUS: Crypto mixer founders plead guilty; Another French telco hacked; Meta fights WhatsApp scams; And more! Infosec In Brief A critical vulnerability in the on-prem version of Trend Micro's Apex One endpoint security platform is under active exploitation, the company admitted last week, and there's no patch available.... [...]
Illumina allegedly lied about its testing devices meeting government standards Biotech firm Illumina has agreed to cut the US government a check for the eminently affordable amount of $9.8 million to resolve allegations that it has been selling the feds genetic testing systems riddled with security vulnerabilities the …
Neil Smith has been trying to get the railroad industry to listen since 2012, but it took a CISA warning to get there When independent security researcher Neil Smith reported a vulnerability in a comms standard used by trains to the US government in 2012, he most likely didn't …
Also, Swiss ransomware posture looks like its cheese, the CVE Program wants YOU, more sus checks and more Infosec In Brief A security researcher looking at samples of stalkerware discovered an SQL vulnerability that allowed him to steal a database of 62,000 user accounts.... [...]
PLUS: Crooks target hardware crypto wallets; Bad flaws in Brother printers;,O365 allows takeover-free phishing; and more Infosec in Brief Despite warnings not to pay ransomware operators, almost half of those infected by the malware send cash to the crooks who planted it, according to infosec software slinger Sophos …
PLUS: 5.4M healthcare records leak; AI makes Spam harder to spot; Many nasty Linux vulns; and more Infosec in brief A former US Army sergeant has admitted he attempted to sell classified data to China.... [...]
PLUS: Discord invite links may not be safe; Miscreants find new way to hide malicious JavaScript; and more! Infosec In Brief A pair of Congressional Democrats have demanded a review of the Common Vulnerabilities and Exposures (CVE) program amid uncertainties about continued US government funding for the scheme.... [...]
PLUS: Doxxers jailed; Botnets bounce back; CISA questioned over app-vetting program closure; And more Infosec in Brief If a cyberattack hit critical infrastructure in the US, it would likely crumble, former deputy national security adviser and NSA cybersecurity director Anne Neuberger said last week.... [...]
Musk's 'Bitcoin-style encryption' claim has experts scratching their heads Elon Musk's X social media platform is rolling out a new version of its direct messaging feature that the platform owner said had a "whole new architecture," but as with many a Muskian proclamation, there's reason to doubt what's been …
PLUS: Ransomware gang using tech support scam; Czechia accuses China of infrastructure attack; And more! Infosec In Brief Despite last week’s FBI announcement that it helped to take down the crew behind the Lumma infostealer, the malware continues to operate.... [...]
Case in Germany could derail Zuck's plans, noyb tells El Reg fight isn't over The Irish Data Protection Commission has cleared the way for Meta to begin slurping up the data of European citizens for training AI next week, ongoing legal challenges notwithstanding.... [...]
PLUS: Euro-cops take down investment scammers; Fancy Bear returns to Ukraine; and more Infosec In Brief The Alabama state government is investigating an unspecified "cybersecurity event" that it said has affected some state systems, but didn't involve the theft of citizen's personal info.... [...]
'Legitimate interest' won't wash, says privacy outfit, as Zuck's org claims activists want to 'delay AI innovation' There's a Max Schrems-shaped object standing in the way of Meta's plans to train its AI on the data of its European users, and he's come armed with several justifications for why …
Admits due diligence fell short - furious users cry ‘gaslighting’ Customers are blasting VPN Secure's new parent company after it abruptly axed thousands of "lifetime" accounts. The reason? The CEO admits in an interview with The Register that his team didn't dig deep enough before acquiring the virtual private network …
PLUS: Celsius scammer sent to slammer; Death-by-hacking victim warns you're never safe; and more Infosec in brief Good cybersecurity habits don't appear to qualify anyone to work at DOGE, as one Musk minion seemingly fell victim to infostealer malware.... [...]
PLUS: AirPlay exploits; Six-year old backdoor opens; Raytheon settles federal charges; and more! Infosec In Brief Microsoft has decided to push its consumer customers to dump password in favor of passkeys.... [...]
25-year-old fella pleads guilty to stealing, dumping 1.1TB of data from the House of Mouse When someone stole more than a terabyte of data from Disney last year, it was believed to be the work of Russian hacktivists protesting for artist rights. We now know it was actually …
House Oversight probes missing Musk disclosures, background checks, data mess at NLRB Elon Musk is backing away from his Trump-blessed government gig, but now House Democrats want to see the permission slip that got him in the door.... [...]
Feds say $970K scheme defrauded 13+ companies A Maryland man has pleaded guilty to fraud after landing a job with a contractor working on US government software, and then outsourcing the work to a self-described North Korean developer in China.... [...]
Sometimes, silence is the best option An Oklahoma City cybersecurity professional accused of installing spyware on a hospital PC confirmed on LinkedIn key details of the drama.... [...]
PLUS: Microsoft fixes messes China used to attack it; Mitre adds ESXi advice; Employee-tracking screenshots leak; and more! Infosec in brief Samsung has warned that some of its Galaxy devices store passwords in plaintext.... [...]