Students have work to complete at home in the meantime A UK high school will have to close for at least two days, today and tomorrow, after becoming the latest public-sector victim of ransomware criminals.... [...]
Competition hots up with Ivanti over who can have the worst start to a year Fortinet has confirmed that previous analyses of records leaked by the Belsen Group are indeed genuine FortiGate configs stolen during a zero-day raid in 2022.... [...]
Pastes allegedly stolen documents on leak site with £600K demand Another year and yet another UK local authority has been pwned by a ransomware crew. This time it's Gateshead Council in North East England at the hands of the Medusa group.... [...]
That's in addition to the $4.5M fine paid to three state AGs last year Enzo Biochem has settled a consolidated class-action lawsuit relating to its 2023 ransomware incident for $7.5 million.... [...]
Assist Security’s client list includes fashion icons, critical infrastructure orgs A London-based private security company allegedly left more than 120,000 files available online via an unsecured server, an infoseccer told The Register.... [...]
US, Japan, South Korea vow to intensify counter efforts North Korean blockchain bandits stole more than half a billion dollars in cryptocurrency in 2024 alone, the US, Japan, and South Korea say.... [...]
Packages removed, vendor said to have apologized to AI code editor as onlookers say it could have been a test Updated Developer security company Snyk is at the center of allegations concerning the possible targeting or testing of Cursor, an AI code editor company, using "malicious" packages uploaded to …
Stronger proposals may also see private sector applying for a payment 'license' A total ban on ransomware payments across the public sector might actually happen after the UK government opened a consultation on how to combat the trend of criminals locking up whole systems and taxpayers footing the bill …
This is what happens when you publish PoCs immediately, hm? "Several cloud deployments" are already compromised following the disclosure of the maximum-severity vulnerability in Aviatrix Controller, researchers say.... [...]
Unauthorized activity detected, but no backdoors found Exclusive UK domain registry Nominet is investigating a potential intrusion into its network related to the latest Ivanti zero-day exploits.... [...]
Details of afflictions and care plastered online BayMark Health Services, one of the biggest drug addiction treatment facilities in the US, says it is notifying some patients this week that their sensitive personal information was stolen.... [...]
Factory resets and apply patches is the advice amid fortnight delay for other appliances The cybersecurity industry is urging those in charge of defending their orgs to take mitigation efforts "seriously" as Ivanti battles two dangerous new vulnerabilities, one of which was already being exploited as a zero-day.... [...]
Tricky attackers trying yet again to deceive the good guys on home territory Security researchers are once again being lured into traps by attackers, this time with fake exploits of serious Microsoft security flaws.... [...]
Devices on six-year-old firmware vulnerable to takeover and destruction Updated Argentine cybersecurity shop Eclypsium claims security issues affecting leading DNA sequencing devices could lead to disruptions in crucial clinical research.... [...]
Various data points compromised but no risk to flight security The International Civil Aviation Organization (ICAO), the United Nations' aviation agency, has confirmed to The Register that a cyber crim did indeed steal 42,000 records from its recruitment database.... [...]
Crime forum-dweller claims to have leaked 42,000 documents packed with personal info The United Nations' aviation agency is investigating "a potential information security incident" after a cybercriminal claimed they had laid hands on 42,000 of the branch's documents.... [...]
Marc Rogers is 'lucky to be alive' Marc Rogers, DEF CON's head of security, faces tens of thousands of dollars in medical bills following an accident that left him with a broken neck and temporary quadriplegia.... [...]
Manufacturers should have had ample time to apply the fixes MediaTek kicked off the first full working week of the new year by disclosing a bevy of security vulnerabilities, including a critical remote code execution bug affecting 51 chipsets.... [...]
35 years since AIDS first borked a PC and we're still no closer to a solution Feature Your Christmas holidays looked quite different in the '80s to how they do today. While some will remember what it was like to wake up on the 25th back then, some of …
Personal and financial data probably stolen A cyberattack on a Deloitte-managed government system in Rhode Island carries a "high probability" of sensitive data theft, the state says.... [...]
More details released after devs allowed weeks to apply fixes We now know the remote code execution vulnerability in Apache Struts 2 disclosed back in November carries a near-maximum severity rating following the publication of the CVE.... [...]
Holiday cheer comes in the form of three arrests and 27 shuttered domains The Europol-coordinated Operation PowerOFF struck again this week as cross-border cops pulled the plug on 27 more domains tied to distributed denial of service (DDoS) criminality.... [...]
Patch up, everyone – that admin portal is mighty attractive to your friendly cyberattacker Ivanti just put out a security advisory warning of three critical vulnerabilities in its Cloud Services Application (CSA), including a perfect 10.... [...]
Thousands of servers targeted while customers wait for patches Researchers at security shop Huntress are seeing mass exploitation of a vulnerability affecting three Cleo file management products, even on patched systems.... [...]
Sounds like th-aorta get this sorted quickly A manufacturer of devices used in heart surgeries says it's dealing with "a cybersecurity incident" that bears all the hallmarks of a ransomware attack.... [...]