Intel's Software Guard Extensions broken? Don't panic
More of a storm in a teacup Today's news that Intel's Software Guard Extensions (SGX) security system is open to abuse may be overstated.... [...]
More of a storm in a teacup Today's news that Intel's Software Guard Extensions (SGX) security system is open to abuse may be overstated.... [...]
Legitimate emails misclassified in software snafu Updated Many administrators have had a trying Monday after getting spammed out with false malware reports by Microsoft.... [...]
National security data up for grabs, Office of the Inspector General finds update The FBI has made serious slip-ups in how it processes and destroys electronic storage media seized as part of investigations, according to an audit by the Department of Justice Office of the Inspector General.... [...]
Also: British nuke subs get code from Russia; and BlackSuit begs for $500M Infosec in brief The United Nations often reaches consensus rather than complete agreement, but last week a proposal from Russia to cut down on cyber crime was unanimously approved.... [...]
Multiple critical flaws found and they won't be fixed A boffin from British defence contractor BAE has found three critical flaws in Cisco's Small Business SPA300 and SPA500 IP phones – and another couple of nasties – none of which will be fixed or mitigated.... [...]
Good luck, crackers: It's an isolated processor and storage enclave, and top dollar only comes from a remote attack Samsung has dangled its first $1 million bug bounty for anyone who successfully compromises Knox Vault – the isolated subsystem the Korean giant bakes into its smartphones to store info like …
Fake Angry IP Scanner will make you furious - or maybe remind you of how the Hive gang went about its banal business The latest malware from upstart criminal gang Hunters International appears to be targeting network admins, using malicious code disguised as the popular networking tool Angry IP Scanner …
Chap named 'Roman Boss' accused of being just that at a cryptocash laundering outfit Users of Cryptonator – an online digital wallet and cryptocurrency exchange – received an unpleasant surprise last weekend after the service was shuttered in a combined operation run by the FBI, the US Internal Revenue Service (IRS …
Plus: CISA's AI hire; and claimed Canuck SIM swappers busted Infosec in brief Scammers have been using Google's own ad system to fool people into downloading a borked copy of the Chocolate Factory's Authenticator software.... [...]
They say crime doesn't pay. They're right – it's the victims doing the paying An unnamed Fortune 50 corporation paid a stonking $75 million to a ransomware gang to stop it leaking terabytes of stolen data.... [...]
Our vultures gather to review this very freaky Friday Kettle If you're an IT administrator with Windows boxes on your network, Friday can't have been a lot of fun. What's likely millions of systems were or still are stuck in blue-screen boot loop hell, mostly requiring manual intervention to …
And can AI save us from the scourge of malware? In theory, why not, but in practice... Color us skeptical Kettle For this week's Kettle episode, in which our journos as usual get together for an end-of-week chat about the news, it's security, security, security.... [...]
It's been a long time coming. Now our journos speak their brains Kettle The US government on Thursday banned Kaspersky Lab from selling its antivirus and other products in America from late July, and from issuing updates and malware signatures from October.... [...]
Chip designer really gonna need to channel some Zen right now AMD's IT team is no doubt going through its logs today after cyber-crooks put up for sale what is claimed to be internal data stolen from the US microprocessor designer.... [...]
For starters: Crypto, import tariffs, and Microsoft shipping out staff Kettle It's been a fairly troubling week in terms of the relationship between China and the Western world.... [...]
No more illicit gains, for a while at least The FBI, in combination with police around the world, have taken control of the website and Telegram channel of ransomware brokerage site BreachForums.... [...]
On the plus side, infosec's a good bet for a long, stable career Interview This year is an unfortunate anniversary for information security: We're told it's a decade since ransomware started infecting corporations.... [...]
Developer of Square and Cash App reportedly has big back-end problems it was slow to fix Fintech biz Block is reportedly under investigation by US prosecutors over claims by a former employee that lax compliance checks mean its Square and Cash App services may have been used by terrorists …
What happened, how it was found, and what your vultures have made of it all Kettle It's been about a week since the shock discovery of a hidden and truly sophisticated backdoor in the xz software library that ordinarily is used by countless systems.... [...]
One might say this is a wurst case scenario The German Federal Office for Information Security (BIS) has issued an urgent alert about the poor state of Microsoft Exchange Server patching in the country.... [...]
Longtime host Caesars ends relationship at short notice It's an annual meme that DEF CON infosec conference has been canceled, but this time it actually happened, ish.... [...]
'The federal government has almost entirely abdicated its responsibility' For a country that prides itself on being free, America does seem to have an awful lot of spying going on, as the new Street Surveillance Hub from the Electronic Frontier Foundation shows.... [...]
After a week of incidents, Register vultures pick over the innards Kettle In this week's Kettle the topic is one that's been much in the news this week - the much-underrated insider threat issue.... [...]
BlackCat pounces on 7TB of data and theatens to release it Staff at one of the UK's largest hospital groups have spent a nervous week wondering if private data, stolen from their employer's IT systems by a ransomware gang, is going to be splurged online after a deadline to …
Plus OIG finds Uncle Sam fibbed over Login.gov In brief A team of hackers from French security shop Synacktiv have won $100,000 and a Tesla Model 3 after subverting the Muskmobile's entertainment system, and from there opening up the car's core management systems.... [...]