Hey, Xi: Zài jiàn! The FBI, working with French cops, obtained nine warrants to remotely wipe PlugX malware from thousands of Windows-based computers that had been infected by Chinese government-backed criminals, according to newly unsealed court documents.... [...]
Packages removed, vendor said to have apologized to AI code editor as onlookers say it could have been a test Updated Developer security company Snyk is at the center of allegations concerning the possible targeting or testing of Cursor, an AI code editor company, using "malicious" packages uploaded to …
That niche forum running for 20 years – get ready, there's work to do Analysis A little more than two months out from its first legal deadline, the UK’s Online Safety Act is causing concern among smaller online forums caught within its reach. The legislation, which came into law …
Stronger proposals may also see private sector applying for a payment 'license' A total ban on ransomware payments across the public sector might actually happen after the UK government opened a consultation on how to combat the trend of criminals locking up whole systems and taxpayers footing the bill …
Ransomware 'not off the table,' Arctic Wolf threat hunter tells El Reg Updated Miscreants running a "mass exploitation campaign" against Fortinet firewalls, which peaked in December, may be using an unpatched zero-day vulnerability to compromise the equipment, according to security researchers who say they've observed the intrusions.... [...]
This is what happens when you publish PoCs immediately, hm? "Several cloud deployments" are already compromised following the disclosure of the maximum-severity vulnerability in Aviatrix Controller, researchers say.... [...]
Scumbags stole API keys, then started a hacking-as-a-service biz, it is claimed Microsoft has sued a group of unnamed cybercriminals who developed tools to bypass safety guardrails in its generative AI tools. The tools were used to create harmful content, and access to the tools were sold as a …
It's fixed, mostly, after Europeans had a manic Monday Microsoft's multi-factor authentication (MFA) for Azure and Microsoft 365 (M365) was offline for four hours during Monday's busy start for European subscribers.... [...]
'Sweden has changed,' PM warns as trio of warships join defense efforts Sweden has committed to sending naval forces into the Baltic Sea following yet another suspected Russian attack on underwater cables in the region.... [...]
'Codefinger' crims on the hunt for compromised keys A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant's own server-side encryption with customer provided keys (SSE-C) to lock up victims' data before demanding a ransom payment for the symmetric AES-256 keys required to decrypt …
Unauthorized activity detected, but no backdoors found Exclusive UK domain registry Nominet is investigating a potential intrusion into its network related to the latest Ivanti zero-day exploits.... [...]
PLUS: Data broker leak reveals extent of info trading; Hot new ransomware gang might be all AI, no bark; and more Infosec in brief Gravy Analytics, a vendor of location intelligence info for marketers which reached a settlement with US authorities last year over its alleged unlawful sale of …
Gee, wonder why Beijing is so keen on the – checks notes – Committee on Foreign Investment in the US Chinese cyber-spies who broke into the US Treasury Department also stole documents from officials investigating real-estate sales near American military bases, it's reported.... [...]
Details of afflictions and care plastered online BayMark Health Services, one of the biggest drug addiction treatment facilities in the US, says it is notifying some patients this week that their sensitive personal information was stolen.... [...]
Screenshot showed it wasn't a possible attack – unless you qualify everything Google does as a threat On Call Velkomin, Vælkomin, Hoş geldin, and welcome to Friday, and therefore to another edition of On Call – The Register 's end-of-week celebration of the tech support tasks you managed to tackle without …
Beware the IoT that doesn’t get a security tag The White House this week introduced a voluntary cybersecurity labeling program for technology products so that consumers can have some assurance their smart devices aren't spying on them.... [...]
Factory resets and apply patches is the advice amid fortnight delay for other appliances The cybersecurity industry is urging those in charge of defending their orgs to take mitigation efforts "seriously" as Ivanti battles two dangerous new vulnerabilities, one of which was already being exploited as a zero-day.... [...]
Tricky attackers trying yet again to deceive the good guys on home territory Security researchers are once again being lured into traps by attackers, this time with fake exploits of serious Microsoft security flaws.... [...]
‘MirrorFace’ group found ways to run malware in the Windows sandbox, which may be worrying Japan’s National Police Agency and Center of Incident Readiness and Strategy for Cybersecurity have confirmed third party reports of attacks on local orgs by publishing details of a years-long series of attacks attributed …
Class act: Biz only serves 60M people across America, no biggie A leading education software maker has admitted its IT environment was compromised in a cyberattack, with students and teachers' personal data – including some Social Security Numbers and medical info – stolen.... [...]
In colossal surprise, ONCD boss Harry Coker says more work is needed The outgoing leader of the United States' Office of the National Cyber Director has a clear message for whomever President-elect Trump picks to be his successor: There's a lot of work still to do.... [...]
3 CVEs added to CISA's catalog Cybercriminals are actively exploiting two vulnerabilities in Mitel MiCollab, including a zero-day flaw – and a critical remote code execution vulnerability in Oracle WebLogic Server that has been abused for at least five years.... [...]
Devices on six-year-old firmware vulnerable to takeover and destruction Updated Argentine cybersecurity shop Eclypsium claims security issues affecting leading DNA sequencing devices could lead to disruptions in crucial clinical research.... [...]
Various data points compromised but no risk to flight security The International Civil Aviation Organization (ICAO), the United Nations' aviation agency, has confirmed to The Register that a cyber crim did indeed steal 42,000 records from its recruitment database.... [...]
Here's what $20 gets you these days More than 4,000 unique backdoors are using expired domains and/or abandoned infrastructure, and many of these expose government and academia-owned hosts – thus setting these hosts up for hijacking by criminals who likely have less altruistic intentions than the security researchers …