Let the games begin Ransomware has officially entered the Microsoft SharePoint exploitation ring.... [...]

Some coyotes hunt squirrels, this one hunts users' financial apps A new variant of the Coyote banking trojan abuses Microsoft's UI Automation (UIA), making it the first reported malware to use UIA for credential theft.... [...]

Palantir, data brokers, and judicial overreach are all on the horizon, executive director Cindy Cohn warns Interview In July 1990, before the World Wide Web even existed, an unusual alliance was formed to fight for the rights of the emerging online community.... [...]

Malicious actor reportedly sought to expose AWS 'security theater' The official Amazon Q extension for Visual Studio Code (VS Code) was compromised to include a prompt to wipe the user's home directory and delete all their AWS resources.... [...]

French fashion house dishes out notices after hackers raided a client database – ShinyHunters suspected Updated Fashion house Dior has begun dropping data breach notices after cybercrooks with a taste for high-end targets made off with customer data.... [...]

The "is" package was infected with cross-platform malware after a scam targeting maintainers The popular npm package "is" was infected with cross-platform malware, around the same time that linting utility packages used with the prettier code formatter were infected with Windows-only malware.... [...]

From scams to violence, the crimes extend beyond the digital realm A subset of an online group that recruits children and teens for contract shootings, kidnappings, and other real-life violent crimes poses a growing threat to youth, according to the FBI.... [...]

No screenshots for you! In an effort to protect user privacy, Brave browser 1.81 will prevent Microsoft Recall from screenshotting it by default.... [...]

US DOE among breached government agencies More than 400 organizations have been compromised in the Microsoft SharePoint attack, according to Eye Security, which initially sounded the alarm on the mass exploitation last Friday, even before Redmond confirmed the critical vulnerabilities.... [...]

Despite pledging help for those who don’t sign for subs, Broadcom says validating their entitlements will delay support Exclusive Some customers of Broadcom’s VMware business currently cannot access security patches, putting them at greater risk of attack.... [...]

All security questions are hard to answer, but these three are non-negotiable Partner content We've all seen those seemingly straightforward security questions that snowball into multi-day research projects across dozens of consoles, spreadsheets, and manual queries. The reality is that even the most fundamental security questions are notoriously difficult …

Hand us the mind bleach, we want to flush our memories of attack Clorox is suing its service desk provider, Cognizant, for $380 million in a California state court, alleging the IT support crew "enabled a cybercriminal to gain a foothold in Clorox's network" by handing over staffers' passwords …

Total Recall: Capturing everything you do on your PC screen to become a 'true companion' Microsoft is again throwing AI at Windows 11 to see what sticks, releasing features including the even more eyebrow-raising successor to its controversial Recall, a screen-streaming remotely processed backseat driver dubbed Copilot Vision.... [...]

Suggests buying local tech to avoid infosec worries China’s Ministry of State Security has spent the week warning of backdoored devices on land and at sea.... [...]

CyberSentry work grinds to a halt Government funding for a program that hunts for threats on America's critical infrastructure networks expired on Sunday, preventing Lawrence Livermore National Laboratory from analyzing activity that could indicate a cyberattack, the program director told Congress on Tuesday.... [...]

The distro's greatest asset is arguably also its greatest weakness If you installed the Firefox, LibreWolf, or Zen web browsers from the Arch User Repository (AUR) in the last few days, delete them immediately and install fresh copies.... [...]

With more to come, no doubt At least three Chinese groups are attacking on-premises SharePoint servers via a couple of recently disclosed Microsoft bugs, according to Redmond.... [...]

Used stolen info to pitch for Chinese tech talent program A Silicon Valley engineer has pleaded guilty to stealing thousands of trade secrets worth hundreds of millions of dollars, including crucial military technology.... [...]

Wi-Fi spy with my little eye that same guy I saw at another hotspot Researchers in Italy have developed a way to create a biometric identifier for people based on the way the human body interferes with Wi-Fi signal propagation.... [...]

Admins urged to rotate machine keys, restart IIS after emergency fix Microsoft has good news for administrators running SharePoint Server 2016. The cloud and software megacorp has published updates to close a gaping hole in the document management service.... [...]

'We're going to smash the business model' NHS, councils, and schools told The UK government is proposing to "ban" public sector organizations and critical national infrastructure from paying criminal operators behind ransomware attacks, under new measures outlined today.... [...]

The modern art form that redeemed a Windows utility has lessons for all Opinion The speedrun is one of the internet's genuinely new artforms. At its best, it's akin to a virtuoso piano recital. Less emotional depth, more adrenalin. Watching an expert fly through a game creates an endorphin …

No customer, partner info stolen, spokesperson tells The Reg Dell has confirmed that criminals broke into its IT environment and stole some of its data — but told The Register that it's "primarily synthetic (fake) data."... [...]

Move along, nothing to see here comment Here we go again. Another major Microsoft attack, with this one seeing someone — most likely government-backed hackers — exploiting a zero-day bug in SharePoint Server that Redmond failed to fix.... [...]

Persians added snooping capabilities to DCHSpy after Israeli bombs fell Four new samples of Android spyware linked to the Iranian Ministry of Intelligence and Security (MOIS) that collects WhatsApp data, records audio and video, and hunts for files by name, surfaced shortly after the Iran-Israel conflict began.... [...]