Outsmart an AI, win a little Christmas cash Microsoft and friends have challenged AI hackers to break a simulated LLM-integrated email client with a prompt injection attack – and the winning teams will share a $10,000 prize pool.... [...]
Also: Mystery US firm compromised by Chinese hackers for months; Safe links that aren't; Polish spy boss arrested, and more Infosec in brief Still smarting over that grocery disruption caused by a ransomware attack on supply chain SaaS vendor Blue Yonder? Well, now you have someone to point a …
'It's a double-edged sword,' security researchers tell The Reg Feature Chinese tech company employees and government workers are siphoning off user data and selling it online - and even high-ranking Chinese Communist Party officials and FBI-wanted hackers' sensitive information is being peddled by the Middle Kingdom's thriving illegal data ecosystem …
Microsoft's OS sure loves throwing your creds at remote systems Acros Security claims to have found an unpatched bug in Microsoft Windows 7 and onward that can be exploited to steal users' OS account credentials.... [...]
Video slinger looks to Supremes for salvation, though anything could happen under Trump A US federal appeals court has rejected a challenge to the law that prevents popular apps that collect data on Americans from being controlled by a foreign adversary.... [...]
Proposal pushes stricter infosec safeguards after Chinese state baddies expose vulns The head of America's Federal Communications Commission (FCC) wants to force telecoms operators to tighten network security in the wake of the Salt Typhoon revelations, and to submit an annual report detailing measures taken.... [...]
Threatened with life in prison, Kyiv charity worker gives middle finger to state spies A Russian programmer defied the Federal Security Service (FSB) by publicizing the fact his phone was infected with spyware after being confiscated by authorities.... [...]
Get best practice advice on how to safeguard your cloud infrastructure from SANS Sponsored Post According to the 2024 IBM Cost of the Data Breach Report 40 percent of data breaches identified between March 2023 and February 2024 involved data stored across multiple environments, including the cloud.... [...]
Still unpatched 100+ days later, watchTowr says updated A zero-day arbitrary file read vulnerability in Mitel MiCollab can be chained with a now-patched critical bug in the same platform to give attackers access to sensitive files on vulnerable instances.... [...]
Redmond threat intel maven talks explains this persistent pain to The Reg A Chinese government-linked group that Microsoft tracks as Storm-2077 has been actively targeting critical organizations and US government agencies as of yesterday, according to Redmond's threat intel team.... [...]
Damage likely limited to those running bots with private key access Malware-poisoned versions of the widely used JavaScript library @solana/web3.js were distributed via the npm package registry, according to an advisory issued Wednesday by project maintainer Steven Luscher.... [...]
Discover how automation can simplify endpoint management in this webinar Webinar Managing endpoints in today's dynamic IT environments is becoming increasingly complex.... [...]
Children's hospital and cardiac unit say criminals broke in via shared 'digital gateway service' Both National Health Service trusts that oversee the various hospitals hit by separate cyberattacks last week have confirmed they're still in the process of restoring systems.... [...]
Sensitive data allegedly stolen from US subsidiary following Black Basta post BT Group confirmed it is dealing with an attempted attack on one of its legacy business units after the Black Basta ransomware group claimed they broke in.... [...]
Support the industry by sponsoring the UK Cyber Team Competition Partner Content The opportunity to identify, foster and nurture talented young people towards a cyber security career should always be grabbed with both hands.... [...]
Stoli Group on the rocks in the US Two US subsidiaries of alcohol giant Stoli Group filed for bankruptcy protection this week over financial difficulties exacerbated by an August ransomware attack.... [...]
Security chief talks to El Reg as Feds urge everyone to use encrypted chat interview While Chinese-government-backed spies maintained access to US telecommunications providers' networks for months – and in some cases still haven't been booted out – T-Mobile US thwarted successful attacks on its systems "within a single-digit number of …
Drugs, botnets, forged docs, and more generated fortune for platform sellers German authorities say they have again shut down the perhaps unwisely named Crimenetwork platform and arrested a suspected admin.... [...]
Installed the final non-security preview update of 2024? Best not hop onto the Dev Channel Microsoft has pinned down why some eager Windows Insiders could not persuade the Recall preview to save any snapshots. It's all down to a pesky non-security preview.... [...]
They took the red pill Updated French and Dutch police have taken down the Matrix chat app, which was designed by criminals for criminals to be a secure encrypted messaging tool.... [...]
'Where we go is who we are' totally isn't a creepy ad slogan at all The FTC has reached a settlement with two data brokerages over allegations they harvested precise location data that shows when people entered hospitals, places of worship, and even attended protests supporting the late George …
20-year-old info disclosure class bug still pervades security software It's time to rev up those patch engines after SailPoint disclosed a perfect 10/10 severity vulnerability in its identity and access management (IAM) platform IdentityIQ.... [...]
ENGlobal customers include the Pentagon as well as major oil and gas producers American energy contractor ENGlobal disclosed that access to its IT systems remains limited following a ransomware infection in late November.... [...]
National cyber emergencies increased threefold this year The number of security threats in the UK that hit the country's National Cyber Security Centre's (NCSC) maximum severity threshold has tripled compared to the previous 12 months.... [...]
No exaggeration – literally a ton. Plus, 15 co-conspirators also put behind bars A Russian court has handed a life sentence to the head of the infamous online drugs souk Hydra, and 15 of his co-conspirators will also spend many years behind bars.... [...]