Showing only posts in The Register. Show all posts.

May 01 2025 Data watchdog will leave British Library alone – further probes 'not worth our time'

No MFA? No problem – as long as you show you’ve learned your lesson The UK's data protection overlord is not going to pursue any further investigation into the British Library's 2023 ransomware attack.... [...]

Apr 30 2025 Ex-NSA cyber-boss: AI will soon be a great exploit coder

Source

For now it's a potential bug-finder and friend to defenders RSAC Former NSA cyber-boss Rob Joyce thinks today's artificial intelligence is dangerously close to becoming a top-tier vulnerability exploit developer.... [...]

Apr 30 2025 Ex-CISA chief decries cuts as Trump demands loyalty above all else

Source

Cybersecurity is national security, says Jen Easterly RSAC America's top cyber-defense agency is "being undermined" by personnel and budget cuts under the Trump administration, some of which are being driven by an expectation of perfect loyalty to the President rather than the nation.... [...]

Apr 30 2025 Maryland man pleads guilty to outsourcing US govt work to North Korean dev in China

Source

Feds say $970K scheme defrauded 13+ companies A Maryland man has pleaded guilty to fraud after landing a job with a contractor working on US government software, and then outsourcing the work to a self-described North Korean developer in China.... [...]

Apr 30 2025 FBI steps in amid rash of politically charged swattings

Source

No specific law against it yet, but that's set to change A spate of high-profile swatting incidents in the US recently forced the FBI into action with its latest awareness campaign about the occasionally deadly practice.... [...]

Apr 30 2025 Ghost in the shell script: Boffins reckon they can catch bugs before programs run

Source

Go ahead, please do Bash static analysis Shell scripting may finally get a proper bug-checker. A group of academics has proposed static analysis techniques aimed at improving the correctness and reliability of Unix shell programs.... [...]

Apr 30 2025 Cloud doesn’t mean secure: How Intruder finds what others miss

Source

A cloud security platform that manages the attack surface and security vulnerabilities in AWS Sponsored post You’d be naïve to believe that the cloud is secure by default, and while most hosting services provide basic defenses, it’s not always clear what level of protection these provide.... [...]

Apr 29 2025 Watch out for any Linux malware sneakily evading syscall-watching antivirus

Source

Google dumped io_uring after $1M in bug bounties A proof-of-concept program has been released to demonstrate a so-called monitoring "blind spot" in how some Linux antivirus and other endpoint protection tools use the kernel's io_uring interface.... [...]

Apr 29 2025 Enterprise tech dominates zero-day exploits with no signs of slowdown

Source

As Big Tech gets used to the pain, smaller vendors urged to up their game Google says that despite a small dip in the number of exploited zero-day vulnerabilities in 2024, the number of attacks using these novel bugs continues on an upward trend overall.... [...]

Apr 29 2025 China now America's number one cyber threat – US must get up to speed

Source

Former Rear Admiral calls for National Guard online deployment and corporates to be held accountable RSAC Russia used to be considered America's biggest adversary online, but over the past couple of years China has taken the role, and is proving highly effective at it.... [...]

Apr 29 2025 Infosec pros tell Trump to quit bullying Chris Krebs – it's undermining security

Source

Top voices warn that political retaliation puts democracy and national defense at risk The Electronic Frontier Foundation (EFF) and numerous infosec leaders are lobbying US President Donald Trump to drop his enduring investigation into Chris Krebs, claiming that targeting the former CISA boss amounts to bullying.... [...]

Apr 29 2025 China is using AI to sharpen every link in its attack chain, FBI warns

Source

Artificial intelligence is helping Beijing's goons break in faster and stay longer RSAC The biggest threat to US critical infrastructure, according to FBI Deputy Assistant Director Cynthia Kaiser, can be summed up in one word: "China."... [...]

Apr 29 2025 The one interview question that will protect you from North Korean fake workers

Source

FBI and others list how to spot NK infiltrators, but AI will make it harder RSAC Concerned a new recruit might be a North Korean stooge out to steal intellectual property and then hit an org with malware? There is an answer, for the moment at least.... [...]

Apr 29 2025 Swiss boffins admit to secretly posting AI-penned posts to Reddit in the name of science

Source

They’re sorry/not sorry for testing if bots can change minds by pretending to be a trauma counselor or a victim of sexual abuse Researchers from the University of Zurich have admitted to secretly posting AI-generated material to popular Subreddit r/changemyview in the name of science.... [...]

Apr 29 2025 Open source text editor poisoned with malware to target Uyghur users

Source

Who could possibly be behind this attack on an ethnic minority China despises? Researchers at Canada’s Citizen Lab have spotted a phishing campaign and supply chain attack directed at Uyghur people living outside China, and suggest it’s an example of Beijing’s attempts to target the ethnic …

Apr 29 2025 Ex-Disney employee gets 3 years in the clink for goofy attacks on mousey menus

Source

Florida man altered allergen info, DoSed former colleagues Former Disney employee Michael Scheuer was sentenced to 36 months in prison and fined almost $688,000 for screwing up a software application the entertainment giant used to cook up its restaurant menus.... [...]

Apr 28 2025 Cybersecurity CEO accused of running malware on hospital PC blabs about it on LinkedIn

Source

Sometimes, silence is the best option An Oklahoma City cybersecurity professional accused of installing spyware on a hospital PC confirmed on LinkedIn key details of the drama.... [...]

Apr 28 2025 How to survive as a CISO aka 'chief scapegoat officer'

Source

Whistleblowing, email is evidential mail, HR is not your friend, and more discussed by CxO panel RSAC Chief security officers should negotiate personal liability insurance and a golden parachute when they start a new job – in case things go sideways and management tries to scapegoat them for a network …

Apr 28 2025 Admission impossible: NSA, CISA brass absent from RSA Conf

Source

Homeland Security boss Noem added as last-minute keynote, mind you RSAC There's a notable absence from this year's RSA Conference that kicked off today in San Francisco: The NSA's State of the Hack panel.... [...]

Apr 28 2025 The future of AI in cybersecurity in a word: Optimistic

Source

Think of artificial intelligence as your embedded ally Sponsored post AI is reshaping cybersecurity in real time, raising the stakes on both sides of the battlefield. For defenders, it brings speed, precision, and automation at scale, helping security teams detect threats earlier and respond faster than ever. But adversaries …

Apr 28 2025 From 112K to 4M folks' data – HR biz attack goes from bad to mega bad

Source

It took a 1 year+ probe, plenty of client calls for VeriSource to understand just how much of a yikes it has on its hands Houston-based VeriSource Services' long-running probe into a February 2024 digital break-in shows the data of 4 million people – not just a few hundred thousand …

Apr 28 2025 Back online after 'catastrophic' attack, 4chan says it's too broke for good IT

Source

Image board hints that rumors of a poorly maintained back end may be true Clearweb cesspit 4chan is back up and running, but says the damage caused by a cyberattack earlier this month was "catastrophic."... [...]

Apr 28 2025 Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025

Source

Redmond reckons $1.50/core/month hotpatch service is worth it to avoid eight Patch Tuesday scrambles each year Microsoft has announced its preview of hotpatching for on-prem Windows Server 2025 will become a paid subscription service in July.... [...]

Apr 28 2025 Samsung admits Galaxy devices can leak passwords through clipboard wormhole

Source

PLUS: Microsoft fixes messes China used to attack it; Mitre adds ESXi advice; Employee-tracking screenshots leak; and more! Infosec in brief Samsung has warned that some of its Galaxy devices store passwords in plaintext.... [...]

Apr 25 2025 Signalgate lessons learned: If creating a culture of security is the goal, America is screwed

Source

Infosec is a team sport... unless you're in the White House Opinion Just when it seems they couldn't be that careless, US officials tasked with defending the nation go and do something else that puts American critical infrastructure, national security, and troops' lives in danger.... [...]

« newer articles | page 62 | older articles »