News

Oracle Health reportedly warns of info leak from legacy server

The Register - Sun, 30/03/2025 - 23:45
PLUS: OpenAI bumps bug bounties bigtime; INTERPOL arrests 300 alleged cyber-scammers; And more!

Infosec in brief  Oracle Health appears to have fallen victim to an info stealing attack that has led to patient data stored by American hospitals being plundered.…

Categories: News

Malware in Lisp? Now you're just being cruel

The Register - Sat, 29/03/2025 - 10:50
Miscreants warming to Delphi, Haskell, and the like to evade detection

Malware authors looking to evade analysis are turning to less popular programming languages like Delphi or Haskell.…

Categories: News

Cardiff's children's chief confirms data leak 2 months after cyber risk was 'escalated'

The Register - Fri, 28/03/2025 - 12:28
Department director admits Welsh capital's council still trying to get heads around threat of dark web leaks

Cardiff City Council's director of children's services says data was leaked or stolen from the organization, although she did not clarify how or what was pilfered.…

Categories: News

After Chrome patches zero-day used to target Russians, Firefox splats similar bug

The Register - Fri, 28/03/2025 - 06:34
Single click on a phishing link in Google browser blew up sandbox on Windows

Google pushed out an emergency patch for Chrome on Windows this week to stop attackers exploiting a sandbox-breaking zero-day vulnerability, seemingly used by snoops to target certain folks in Russia.…

Categories: News

Cyber-crew claims it cracked American cableco, releases terrible music video to prove it

The Register - Fri, 28/03/2025 - 01:17
WOW! DID! SOMEONE! REALLY! STEAL! DATA! ON! 400K! USERS?!

A cyber-crime ring calling itself Arkana has made a cringe music video to boast of an alleged theft of subscriber account data from Colorado-based cableco WideOpenWest (literally, WOW!)…

Categories: News

China’s FamousSparrow flies back into action, breaches US org after years off the radar

The Register - Thu, 27/03/2025 - 22:06
Crew also cooked up two fresh SparrowDoor backdoor variants, says ESET

The China-aligned FamousSparrow crew has resurfaced after a long period of presumed inactivity, compromising a US financial-sector trade group and a Mexican research institute. The gang also likely targeted a governmental institution in Honduras, along with other yet-to-be-identified victims.…

Categories: News

Security shop pwns ransomware gang, passes insider info to authorities

The Register - Thu, 27/03/2025 - 16:32
Researchers say 'proactive' approach is needed to combat global cybercrime

Here's one you don't see every day: A cybersecurity vendor is admitting to breaking into a notorious ransomware crew's infrastructure and gathering data it relayed to national agencies to help victims.…

Categories: News

CrushFTP CEO's feisty response to VulnCheck's CVE for critical make-me-admin bug

The Register - Thu, 27/03/2025 - 13:20
Screenshot shows company head unhappy, claiming 'real CVE is pending'

CrushFTP's CEO is not happy with VulnCheck after the CVE numbering authority (CNA) released an unofficial ID for the critical vulnerability in its file transfer tech disclosed almost a week ago.…

Categories: News

UK's first permanent facial recognition cameras installed in South London

The Register - Thu, 27/03/2025 - 10:27
As if living in Croydon wasn't bad enough

The Metropolitan Police has confirmed its first permanent installation of live facial recognition (LFR) cameras is coming this summer and the lucky location will be the South London suburb of Croydon.…

Categories: News

Ransomwared NHS software supplier nabs £3M discount from ICO for good behavior

The Register - Thu, 27/03/2025 - 09:30
Data stolen included checklist for medics on how to get into vulnerable people's homes

The UK's data protection watchdog is dishing out a £3.07 million ($3.95 million) fine to Advanced Computer Software Group, whose subsidiary's security failings led to a ransomware attack affecting NHS care.…

Categories: News

Signalgate storm intensifies as journalist releases full secret Houthi airstrike chat

The Register - Wed, 26/03/2025 - 21:16
So F-18 launch times, weapons, drone support aren't classified now ... who knew?

The Atlantic's editor-in-chief who was inadvertently added to a Signal group in which the US Secretary of Defense, Vice President, and others discussed secret military plans has now publicly released the messages.…

Categories: News

US defense contractor cops to sloppy security, settles after infosec lead blows whistle

The Register - Wed, 26/03/2025 - 20:07
MORSE to pay -- .. .-.. .-.. .. --- -. ... for failing to meet cyber-grade

A US defense contractor will cough up $4.6 million to settle complaints it failed to meet cybersecurity requirements on military contracts and knowingly submitted false claims for payment.…

Categories: News

Files stolen from NSW court system, including restraining orders for violence

The Register - Wed, 26/03/2025 - 17:29
Victims' details at risk after criminals download 9,000 files from court database

Australian police are currently investigating the theft of "sensitive" data from a New South Wales court system after they confirmed approximately 9,000 files were stolen.…

Categories: News

Credible nerd says stop using atop, doesn't say why, everyone panics

The Register - Wed, 26/03/2025 - 15:31
Bad news about the Linux system monitor may be on the way

Veteran sysadmin and tech blogger Rachel Kroll posted a cryptic warning yesterday about a popular Linux system monitoring tool. Maybe it's better to be safe than sorry.…

Categories: News

NCSC taps influencers to make 2FA go viral

The Register - Wed, 26/03/2025 - 11:00
Who knew social media stars had a role to play in building national cyber resilience?

The world's biggest brands have benefited from influencer marketing for years – now the UK's National Cyber Security Centre (NCSC) has hopped on the bandwagon to preach two-factor authentication (2FA) to the masses.…

Categories: News

There are perhaps 10,000 reasons to doubt Oracle Cloud's security breach denial

The Register - Tue, 25/03/2025 - 17:35
Customers come forward claiming info was swiped from prod

Oracle Cloud's denial of a digital break-in is now in clear dispute. A infosec researcher working on validating claims that the cloud provider's login servers were compromised earlier this year says some customers have confirmed data allegedly stolen and leaked from the database giant is genuine.…

Categories: News

Infosec pro Troy Hunt HasBeenPwned in Mailchimp phish

The Register - Tue, 25/03/2025 - 12:28
16,000 stolen records pertain to former and active mail subscribers

Infosec veteran Troy Hunt of HaveIBeenPwned fame is notifying thousands of people after phishers scooped up his Mailchimp mailing list.…

Categories: News

You know that generative AI browser assistant extension is probably beaming everything to the cloud, right?

The Register - Tue, 25/03/2025 - 08:31
Just an FYI, like

Generative AI assistants packaged up as browser extensions harvest personal data with minimal safeguards, researchers warn.…

Categories: News

VanHelsing ransomware emerges to put a stake through your Windows heart

The Register - Tue, 25/03/2025 - 07:32
There's only one rule – don't attack Russia, duh

Check Point has spotted a fresh ransomware-as-a-service crew in town: VanHelsing, touting a cross-platform locker targeting Microsoft Windows, Linux, and VMware ESXi systems, among others. But so far, only Windows machines have fallen victim, we're told.…

Categories: News

Hm, why are so many DrayTek routers stuck in a bootloop?

The Register - Tue, 25/03/2025 - 06:37
Time to update your firmware, if you can, to one with the security fixes, cough cough

DrayTek router owners in the UK and beyond had a pretty miserable weekend after some ISPs began to notice a lot of their customers' gateways going offline.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News