News

Government mighty displeased about a shared Active Directory that led to a big data leak

Japan's government has ordered local tech giants LINE and NAVER to disentangle their tech stacks, after a data breach saw over 510,000 users' data exposed.…

As the crooks behind the attack - probably ALPHV/BlackCat - fake their own demise

The US government has stepped in to help hospitals and other healthcare providers affected by the Change Healthcare ransomware infection, offering more relaxed Medicare rules and urging advanced funding to providers.…

Insurance giant blames Infosys, LockBit claims credit

Criminals have probably stolen nearly 30,000 Fidelity Investments Life Insurance customers' personal and financial information — including bank account and routing numbers, credit card numbers and security or access codes — after breaking into Infosys' IT systems in the fall.…

Where better to expose confidential data than on a dating app?

Yet another US military man is facing a potentially significant stretch in prison after allegedly sending secret national defense information (NDI) overseas.…

If you're still on X you'd better disable this insecure-by-default calling feature, lest someone snatch your IP

Video and audio calling features for X Premium users added last year to Elon Musk's version of Twitter have been expanded to everyone on the platform, and we're warning Reg readers yet again to disable the feature - this time because it appears to expose user IP addresses.…

Exploits began within hours of the original disclosure, so patch now

Security shop Rapid7 is criticizing JetBrains for flouting its policy against silent patching regarding fixes for two fresh vulnerabilities in the TeamCity CI/CD server.…

Penny Appeal sent more than 460,000 texts asking for money to help war-torn countries, no opt out

Typically it is energy improvement peddlers or debt help specialists that are disgraced by Britain's data watchdog for spamming unsuspecting households, but the latest entrant in the hall of shame is a charity.…

Claims to protect against DDoS, sensitive data leakage

Cloudflare has tweaked its web application firewall (WAF) to add protections for applications using large language models.…

Don't leave home without … IT security

A security failure at a third-party vendor exposed an untold number of American Express card numbers, expiry dates, and other data to persons unknown.…

No honor among thieves?

ALPHV/BlackCat, the gang behind the Change Healthcare cyberattack, has received more than $22 million in Bitcoin in what might be a ransomware payment.…

Kim Jong Un's all in for home-built silicon says warning

North Korean government spies have broken into the servers of at least two chipmakers and stolen product designs as part of attempts to spur Kim Jong Un's plans for a domestic semiconductor industry, according to Seoul's security agency.…

Officials can't tell whether the tape was edited, but fear Kremlin has more juicy bits to release in the future

The German Ministry of Defense (Bundeswehr) has confirmed that a recording of a call between high-ranking officials discussing war efforts in Ukraine, leaked by Russian media, is legitimate.…

Increasingly clear number of permanent solutions is narrowing

Global law enforcement authorities' attempts to shutter the LockBit ransomware crew have sparked a fresh call for a ban on ransomware payments to perpetrators.…

When you can't lock 'em up, lock 'em out

Opinion  The best cop shows excel at mind games: who's tricking whom, who really wins, and what price they pay. A twist of humor adds to the drama and keeps us hooked. It's rare enough in real life, far less so in the grim meat grinder of cybersecurity, yet sometimes it happens. It's happening right now.…

ALSO: CISA warns Ivanti vuln mitigations might not work, SAML hijack doesn't need ADFS, and crit vulns

Infosec in brief  The infamous LockBit ransomware gang has been busy in the ten days since an international law enforcement operation took down many of its systems. But despite its posturing, the gang might have suffered more than it's letting on.…

Misinformation is rife, AI makes it easier to create, and 42 percent of the planet’s inhabitants get to vote this year

Feature  Two US intelligence bigwigs last week issued stark warnings about foreign threats to American election integrity and security – and the nation's ability to counter these adversaries.…

Turns out bragging on Discord has unfortunate consequences

Jack Teixeira, the Air National Guardsman accused of leaking dozens of classified Pentagon documents, is expected to plead guilty in a US court on Monday.…

/* Hope no one ever reads these functions lmao */

NSO Group, the Israel-based maker of super-charged snoopware Pegasus, has been ordered by a federal judge in California to share the source code for "all relevant spyware" with Meta's WhatsApp.…

$10M bounty for anyone with info leading to Alireza Shafie Nasab's identification or location

The US Department of Justice has unsealed an indictment accusing an Iranian national of a years-long campaign that compromised hundreds of thousands of accounts and attempting to infiltrate US defense contractors and multiple government agencies.…

Everything you need to know about quantum safe encryption

Webinar  The quantum threat might seem futuristic, more like something you'd encounter in a science fiction film. But it's arguably already a danger to real cyber security defences.…