Apple squashes kernel bug used by TriangleDB spyware

The Register - Wed, 21/06/2023 - 21:26
Snoops may be targeting macOS devices in addition to iPhones, Kaspersky says

Whoever is infecting people's iPhones with the TriangleDB spyware may be targeting macOS computers with similar malware, according to Kaspersky researchers.…

Categories: News

FTC accuses DNA testing company of lying about dumping samples

The Register - Wed, 21/06/2023 - 20:30
1Health must strengthen protections for genetic information as part of settlement

The Federal Trade Commission has alleged that genetic testing firm, also known as Vitagene, deceived people when it said it would dispose of their physical DNA sample as well as their collected health data.…

Categories: News

Training in Spanish for cyber security pros

The Register - Wed, 21/06/2023 - 14:25

Sponsored Post  Cybercrime is a global phenomenon, but the effectiveness of measures put in place to fight it varies considerably from one region to another.…

Categories: News

Oreo cookie maker says crooks gobbled up staff info

The Register - Tue, 20/06/2023 - 22:01
50K-plus employees' personal info swiped after law firm rolled

Mondelez International has warned 51,000 of its past and present employees that their personal information has been stolen from a law firm hired by the Oreo and Ritz cracker giant.…

Categories: News

Reddit confirms BlackCat gang pinched some data

The Register - Tue, 20/06/2023 - 19:34
Crooks demand $4.5m to keep '80GB' of corp info private – and no API price hikes

Reddit this week confirmed ransomware gang BlackCat, aka AlphaV, broke into its corporate systems in February.…

Categories: News

Over 100,000 compromised ChatGPT accounts found for sale on dark web

The Register - Tue, 20/06/2023 - 11:08
Cybercrooks hoping users have whispered employer secrets to chatbot

Singapore-based threat intelligence outfit Group-IB has found ChatGPT credentials in more than 100,000 stealer logs traded on the dark web in the past year.…

Categories: News

Data leak at major law firm sets Australia's government and elites scrambling

The Register - Tue, 20/06/2023 - 06:04
BlackCat attack sparks injunction preventing coverage of purloined docs

An infosec incident at a major Australian law firm has sparked fear among the nation's governments, banks and businesses – and a free speech debate.…

Categories: News

Guess what happened to this US agency using outdated software?

The Register - Mon, 19/06/2023 - 15:32
Also: Hackers target security researchers, MaaS model flourishing, and this week's vulnerabilities

Infosec in brief  Remember earlier this year, when we found out that a bunch of baddies including at least one nation-state group broke into a US federal government agency's Microsoft Internet Information Services (IIS) web server by exploiting a critical three-year-old Telerik bug to achieve remote code execution?…

Categories: News

Outsource to infill on cyber security

The Register - Mon, 19/06/2023 - 09:35
Automating, simplifying, and calling in external help can increase the chances of blocking and mitigating attacks

Sponsored Feature  Life is tougher than ever for security pros facing a rising tide of cyberattacks. And adversaries are becoming more adept than ever at using diverse methods and technologies to scale up assaults on their selected targets.…

Categories: News

With dead-time dump, Microsoft revealed DDoS as cause of cloud outages

The Register - Mon, 19/06/2023 - 01:32
Previous claims its own software updates were the issue remain almost, kinda, plausible

In the murky world of political and corporate spin, announcing bad news on Friday afternoon – a time when few media outlets are watching, and audiences are at a low ebb – is called "taking out the trash." And that’s what Microsoft appears to have done last Friday.…

Categories: News

Third MOVEit bug fixed a day after PoC exploit made public

The Register - Sat, 17/06/2023 - 00:05
Millions of people's personal info swiped, Clop leaks begin with 'Shell's stolen data'

Progress Software on Friday issued a fix for a third critical bug in its MOVEit file transfer suite, a vulnerability that had just been disclosed the day earlier.…

Categories: News

LockBit suspect's arrest sheds more light on 'trustworthy' gang

The Register - Fri, 16/06/2023 - 20:01
Plus: Accused is innocent until proven guilty, but is known to be an Apple fan

FBI agents have arrested a Russian man suspected of being part of the Lockbit ransomware gang. An unsealed complaint alleges the 20-year-old was an Apple fanboy, an online gambler, and scored 80 percent of at least one ransom payment given to the criminals.…

Categories: News

Capita faces first legal Letter of Claim over mega breach

The Register - Fri, 16/06/2023 - 14:04
Barings Law claims 250 people that 'suspect' data theft signed up to class action

Capita is facing its first legal claim over the high profile digital burglary in late March that exposed some customer data to intruders and will cost the outsourcing biz around £20 million ($26 million) to clean up.…

Categories: News

Microsoft: Russia sent its B team to wipe Ukrainian hard drives

The Register - Fri, 16/06/2023 - 07:31
WhisperGate-spreading Cadet Blizzard painted as haphazard but dangerous crew

Here's a curious tale about a highly destructive yet flaky Kremlin-backed crew that was active during the early days of Russia's invasion of Ukraine, then went relatively quiet – until this year.…

Categories: News

EU boss Breton: There's no Huawei that Chinese comms kit is safe to use in Europe

The Register - Fri, 16/06/2023 - 01:31
European Commission's own networks to toss Middle Kingdom boxes amid calls for total replacement

European commissioner Thierry Breton wants Huawei and ZTE barred throughout the EU, and revealed plans to remove kit made by the Chinese telecom vendors from the Commission's internal networks.…

Categories: News

US government hit by Russia's Clop in MOVEit mass attack

The Register - Thu, 15/06/2023 - 23:43
CISA chief tells us exploitation 'largely opportunistic', not on same level of SolarWinds

The US Department of Energy and other federal bodies are among a growing list of organizations hit by Russians exploiting the MOVEit file-transfer vulnerability.…

Categories: News

Chinese spies blamed for data-harvesting raids on Barracuda email gateways

The Register - Thu, 15/06/2023 - 19:44
Snoops 'aggressively targeted' specific govt, academic accounts

Chinese spies are behind the data-stealing malware injected into Barracuda's Email Security Gateway (ESG) devices globally as far back as October 2022, according to Mandiant.…

Categories: News

North Korea created very phishy evil twin of Naver, South Korea's top portal

The Register - Thu, 15/06/2023 - 03:15
Think of it as a fake Google tuned for credential capture and you'll understand why authorities want to kill it

North Korea has created a fake version of South Korea's largest internet portal, Naver, in a large scale phishing attempt, Seoul's National Intelligence Service (NIS) said on Wednesday.…

Categories: News

Decision to hold women-in-cyber events in abortion-banning states sparks outcry

The Register - Thu, 15/06/2023 - 00:48
'Many factors were considered,' WyCiS boss tells The Reg as (ISC)² suggests an end to 'girlfriend test' jargon

Global nonprofit Women in Cybersecurity (WiCyS), despite months of controversy over the cities named to host its 2024 and 2025 conferences, says it will move forward as planned with the events in Nashville, Tennessee, and Dallas, Texas, respectively.…

Categories: News

LockBit victims in the US alone paid over $90m in ransoms since 2020

The Register - Wed, 14/06/2023 - 20:42
As America, UK, Canada, Australia and friends share essential bible to detect and thwart infections

Seven nations today issued an alert, plus protection tips, about LockBit, the prolific ransomware-as-a-service gang.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News