News

Wait, why do you want this job again?

Chief information security officers around the globe "are nervously looking over the horizon," according to a survey of 1,600 CISOs that found more than two thirds (70 percent) worry their organization is at risk of a material cyber attack over the next 12 months. …

Massive discount applied to save cop shop’s helicopter budget

Following a data leak that brought "tangible fear of threat to life", the UK's data protection watchdog says it intends to fine the Police Service of Northern Ireland (PSNI) £750,000 ($955,798).…

SpaceX is smart on this, Cupertino and GL.iNet not so much

In-depth  Academics have suggested that Apple's Wi-Fi Positioning System (WPS) can be abused to create a global privacy nightmare.…

You shouldn't – Indian infosec researchers warn you'll get random junk instead

Indian infosec firm CloudSEK warned on Wednesday that scammers are selling counterfeit code advertised as the NSO Group's notorious Pegasus spyware.…

Unfading Sea Haze adept at staying under the radar

Bitdefender says it has tracked down and exposed an online gang that has been operating since 2018 nearly without a trace – and likely working for Chinese interests.…

Vague ML definitions subject to change – yeah, great

The House Foreign Affairs Committee voted Wednesday to advance a law bill expanding the White House's authority to police exports of AI systems – including models said to pose a national security threat to the United States.…

Why should we get its paperwork?

More than 100 medical industry groups have asked the Feds to make UnitedHealth Group, not them, go through the rigmarole of notifying everyone about the Change Healthcare ransomware infection.…

Pharmacy says it's 'unwilling and unable to pay ransom'

Canadian pharmacy chain London Drugs has confirmed that ransomware thugs stole some of its corporate files containing employee information and says it is "unwilling and unable to pay ransom to these cybercriminals."…

Intercontinental Exchange's Q1 revenue exceeded $1B – that'll sure teach 'em

The New York Stock Exchange's parent company has just been hit with a $10 million fine for failing to properly inform the Securities and Exchange Commission (SEC) of a 2021 cyber intrusion. …

$4.5M slushed through accounts from state healthcare and lonely people

Georgia resident Malachi Mullings received a decade-long sentence for laundering money scored in scams against healthcare providers, private companies, and individuals to the tune of $4.5 million.…

'Clarification' weighs in on material vs voluntary disclosures

The US Securities and Exchange Commission (SEC) wants to clarify guidelines for public companies regarding the disclosure of ransomware and other cybersecurity incidents.…

Attend this Register live event to learn how

Sponsored Survey and Live Event  What are the biggest risks to your organization posed by ransomware and what security defenses does it have in place to protect its sensitive data from cyber criminals?…

Rivals ready to swoop in but drop in overall attacks illustrates LockBit’s influence

The takedown of LockBit in February is starting to bear fruit for rival gangs with Play overtaking it after an eight-month period of LockBit topping the attack charts.…

On the bright side, someone made up to $30,000+ for finding it

GitHub has patched its Enterprise Server software to fix a security flaw that scored a 10 out of 10 CVSS severity score.…

Boffins, why not simply invent an algorithm that autonomously fixes flaws, thereby ending ransomware forever

The US government's Advanced Research Projects Agency for Health (ARPA-H) has pledged more than $50 million to fund the development of technology that aims to automate the process of securing hospital IT environments.…

Guess we all have imaginary monsters to fear

Zoom has rolled out what it claims is post-quantum end-to-end encryption (E2EE) for video conferencing, saying it will make it available for Phone and Rooms "soon."…

Crashes galore, plus especially crafty crims could use it for much worse

Infosec researchers are alerting the industry to a critical vulnerability in Fluent Bit – a logging component used by a swathe of blue chip companies and all three major cloud providers.…

Fewer rivals on the scene as big-gang success soars

The number of new ransomware strains in circulation has more than halved over the past 12 months, suggesting there is little need for innovation given the success of the existing tools used by top gangs.…

Opponents of Myanmar’s internet-nobbling military government don't like when Facebook asks for their real names

Big Tech isn't much help if you're an activist trying to work against a military junta, and FOSS tools aren't a great alternative either, according to opponents of Myanmar's military regime.…

New infosec intelligence service aims to spread the word about recently discovered vulns in free code

Securing open source software may soon become a little bit easier thanks to a new vulnerability info-sharing effort initiated by the Open Source Security Foundation (OpenSSF).…