News

Admission impossible: NSA, CISA brass absent from RSA Conf

The Register - Mon, 28/04/2025 - 22:03
Homeland Security boss Noem added as last-minute keynote, mind you

RSAC  There's a notable absence from this year's RSA Conference that kicked off today in San Francisco: The NSA's State of the Hack panel.…

Categories: News

The future of AI in cybersecurity in a word: Optimistic

The Register - Mon, 28/04/2025 - 20:11
Think of artificial intelligence as your embedded ally

Sponsored post  AI is reshaping cybersecurity in real time, raising the stakes on both sides of the battlefield. For defenders, it brings speed, precision, and automation at scale, helping security teams detect threats earlier and respond faster than ever. But adversaries aren’t standing still. They’re using AI to sharpen their own tactics, accelerating attacks and probing defenses with unprecedented sophistication.…

Categories: News

From 112k to 4 million folks' data – HR biz attack goes from bad to mega bad

The Register - Mon, 28/04/2025 - 14:40
It took a 1 year+ probe, plenty of client calls for VeriSource to understand just how much of a yikes it has on its hands

Houston-based VeriSource Services' long-running probe into a February 2024 digital break-in shows the data of 4 million people – not just a few hundred thousand as it first claimed - was accessed by an "unknown actor".…

Categories: News

Back online after 'catastrophic' attack, 4chan says it's too broke for good IT

The Register - Mon, 28/04/2025 - 13:27
Image board hints that rumors of a poorly maintained back end may be true

Clearweb cesspit 4chan is back up and running, but says the damage caused by a cyberattack earlier this month was "catastrophic."…

Categories: News

Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025

The Register - Mon, 28/04/2025 - 07:37
Redmond reckons $1.50/core/month hotpatch service is worth it to avoid eight Patch Tuesday scrambles each year

Microsoft has announced that its preview of hotpatching for on-prem Windows Server 2025 will become a paid subscription service in July.…

Categories: News

Samsung admits Galaxy devices can leak passwords through clipboard wormhole

The Register - Mon, 28/04/2025 - 03:59
PLUS: Microsoft fixes messes China used to attack it; Mitre adds ESXi advice; Employee-tracking screenshots leak; and more!

Infosec in brief  Samsung has warned that some of its Galaxy devices store passwords in plaintext.…

Categories: News

Signalgate lessons learned: If creating a culture of security is the goal, America is screwed

The Register - Sat, 26/04/2025 - 00:58
Infosec is a team sport … unless you're in the White House

Opinion  Just when it seems they couldn't be that careless, US officials tasked with defending the nation go and do something else that puts American critical infrastructure, national security, and troops' lives in danger.…

Categories: News

Amid CVE funding fumble, 'we were mushrooms, kept in the dark,' says board member

The Register - Fri, 25/04/2025 - 23:19
What next for US-bankrolled vulnerability tracker? It's edging closer to a more independent, global future

Kent Landfield, a founding member of the Common Vulnerabilities and Exposures (CVE) program and member of the board, learned through social media that the system he helped create was just hours away from losing funding.…

Categories: News

More Ivanti attacks may be on horizon, say experts who are seeing 9x surge in endpoint scans

The Register - Fri, 25/04/2025 - 20:00
GreyNoise says it is the kind of activity that typically precedes new vulnerability disclosures

Ivanti VPN users should stay alert as IP scanning for the vendor's Connect Secure and Pulse Secure systems surged by 800 percent last week, according to threat intel biz GreyNoise.…

Categories: News

Oh, cool. Microsoft melts bug that froze Server 2025 Remote Desktop sessions

The Register - Fri, 25/04/2025 - 19:00
Where have we heard this before? Feb security update needs its own fix

More than one month after complaints starting flying, Microsoft has fixed a Windows bug that caused some Remote Desktop sessions to freeze.…

Categories: News

M&S stops online orders as 'cyber incident' issues worsen

The Register - Fri, 25/04/2025 - 17:13
One step forward and one step back as earlier hopes of progress dashed by latest update

Marks & Spencer has paused online orders for customers via its website and app as the UK retailer continues to wrestle with an ongoing "cyber incident."…

Categories: News

Emergency patch for potential SAP zero-day that could grant full system control

The Register - Fri, 25/04/2025 - 16:31
German software giant paywalls details, but experts piece together the clues

SAP's latest out-of-band patch is for a perfect 10/10 bug in NetWeaver that experts suspect could have already been exploited as a zero-day.…

Categories: News

Claims assistance firm fined for cold-calling people who put themselves on opt-out list

The Register - Fri, 25/04/2025 - 10:29
Third-party data supplier also in hot water with Brit regulator over consent issues

Britain's data privacy watchdog has slapped a fine of £90k ($120k) on a business that targeted people with intrusive marketing phone calls, despite them being registered with the official "Do Not Call" opt-out service.…

Categories: News

Darcula adds AI to its DIY phishing kits to help would-be vampires bleed victims dry

The Register - Fri, 25/04/2025 - 07:18
Because coding phishing sites from scratch is a real pain in the neck

Darcula, a cybercrime outfit that offers a phishing-as-a-service kit to other criminals, this week added AI capabilities to its kit that help would-be vampires spin up phishing sites in multiple languages more efficiently.…

Categories: News

SSNs and more on 5.5M+ patients feared stolen from Yale Health

The Register - Thu, 24/04/2025 - 21:32
At least it wasn't Harvard

Yale New Haven Health has notified more than 5.5 million people that their private details were likely stolen by miscreants who broke into the healthcare system's network last month.…

Categories: News

Microsoft mystery folder fix might need a fix of its own

The Register - Thu, 24/04/2025 - 19:01
This one weird trick can stop Windows updates dead in their tracks

Turns out Microsoft's latest patch job might need a patch of its own, again. This time, the culprit is a mysterious inetpub folder quietly deployed by Redmond, now hijacked by a security researcher to break Windows updates.…

Categories: News

Assassin's Creed maker faces GDPR complaint for forcing single-player gamers online

The Register - Thu, 24/04/2025 - 16:59
Collecting data from solo players is a Far Cry from being necessary, says noyb

For anyone who's ever been frustrated by the need to go online to play a single-player video game, the European privacy specialists at noyb have heard you, and they've filed a complaint against Ubisoft in Austria dealing specifically with the issue. …

Categories: News

M&S takes systems offline as 'cyber incident' lingers

The Register - Thu, 24/04/2025 - 11:18
Customers told to expect further delays as contactless payments still down

UK high street retailer Marks & Spencer says contactless payments are still down following its "cyber incident" and order delays are likely to continue.…

Categories: News

Your vendor may be the weakest link: Percentage of third-party breaches doubled in a year

The Register - Thu, 24/04/2025 - 10:28
Cybercriminals are targeting software shops, accountants, lawyers

The percentage of confirmed data breaches involving third-party relationships doubled last year as cybercriminals increasingly exploited weak links in supply chains and partner ecosystems.…

Categories: News

Booby-trapped Alpine Quest Android app geolocates Russian soldiers

The Register - Thu, 24/04/2025 - 08:24
Back of the nyet!

Russian soldiers are being targeted with an Android app specially altered to pinpoint their location and scan their phones for files, with the ability to exfiltrate sensitive documents if instructed.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News