News

Improving security on a budget with continuous monitoring

Partner content  Most security teams face a staggering challenge. They're tasked with protecting themselves against the same advanced threats as any large enterprise, but often have a fraction of the budget, tools, and personnel. It's not uncommon to hear these teams being told to "do more with less." But still, the stakes couldn't be higher.…

Agents thought they shut this all down in 2023, but the duck quacked again

Uncle Sam on Thursday unsealed criminal charges and a civil forfeiture case against a Russian national accused of leading the cybercrime ring behind Qakbot, the notorious malware that infected hundreds of thousands of computers worldwide and helped fuel ransomware attacks costing victims tens of millions of dollars.…

Intrusions began weeks before Trimble patched the Cityworks hole

A suspected Chinese crew has been exploiting a now-patched remote code execution (RCE) flaw in Trimble Cityworks to break into US local government networks and target utility management systems, according to Cisco's Talos threat intelligence group.…

Case in Germany could derail Zuck's plans, noyb tells El Reg fight isn't over

The Irish Data Protection Commission has cleared the way for Meta to begin slurping up the data of European citizens for training AI next week, ongoing legal challenges notwithstanding. …

4-year trial is second major initiative this year that clamps down on 'illegal immigrants'

Foreigners in Moscow will now be subject to a new experimental law that affords the state enhanced tracking mechanisms via a smartphone app.…

Chat app blocks Windows' screenshot-happy feature from peeking at private convos

Chat app biz Signal is unhappy with the current version of Microsoft Recall and has invoked some Digital Rights Management (DRM) functionality in Windows to stop the tool from snapshotting private conversations.…

Parents and teachers have personal info, ID documents leaked online, but exam season mostly unaffected

Scotland's West Lothian Council has confirmed that data was stolen from its education network after the Interlock ransomware group claimed responsibility for the intrusion earlier this month.…

The 19-year-old and a partner first tried to extort an unnamed telco, but failed

A 19-year-old student has agreed to plead guilty to hacking into the systems of two companies as part of an extortion scheme, and The Register has learned that one of the targets was PowerSchool.…

Their connection? Aiding Ukraine, duh

Russian cyberspies have targeted "dozens" of Western and NATO-country logistics providers, tech companies, and government orgs providing transport and foreign assistance to Ukraine, according to a joint government announcement issued Wednesday.…

Credit card theft losses in 2023 alone totaled $36.5M

International cops working with Microsoft have shut down infrastructure and seized web domains used to run a distribution service for info-stealing malware Lumma. Criminals paid $250 to $1,000 a month to get access to the infostealer.…

Bribed support staff identified, fired

Coinbase says the data of nearly 70,000 customers was handed over by overseas support staff who were bribed by criminals to give up the goods.…

CS remains hopeful damages will be limited to seven figures

CrowdStrike is "confident" that the worst-case scenario of its pending lawsuit with Delta will result in it paying the airline a sum in the "single-digit millions."…

From air-gapped bunkers to partner-run platforms, sovereignty is suddenly in vogue

Google has updated its sovereign cloud services, including an air-gapped solution for customers with strict data security and residency requirements, as customers grow uneasy over US digital dominance.…

In practice, it'll cost many times that and almost certainly won't work

In a White House press conference on Tuesday President Trump announced his plans for a defensive network of missiles, radar, space surveillance, and attack satellites that he promised would protect America.…

Downtime stings retailer, with technical recovery costs coming at a later date

Marks & Spencer says the disruption related to its ongoing cyberattack is likely to knock around £300 million ($402 million) off its operating profits for the next financial year (2025/26).…

After 60 years+ cooperation on space and military ops, worrying 'rhetoric' from Team Trump has Brits examining options

The current rhetoric coming from the US is "alarming" for the UK, which depends on a continuation of their long-standing co-operation around space and military tech for the future, the UK's second parliamentary chamber heard this week.…

Crew ain't done hopping sectors, Unit 42 threat hunter warns

interview  Scattered Spider snared financial services organizations in its web before its recent spate of retail attacks in the UK and US, according to Palo Alto Networks' Unit 42.…

Nothing like insecure code in security suites

The "ongoing exploitation" of two Ivanti bugs has now extended beyond on-premises environments and hit customers' cloud instances, according to security shop Wiz.…

Update before that proof-of-concept comes to bite

Security researchers are sounding the alarm over a fresh flaw in the JavaScript implementation of OpenPGP (OpenPGP.js) that allows both signed and encrypted messages to be spoofed.…

Peter Green Chilled supplies all the major UK chains

It's more bad news for UK supermarkets with chilled and frozen food distribution business Peter Green Chilled confirming a ransomware attack with customers.…