Sandworm's Kyivstar attack should serve as a reminder of the Kremlin crew's 'global reach'

The Register - Fri, 05/01/2024 - 07:30
'Almost everything' wiped in the telecom attack, says Ukraine's top cyber spy

Russia's Sandworm crew appear to have been responsible for knocking out mobile and internet services to about 24 million users in Ukraine last month with an attack on telco giant Kyivstar.…

Categories: News

X-ploited: Mandiant restores hijacked Twitter account after attempted crypto heist

The Register - Thu, 04/01/2024 - 20:00
Miscreants mock Google-owned security house: 'Change password please'

Miscreants took over security giant Mandiant's Twitter account for several hours on Wednesday in an attempt to steal cryptocurrency, then trolled the Google-owned security shop, telling its admins to change the password.…

Categories: News

Infosec experts divided over 23andMe's 'victim-blaming' stance on data breach

The Register - Thu, 04/01/2024 - 18:30
Users apparently at fault after reusing credentials the company didn't check were already compromised

23andMe users' godawful password practices were supposedly to blame for the biotech company's October data disaster, according to its legal reps.…

Categories: News

Infostealer malware, weak password leaves Orange Spain RIPE for plucking

The Register - Thu, 04/01/2024 - 13:15
No 2FA or special characters to prevent database takeover and BGP hijack

A weak password exposed by infostealer malware is being blamed after a massive outage at Orange Spain disrupted around half of its network's traffic.…

Categories: News

As lawmakers mull outlawing poor security, what can they really do to tackle online gangs?

The Register - Thu, 04/01/2024 - 11:45
Headline-grabbing takedowns are nice, but long-term solutions require short-term sacrifices

Comment  In some ways, the ransomware landscape in 2023 remained unchanged from the way it looked in previous years. Vendor reports continue to show a rise in attacks, major organizations are still getting hit, and the inherent issues that enable it as a business model remain unaddressed.…

Categories: News

Three Chinese balloons float near Taiwanese airbase

The Register - Thu, 04/01/2024 - 10:15
Also: Remember that balloon over the US last February? It might have used a US internet provider

Four Chinese balloons have reportedly floated over the Taiwan Strait, three of them crossing over the island's land mass and near its Ching-Chuan-Kang air base before disappearing, according to the Taiwan's defense ministry.…

Categories: News

Microsoft kills off Windows app installation from the web, again

The Register - Thu, 04/01/2024 - 00:02
Unpleasant Christmas package lets malware down the chimney

Microsoft has disabled a protocol that allowed the installation of Windows apps after finding that miscreants were abusing the mechanism to install malware.…

Categories: News

Estes refuses to deliver ransom, but admits client data got opened

The Register - Wed, 03/01/2024 - 21:30
Pay up, or just refuse to submit?

One of America's biggest private freight shippers, Estes Express Lines, has told more than 20,000 customers that criminals may have stolen their personal information.…

Categories: News

Atos confirms talks with Airbus over cybersecurity wing sale

The Register - Wed, 03/01/2024 - 15:45
IT service company's latest move to clear its maturing debts

French IT services provider Atos has entered talks with Airbus to sell its tech security division in an effort to ease its financial burdens.…

Categories: News

Copy that? Xerox confirms 'security incident' at subsidiary

The Register - Wed, 03/01/2024 - 13:15
Company’s removal from ransomware gang’s leak blog could mean negotiations underway

Xerox has officially confirmed that a cyber baddie broke into the systems of its US subsidiary - a week after INC Ransom claimed to have exfiltrated data from the copier and print giant.…

Categories: News

Formal ban on ransomware payments? Asking orgs nicely to not cough up ain't working

The Register - Wed, 03/01/2024 - 08:30
With the average demand hitting $1.5 million, something's gotta change

Emsisoft has called for a complete ban on ransom payments following another record-breaking year of digital extortion.…

Categories: News

Google password resets not enough to stop these info-stealing malware strains

The Register - Tue, 02/01/2024 - 19:58
Now every miscreant is jumping on Big G's OAuth account security hole

Security researchers say info-stealing malware can still access victims' compromised Google accounts even after passwords have been changed.…

Categories: News

Court hearings become ransomware concern after justice system breach

The Register - Tue, 02/01/2024 - 16:15
From legal proceedings to potential YouTube fodder

The court system of Victoria, Australia, was subject to a suspected ransomware attack in which audiovisual recordings of court hearings may have been accessed.…

Categories: News

Crypto-crook Sam Bankman-Fried spared a second trial

The Register - Tue, 02/01/2024 - 07:30
Eighth charge related to campaign contributions would just take too dang long

US prosecutors do not plan to proceed with a second trial of convicted and imprisoned crypto-villain Sam Bankman-Fried (SBF), according to a Southern District of New York court letter filed on December 29.…

Categories: News

CEO arranged his own cybersecurity, with predictable results

The Register - Fri, 29/12/2023 - 08:01
Cleaning up after hackers is easy compared to surviving the politics of consultancy

On Call  It’s the last Friday of 2023, but because the need for tech support never goes away neither does On Call, The Register’s Friday column in which readers share their tales of being asked to fix the unfeasible, in circumstances that are often indefensible.…

Categories: News

A tale of 2 casino ransomware attacks: One paid out, one did not

The Register - Thu, 28/12/2023 - 17:05
What can be learned from MGM's and Caesars' infosec moves

Feature  The same cybercrime crew broke into two high-profile Las Vegas casino networks over the summer, infected both with ransomware, and stole data belonging to tens of thousands of customers from the mega-resort chains.…

Categories: News

Kaspersky reveals previously unknown hardware 'feature' used in iPhone attacks

The Register - Thu, 28/12/2023 - 15:50
'This is no ordinary vulnerability' sec pros explain

Kaspersky's Global Research and Analysis Team (GReAT) has exposed a previously unknown 'feature' in Apple iPhones that allows attackers to bypass hardware-based memory protection.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News