News

Yet another cash grab from Kim's cronies and an intel update from Microsoft

North Korea has changed tack: its latest campaign targets the NPM registry and owners of Exodus and Atomic cryptocurrency wallets.…

Limited-edition hotfix to get wider release before end of month

Administrators of Palo Alto Networks' firewalls have complained the equipment falls over unexpectedly, and while a fix has bee prepared, it's not yet generally available.…

‘What are customers actually getting from resellers other than massive price markups?’ asks Troy Hunt

Troy Hunt, proprietor of data breach lookup site Have I Been Pwned, is likely to ban resellers from the service.…

FBI, CISA harrumph at Microsoft and VMware in call for coders to quit baking avoidable defects into stuff

US authorities have labelled buffer overflow vulnerabilities "unforgivable defects”, pointed to the presence of the holes in products from the likes of Microsoft and VMware, and urged all software developers to adopt secure-by-design practices to avoid creating more of them.…

De-dupes some roles, hints others aren't needed as the infosec scene shifts

Nine days after completing its $859 million acquisition of managed detection and response provider Secureworks, Sophos has laid off around six percent of its staff.…

GOP lawyer Sean Cairncross will be learning on the fly, as we also say hi to new intelligence boss Tulsi Gabbard

President Trump has reportedly chosen a candidate for National Cyber Director — another top tech appointee with no professional experience in that role.…

300+ US companies, 70+ individuals hit by the fraudsters

An Arizona woman who created a "laptop farm" in her home to help fake IT workers pose as US-based employees has pleaded guilty in a scheme that generated over $17 million for herself... and North Korea.…

Analysts tell El Reg why Russia's operators aren't that careful, and why North Korea wants money AND data

Feature  Ransomware gangsters and state-sponsored online spies fall on opposite ends of the cyber-crime spectrum.…

'Near-global' initial access campaign active since 2021

An initial-access subgroup of Russia's Sandworm last year wriggled its way into networks within the US, UK, Canada and Australia, stealing credentials and data from "a limited number of organizations," according to Microsoft.…

Only lawmakers can stop them. Plus: software needs to be more secure, but what's in it for us?

Google says the the world's lawmakers must take action against the increasing links between criminal and state-sponsored cyber activity.…

Don't relax just yet: Redmond has made some certificate-handling changes that could trip unprepared admins

Patch Tuesday  Microsoft’s February patch collection is mercifully smaller than January’s mega-dump. But don't get too relaxed – some deserve close attention, and other vendors have stepped in with plenty more fixes.…

Numerous systemic vulnerabilities could scuttle $5.4T industry

Despite the escalating cyber threats targeting America's maritime transportation system, the US Coast Guard still lacks a comprehensive strategy to secure this critical infrastructure - nor does it have reliable access to data on cybersecurity vulnerabilities and past attacks, the Government Accountability Office (GAO) warns.…

Which is why Cisco is adding these Pensando DPUs to more switches

Cisco is cramming into more of its switches Pensando data processing units (DPUs) from AMD, which will be dedicated to handling security, storage, and other tasks.…

Rustaceans could just wait for unwelcoming C coders to slowly SIGQUIT...

The Rust for Linux project is alive and well, despite suggestions to the contrary, even if not every Linux kernel maintainer is an ally.…

These crooks have no chill

A previously unknown gang dubbed Triplestrength poses a triple threat to organizations: It infects victims' computers with ransomware, then hijacks their cloud accounts to illegally mine for cryptocurrency.…

UK foreign secretary says Putin is running a 'corrupt mafia state'

One of the bulletproof hosting (BPH) providers used by the LockBit ransomware operation has been hit with sanctions in the US, UK, and Australia (AUKUS), along with six of its key allies.…

Said to have asked search engine 'What are some signs that the FBI is after you?'

An Alabama man is pleading guilty after being charged with SIM swapping the Securities and Exchange Commission's (SEC) X account in January last year.…

Remote position, webcam not working, then glitchy AI face ... Red alert!

Twice, over the past two months, Dawid Moczadło has interviewed purported job seekers only to discover that these "software developers" were scammers using AI-based tools — likely to get hired at a security company also using artificial intelligence, and then steal source code or other sensitive IP.…

Cupertino mostly uses bland language when talking security, so this sounds nasty

Apple has warned that some iPhones and iPads may have been targeted by an “extremely sophisticated attack” and has posted patches that hopefully prevent it.…

Dark web site seized, four cuffed in Thailand

An international police operation spanning the US, Europe, and Asia has shuttered the 8Base ransomware crew's dark web presence and resulted in the arrest of four European suspects accused of stealing $16 million from more than 1,000 victims worldwide.…