News

North Korea targets crypto developers via NPM supply chain attack

The Register - Thu, 13/02/2025 - 12:00
Yet another cash grab from Kim's cronies and an intel update from Microsoft

North Korea has changed tack: its latest campaign targets the NPM registry and owners of Exodus and Atomic cryptocurrency wallets.…

Categories: News

Mysterious Palo Alto firewall reboots? You're not alone

The Register - Thu, 13/02/2025 - 07:21
Limited-edition hotfix to get wider release before end of month

Administrators of Palo Alto Networks' firewalls have complained the equipment falls over unexpectedly, and while a fix has bee prepared, it's not yet generally available.…

Categories: News

Have I Been Pwned likely to ban resellers from buying subs, citing ‘sh*tty behavior’ and onerous support requests

The Register - Thu, 13/02/2025 - 04:59
‘What are customers actually getting from resellers other than massive price markups?’ asks Troy Hunt

Troy Hunt, proprietor of data breach lookup site Have I Been Pwned, is likely to ban resellers from the service.…

Categories: News

The Feds want developers to stop coding 'unforgivable' buffer overflow vulns

The Register - Thu, 13/02/2025 - 01:29
FBI, CISA harrumph at Microsoft and VMware in call for coders to quit baking avoidable defects into stuff

US authorities have labelled buffer overflow vulnerabilities "unforgivable defects”, pointed to the presence of the holes in products from the likes of Microsoft and VMware, and urged all software developers to adopt secure-by-design practices to avoid creating more of them.…

Categories: News

Sophos sheds 6% of staff after swallowing Secureworks

The Register - Thu, 13/02/2025 - 00:34
De-dupes some roles, hints others aren't needed as the infosec scene shifts

Nine days after completing its $859 million acquisition of managed detection and response provider Secureworks, Sophos has laid off around six percent of its staff.…

Categories: News

Trump’s cyber chief pick has little experience in The Cyber

The Register - Wed, 12/02/2025 - 21:14
GOP lawyer Sean Cairncross will be learning on the fly, as we also say hi to new intelligence boss Tulsi Gabbard

President Trump has reportedly chosen a candidate for National Cyber Director — another top tech appointee with no professional experience in that role.…

Categories: News

Arizona laptop farmer pleads guilty for funneling $17M to Kim Jong Un

The Register - Wed, 12/02/2025 - 20:30
300+ US companies, 70+ individuals hit by the fraudsters

An Arizona woman who created a "laptop farm" in her home to help fake IT workers pose as US-based employees has pleaded guilty in a scheme that generated over $17 million for herself... and North Korea.…

Categories: News

Ransomware isn't always about the money: Government spies have objectives, too

The Register - Wed, 12/02/2025 - 19:30
Analysts tell El Reg why Russia's operators aren't that careful, and why North Korea wants money AND data

Feature  Ransomware gangsters and state-sponsored online spies fall on opposite ends of the cyber-crime spectrum.…

Categories: News

Russia's Sandworm caught snarfing credentials, data from American and Brit orgs

The Register - Wed, 12/02/2025 - 17:00
'Near-global' initial access campaign active since 2021

An initial-access subgroup of Russia's Sandworm last year wriggled its way into networks within the US, UK, Canada and Australia, stealing credentials and data from "a limited number of organizations," according to Microsoft.…

Categories: News

Crimelords and spies for rogue states are working together, says Google

The Register - Wed, 12/02/2025 - 13:29
Only lawmakers can stop them. Plus: software needs to be more secure, but what's in it for us?

Google says the the world's lawmakers must take action against the increasing links between criminal and state-sponsored cyber activity.…

Categories: News

February's Patch Tuesday sees Microsoft offer just 63 fixes

The Register - Wed, 12/02/2025 - 02:58
Don't relax just yet: Redmond has made some certificate-handling changes that could trip unprepared admins

Patch Tuesday  Microsoft’s February patch collection is mercifully smaller than January’s mega-dump. But don't get too relaxed – some deserve close attention, and other vendors have stepped in with plenty more fixes.…

Categories: News

Probe finds US Coast Guard has left maritime cybersecurity adrift

The Register - Tue, 11/02/2025 - 23:44
Numerous systemic vulnerabilities could scuttle $5.4T industry

Despite the escalating cyber threats targeting America's maritime transportation system, the US Coast Guard still lacks a comprehensive strategy to secure this critical infrastructure - nor does it have reliable access to data on cybersecurity vulnerabilities and past attacks, the Government Accountability Office (GAO) warns.…

Categories: News

Yup, AMD's Elba and Giglio definitely sound like they work corporate security

The Register - Tue, 11/02/2025 - 23:22
Which is why Cisco is adding these Pensando DPUs to more switches

Cisco is cramming into more of its switches Pensando data processing units (DPUs) from AMD, which will be dedicated to handling security, storage, and other tasks.…

Categories: News

'Key kernel maintainers' still back Rust in the Linux kernel, despite the doubters

The Register - Tue, 11/02/2025 - 22:15
Rustaceans could just wait for unwelcoming C coders to slowly SIGQUIT...

The Rust for Linux project is alive and well, despite suggestions to the contrary, even if not every Linux kernel maintainer is an ally.…

Categories: News

Triplestrength hits victims with triple trouble: Ransomware, cloud hijacks, crypto-mining

The Register - Tue, 11/02/2025 - 20:42
These crooks have no chill

A previously unknown gang dubbed Triplestrength poses a triple threat to organizations: It infects victims' computers with ransomware, then hijacks their cloud accounts to illegally mine for cryptocurrency.…

Categories: News

AUKUS blasts holes in LockBit's bulletproof hosting provider

The Register - Tue, 11/02/2025 - 18:26
UK foreign secretary says Putin is running a 'corrupt mafia state'

One of the bulletproof hosting (BPH) providers used by the LockBit ransomware operation has been hit with sanctions in the US, UK, and Australia (AUKUS), along with six of its key allies.…

Categories: News

Man who SIM-swapped the SEC's X account pleads guilty

The Register - Tue, 11/02/2025 - 16:15
Said to have asked search engine 'What are some signs that the FBI is after you?'

An Alabama man is pleading guilty after being charged with SIM swapping the Securities and Exchange Commission's (SEC) X account in January last year.…

Categories: News

I'm a security expert, and I almost fell for a North Korea-style deepfake job applicant …Twice

The Register - Tue, 11/02/2025 - 14:01
Remote position, webcam not working, then glitchy AI face ... Red alert!

Twice, over the past two months, Dawid Moczadło has interviewed purported job seekers only to discover that these "software developers" were scammers using AI-based tools — likely to get hired at a security company also using artificial intelligence, and then steal source code or other sensitive IP.…

Categories: News

Apple warns 'extremely sophisticated attack' may be targeting iThings

The Register - Tue, 11/02/2025 - 01:58
Cupertino mostly uses bland language when talking security, so this sounds nasty

Apple has warned that some iPhones and iPads may have been targeted by an “extremely sophisticated attack” and has posted patches that hopefully prevent it.…

Categories: News

All your 8Base are belong to us: Ransomware crew busted in global sting

The Register - Mon, 10/02/2025 - 22:15
Dark web site seized, four cuffed in Thailand

An international police operation spanning the US, Europe, and Asia has shuttered the 8Base ransomware crew's dark web presence and resulted in the arrest of four European suspects accused of stealing $16 million from more than 1,000 victims worldwide.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News