News

Microsoft, CrowdStrike, and pals promise clarity on cybercrew naming, deliver alias salad instead

Opinion  Microsoft and CrowdStrike made a lot of noise on Monday about teaming up with other threat-intel outfits to "bring clarity to threat-actor naming."…

TAG team spotted the V8 bug first, so you can bet nation-states weren’t far behind

Google revealed Monday that it had quietly deployed a configuration change last week to block active exploitation of a Chrome zero-day.…

Musk's 'Bitcoin-style encryption' claim has experts scratching their heads

Elon Musk's X social media platform is rolling out a new version of its direct messaging feature that the platform owner said had a "whole new architecture," but as with many a Muskian proclamation, there's reason to doubt what's been said. …

Outdoorsy brand blames credential stuffing

Joining the long queue of retailers dealing with cyber mishaps is outdoorsy fashion brand The North Face, which says crooks broke into some customer accounts using login creds pinched from breaches elsewhere.…

Out-of-band is becoming the norm rather than the exception

Microsoft is patching another patch that dumped some PCs into recovery mode with an unhelpful error code.…

To stop the JINX-0132 gang behind these attacks, pay attention to HashiCorp, Docker, and Gitea security settings

Up to a quarter of all cloud users are at risk of having their computing resources stolen and used to illicitly mine for cryptocurrency, after crims cooked up a campaign that targets publicly accessible DevOps tools.…

Nothing terribly valuable taken in data heist, though privacy a little tarnished

Global jewelry giant Cartier is writing to customers to confirm their data was exposed to cybercriminals that broke into its systems.…

A real-world Trojan Horse attack

Ukraine claims it launched a cunning drone strike on Sunday against multiple Russian airbases, hitting over 40 military aircraft and inflicting an estimated $7 billion in damage, in an operation dubbed "Spiderweb."…

Disclosure at MainStreet Bancshares comes as American finance orgs beg for looser reporting requirements

Community bank MainStreet Bancshares says thieves stole data belonging to some of its customers during an attack on a third-party provider.…

PLUS: Ransomware gang using tech support scam; Czechia accuses China of infrastructure attack; And more!

Infosec In Brief  Despite last week’s FBI announcement that it helped to take down the crew behind the Lumma infostealer, the malware continues to operate.…

'It's a high-stakes intelligence war' he told El Reg

exclusive  A mystery whistleblower calling himself GangExposed has exposed key figures behind the Conti and Trickbot ransomware crews, publishing a trove of internal files and naming names.…

Pen tester on ScreenConnect bug: This one ‘terrifies’ me

ConnectWise has brought in the big guns to investigate a "sophisticated nation state actor" that broke into its IT environment and then breached some of its customers.…

28-year-old alleged to have made multiple drops to folks who turned out to be undercover FBI agents

A Defense Intelligence Agency (DIA) IT specialist is scheduled to appear in court today after being caught by the FBI trying to surreptitiously drop top secret information to a foreign government in a public park.…

Cash splashed on damages, infrastructure improvements, and fraud monitoring

A Seattle cancer facility has agreed to fork out around $52.5 million as part of a class action settlement linked to a Thanksgiving 2023 cyberattack where criminals directly threatened cancer patients with swat attacks.…

Giving people the power to build community and bring the world closer together so we can shoot them

Meta has partnered with Anduril Industries to build augmented and virtual reality devices for the military, eight years after it fired the defense firm's founder, Palmer Luckey.…

Take care when downloading AI freebies, researcher tells The Register

Criminals are using installers for fake AI software to distribute ransomware and other destructive malware.…

Greater Manchester Police reprimanded over hours of video that went AWOL

The UK’s data watchdog has reprimanded Greater Manchester Police (GMP) force for losing CCTV footage the cop shop was later requested to retain.…

War in Ukraine causes major rethink in policy and spending

The UK is spending more than £1 billion ($1.35 billion) setting up a new Cyber and Electromagnetic Command and is recruiting a few good men and women to join up and staff it.…

30-year anniversary event adds classes and sessions to address new risks

Partner content  Infosecurity Europe celebrates its 30th anniversary by doubling down on its mission: Building a Safer Cyber World. Returning to ExCeL London from 3-5 June, the landmark edition of Europe's most influential cybersecurity event is set to be its most ambitious yet. With global cyberthreats mounting in scale and sophistication, the 2025 show will deliver strategic insight, practical training, and powerful connections across three days of expert content and community collaboration.…

Probably not a cyber-incident, but definitely not a good look

Security services vendor SentinelOne experienced a major outage on Thursday.…