VMware urges emergency action to blunt hypervisor flaws

The Register - Thu, 07/03/2024 - 07:30
Critical vulns in USB under ESXi and desktop hypervisors found by Chinese researchers at cracking contest

Hypervisors are supposed to provide an inviolable isolation layer between virtual machines and hardware. But hypervisor heavyweight VMware by Broadcom yesterday revealed its hypervisors are not quite so inviolable as it might like.…

Categories: News

Here’s something else AI can do: expose bad infosec to give cyber-crims a toehold in your organization

The Register - Thu, 07/03/2024 - 06:27
Singaporean researchers note rising presence of ChatGPT creds in Infostealer malware logs

Stolen ChatGPT credentials are a hot commodity on the dark web, according to Singapore-based threat intelligence firm Group-IB, which claims to have found some 225,000 stealer logs containing login details for the service last year.…

Categories: News

US lawmakers want ByteDance to divest TikTok or face a ban

The Register - Thu, 07/03/2024 - 06:05
The American mind must not be at the mercy of Chinese algorithms

A group of US lawmakers introduced legislation on Tuesday that, if passed, would force Chinese internet concern ByteDance to divest TikTok – its most valuable property – or see it banned in the US.…

Categories: News

Lawsuit claims gift card fraud is the gift that keeps on giving, to Google

The Register - Thu, 07/03/2024 - 01:15
Play Store commissions are a nice little earner, wherever they come from

Google has been accused of profiting from gift card scams.…

Categories: News

Chinese chap charged with stealing Google’s AI datacenter secrets

The Register - Thu, 07/03/2024 - 00:37
Moonlighted for PRC companies after side-stepping Big G's security, allegedly

A now-former Google employee has been charged with stealing the ad giant’s AI trade secrets while quietly working for two Chinese companies – after easily defeating whatever security controls Big G had in place.…

Categories: News

FBI: Critical infrastructure suffers spike in ransomware attacks

The Register - Wed, 06/03/2024 - 20:49
Jump in overall cybercrime reports, $60M-plus reportedly lost to extortionists alone, Feds reckon

Digital crimes potentially cost victims more than $12.5 billion last year, according to the FBI's latest Internet Crime Complaint Center (IC3) annual report. …

Categories: News

Apple's trademark tight lips extend to new iPhone, iPad zero-days

The Register - Wed, 06/03/2024 - 17:01
Two flaws fixed, one knee bent to the EU, and a budding cybersecurity star feature in iOS 17.4

Apple's latest security patches address four vulnerabilities affecting iOS and iPadOS, including two zero-days that intel suggests attackers have already exploited.…

Categories: News

Capita says 2023 cyberattack costs a factor as it reports staggering £100M+ loss

The Register - Wed, 06/03/2024 - 12:31
Additional cuts announced, sparking fears of further layoffs

Outsourcing giant Capita today reported a net loss of £106.6 million ($135.6 million) for calendar 2023, with the costly cyberattack by criminals making a hefty dent in its annual financials.…

Categories: News

Chip lobby group SEMI to EU: Export restrictions should only be used in self-defense

The Register - Wed, 06/03/2024 - 08:23
Please don't scare away foreign investors - who do you think pays for this stuff?

SEMI, an industry association representing 3,000 chip vendors, would really appreciate it if the European Union would back off plans to impose export controls on China, arguing that they should only be used as a "last resort" to protect national security.…

Categories: News

Japan orders local giants LINE and NAVER to disentangle their tech stacks

The Register - Wed, 06/03/2024 - 03:29
Government mighty displeased about a shared Active Directory that led to a big data leak

Japan's government has ordered local tech giants LINE and NAVER to disentangle their tech stacks, after a data breach saw over 510,000 users' data exposed.…

Categories: News

Uncle Sam intervenes as Change Healthcare ransomware fiasco creates mayhem

The Register - Wed, 06/03/2024 - 00:30
As the crooks behind the attack - probably ALPHV/BlackCat - fake their own demise

The US government has stepped in to help hospitals and other healthcare providers affected by the Change Healthcare ransomware infection, offering more relaxed Medicare rules and urging advanced funding to providers.…

Categories: News

Fidelity customers' financial info feared stolen in suspected ransomware attack

The Register - Tue, 05/03/2024 - 19:28
Insurance giant blames Infosys, LockBit claims credit

Criminals have probably stolen nearly 30,000 Fidelity Investments Life Insurance customers' personal and financial information — including bank account and routing numbers, credit card numbers and security or access codes — after breaking into Infosys' IT systems in the fall.…

Categories: News

US accuses Army vet cyber-Casanova of sharing Russia-Ukraine war secrets

The Register - Tue, 05/03/2024 - 17:06
Where better to expose confidential data than on a dating app?

Yet another US military man is facing a potentially significant stretch in prison after allegedly sending secret national defense information (NDI) overseas.…

Categories: News

IP address X-posure now a feature on Musk's social media platform

The Register - Tue, 05/03/2024 - 16:18
If you're still on X you'd better disable this insecure-by-default calling feature, lest someone snatch your IP

Video and audio calling features for X Premium users added last year to Elon Musk's version of Twitter have been expanded to everyone on the platform, and we're warning Reg readers yet again to disable the feature - this time because it appears to expose user IP addresses.…

Categories: News

Rapid7 throws JetBrains under the bus for 'uncoordinated vulnerability disclosure'

The Register - Tue, 05/03/2024 - 13:15
Exploits began within hours of the original disclosure, so patch now

Security shop Rapid7 is criticizing JetBrains for flouting its policy against silent patching regarding fixes for two fresh vulnerabilities in the TeamCity CI/CD server.…

Categories: News

Spam crusade lands charity in hot water with data watchdog

The Register - Tue, 05/03/2024 - 09:30
Penny Appeal sent more than 460,000 texts asking for money to help war-torn countries, no opt out

Typically it is energy improvement peddlers or debt help specialists that are disgraced by Britain's data watchdog for spamming unsuspecting households, but the latest entrant in the hall of shame is a charity.…

Categories: News

Cloudflare wants to put a firewall in front of your LLM

The Register - Tue, 05/03/2024 - 01:32
Claims to protect against DDoS, sensitive data leakage

Cloudflare has tweaked its web application firewall (WAF) to add protections for applications using large language models.…

Categories: News

American Express admits card data exposed and blames third party

The Register - Mon, 04/03/2024 - 23:04
Don't leave home without … IT security

A security failure at a third-party vendor exposed an untold number of American Express card numbers, expiry dates, and other data to persons unknown.…

Categories: News

Change Healthcare attack latest: ALPHV bags $22M in Bitcoin amid affiliate drama

The Register - Mon, 04/03/2024 - 21:01
No honor among thieves?

ALPHV/BlackCat, the gang behind the Change Healthcare cyberattack, has received more than $22 million in Bitcoin in what might be a ransomware payment.…

Categories: News

Seoul accuses North Korea of stealing southern chipmakers' designs

The Register - Mon, 04/03/2024 - 20:00
Kim Jong Un's all in for home-built silicon says warning

North Korean government spies have broken into the servers of at least two chipmakers and stolen product designs as part of attempts to spur Kim Jong Un's plans for a domestic semiconductor industry, according to Seoul's security agency.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News