News

Two ransomware gangs bragged of massive theft of personal info and medical files

Consulting Radiologists has notified almost 512,000 patients that digital intruders accessed their personal and medical information during a February cyberattack.…

Blockade begins July 20 over national security fears

Breaking news  The Biden administration has banned the sale of Kaspersky software in the United States, arguing the Russian biz is a national security risk.…

Downtime set to crash into next week

The vendor behind the software on which nearly 15,000 car dealerships across the US rely says an ongoing "cyber incident" has forced it to pull systems offline for a second time in as many days.…

Researchers allegedly stole $3M using the vulnerability, then asked how much it was really worth

Kraken, one of the largest cryptocurrency exchanges in the world, has accused a trio of security researchers of discovering a critical bug, expoliting it to steal millions in digital cash, then using stolen funds to extort the exchange for more.…

Publishing right before a major election is apparently just a coincidence

A fresh report into the Nobelium offensive cyber crew published by France's computer emergency response team (CERT-FR) highlights the group's latest tricks as the country prepares for a major election and to host this year's Olympic and Paralympic Games.…

Cybercriminals claim they used a zero-day to breach pathology provider’s systems

Interview  The ransomware gang responsible for the current healthcare crisis at London hospitals says it has no regrets about the attack, which was entirely deliberate, it told The Register in an interview.…

Rail company goes full steam ahead with notification letters to Rewards customers about spilled card details and more

US rail company Amtrak is writing to users of its Guest Rewards program to inform them that their data is potentially at risk following a derailment of their account security. …

Control-C, Control-V, Enter ... Hell

Crafty criminals are targeting thousands of orgs around the world in social-engineering attacks that use phony error messages to trick users into running malicious PowerShell scripts. …

Two decades in the clink would be quite an education

A now-former IT director has pleaded guilty to defrauding the university at which he was employed – and a computer equipment supplier – for $2.1 million over five years.…

Chip designer really gonna need to channel some Zen right now

AMD's IT team is no doubt going through its logs today after cyber-crooks put up for sale what is claimed to be internal data stolen from the US microprocessor designer.…

If you call 'client-side scanning' something like 'upload moderation,' it still undermines privacy, security

On Thursday, the EU Council is scheduled to vote on a legislative proposal that would attempt to protect children online by disallowing confidential communication.…

Academic-industry project takes next step as key promoter chip designer licks its wounds

A group of technology organizations has formed the CHERI Alliance CIC (Community Interest Company) to promote industry adoption of the security technology focused on memory access.…

Billions of dollars made available but worst appears to be over

The US government is winding down its financial support for healthcare providers originally introduced following the ransomware attack at Change Healthcare in February.…

CEO of Dumfries and Galloway admits circa 150K people should assume their details leaked

The chief exec at NHS Dumfries and Galloway will write to thousands of folks in the Scottish region whose data was stolen by criminals, admitting the lot of it was published after the trust did not give in to the miscreants' demands.…

Specially crafted network packet could allow remote code execution and access to VM fleets

VMware by Broadcom has revealed a pair of critical-rated flaws in vCenter Server – the tool used to manage virtual machines and hosts in its flagship Cloud Foundation and vSphere suites.…

'TikTag' security folks find anti-exploit mechanism rather fragile

In 2018, chip designer Arm introduced a hardware security feature called Memory Tagging Extensions (MTE) as a defense against memory safety bugs. But it may not be as effective as first hoped.…

Pen-testing tools didn't work – and personal info of folks hit by pandemic started appearing in search engines

Two consulting firms, Guidehouse and Nan McKay and Associates, have agreed to pay a total of $11.3 million to resolve allegations of cybersecurity failings over their roll-out of COVID-19 assistance.…

Could this be curtains for Dopenugget and Zero Angel's $430M cyber-crime souk?

The two alleged administrators of Empire Market, a dark-web bazaar that peddled drugs, malware, digital fraud, and other illegal stuff, have been detained on charges related to owning and operating the illicit souk.…

Four years on and it's still paying for what California attorney general calls 'unacceptable' practice

Months after escaping without a fine from the US Federal Trade Commission (FTC), the luck of cloud software biz Blackbaud ran out when it came to reaching a settlement with California's attorney general.…

Spanish cops make arrest at airport before he jetted off to Italy

Spanish police arrested a person they allege to be the leader of the notorious cybercrime gang Scattered Spider just before he boarded a private flight headed to Naples.…