The Register
The TSA likes facial recognition at airports. Passengers and politicians, not so much
US lawmakers are trying to extend the use of facial recognition at airports, despite many airline passengers objecting to the practice.…
Enterprises neglect AI security – and attackers have noticed
Organizations rushing to implement AI are neglecting security and governance, IBM claims, with attackers already taking advantage of lax protocols to target models and applications.…
Users left scrambling for a plan B as Dropbox drops Dropbox Passwords
Dropbox has given users of its password manager until the end of October to extract their data before pulling the plug on the service.…
Minnesota governor calls in the troops after St Paul cyberattack
Minnesota Governor Tim Walz has activated the state's National Guard and declared a state of emergency in response to a cyberattack on the city of Saint Paul.…
Palo Alto Networks inks $25b deal to buy identity-security shop CyberArk
Palo Alto Networks will buy Israeli security biz CyberArk in a $25 billion cash-and-stock deal confirmed today.…
Ransomware gang sets deadline to leak 3.5 TB of Ingram Micro data
The cybercriminals claiming responsibility for Ingram Micro's ransomware attack put a deadline on leaking its data nearly a month after the raid.…
CISA caves to Wyden, agrees to release US telco insecurity report - but won’t say when
The US Cybersecurity and Infrastructure Security Agency on Tuesday finally agreed to make public an unclassified report from 2022 about American telecommunications networks' poor security practices.…
FBI: Watch out for these signs Scattered Spider is spinning its web around your org
The FBI and a host of international cyber and law enforcement agencies on Tuesday warned that Scattered Spider extortionists have changed their tactics and are now breaking into victims' networks using savvier social engineering techniques, searching for organizations' Snowflake database credentials, and deploying a handful of new ransomware variants, most recently DragonForce. …
Raspberry Pi RP2350 A4 update fixes old bugs and dares you to break it again
The Raspberry Pi team has released an update to the RP2350 microcontroller with bug fixes, hardening, and a GPIO tweak that will delight retro hardware enthusiasts.…
War Games: MoD asks soldiers with 1337 skillz to compete in esports
The UK's Ministry of Defence (MoD) is doubling down on its endorsement of esports by tasking the British Esports Federation to establish a new tournament to upskill existing servicepeople in the digital skirmishes.…
Microsoft spotlights Apple bug patched in March as SharePoint exploits continue
Amidst its own failure to fix a couple of bugs now under mass exploitation and being abused for espionage, data theft, and ransomware infections, Microsoft said Monday that it spotted a macOS vulnerability some months ago that could allow attackers to steal private data. Redmond reported the bug to Cupertino, which issued a fix back in March.…
Security pros are drowning in threat-intel data and it's making everything more dangerous
Too many threats, too much data, and too few skilled security analysts are making companies more vulnerable to cyberattacks, according to the IT and security leaders tasked with protecting these organizations from digital threats.…
Majority of 1.4M customers caught in Allianz Life data heist
Financial services biz Allianz says the majority of customers of one of its North American subsidiaries had their data stolen in a cyberattack.…
Aeroflot aeroflops over 'IT issues' after attackers claim year-long compromise
Russia's largest airline, Aeroflot, canceled numerous flights on Monday morning following what it says was a failure in its IT systems - something hacktivists are claiming responsiblity for.…
US spy satellite agency breached, but insists no classified secrets spilled
Infosec in brief A computer intrusion hit the US spy satellite agency, but officials insist no classified secrets were lost - just some unclassified ones, apparently.…
Congress tries to outlaw AI that jacks up prices based on what it knows about you
Two Democratic members of Congress, Greg Casar (D-TX) and Rashida Tlaib (D-MI,) have introduced legislation in the US House of Representatives to ban the use of AI surveillance to set prices and wages.…
Blame a leak for Microsoft SharePoint attacks, researcher insists
A week after Microsoft told the world that its July software updates didn't fully fix a couple of bugs, which allowed miscreants to take over on-premises SharePoint servers and remotely execute code, researchers have assembled much of the puzzle — with one big missing piece.…
Senator to Google: Give us info from telco Salt Typhoon probes
US Senator Maria Cantwell (D-WA) has demanded that Google-owned incident response firm Mandiant hand over the Salt Typhoon-related security assessments of AT&T and Verizon that, according to the lawmaker, both operators have thus far refused to give Congress.…
Freelance dev shop Toptal caught serving malware after GitHub account break-in
Developer freelancing platform Toptal has been inadvertently spreading malicious code after attackers broke into its systems and began distributing malware through developer accounts.…
Microsoft admits it 'cannot guarantee' data sovereignty
Microsoft says it "cannot guarantee" data sovereignty to customers in France – and by implication the wider European Union – should the Trump administration demand access to customer information held on its servers.…