The Register

Also, Swiss ransomware posture looks like its cheese, the CVE Program wants YOU, more sus checks and more

Infosec In Brief  A security researcher looking at samples of stalkerware discovered an SQL vulnerability that allowed him to steal a database of 62,000 user accounts. …

SafePay crew claims responsibility for intrusion at one of world's largest tech distributors

Ingram Micro, one of the world’s largest distributors, has confirmed it is trying to restore systems following a ransomware attack.…

¡Cuidado! Time to double-check before entering your Microsoft creds

Cybersecurity experts are reporting a 19x increase in malicious campaigns being launched from .es domains, making it the third most common, behind only .com and .ru.…

Just ignore the warnings. Nothing to see here. Move along

A mysterious piece of "under development" code is playing havoc with the Windows Firewall after the latest preview update for Windows 11 24H2.…

The insurance SaaS slinger may trade under a different name, but past continues to haunt it

Young Consulting's cybersecurity woes continue after the number of affected individuals from last year's suspected ransomware raid passed the 1 million mark.…

'Deserves fair compensation for the valuable and innovative services'? Which ones are those then?

Meta has come out swinging following the European Commission's decision that its pay-or-consent model falls foul of the Digital Markets Act (DMA).…

Don't let their kind words sway you – leaders are still up to no good

Ransomware gang Hunters International has shut up shop and offered decryption keys to all victims as a parting favor.…

You probably don't need one, but it's nice to have the option

Let's Encrypt, a certificate authority (CA) known for its free TLS/SSL certificates, has begun issuing digital certificates for IP addresses.…

Crims have cottoned on to a new way to lead you astray

AI-powered chatbots often deliver incorrect information when asked to name the address for major companies’ websites, and threat intelligence business Netcraft thinks that creates an opportunity for criminals.…

The second max score this week for Netzilla - not a good look

If you're running the Engineering-Special (ES) builds of Cisco Unified Communications Manager or its Session Management Edition, you need to apply Cisco's urgent patch after someone at Switchzilla made a big mistake.…

Two flaws in TeleMessage are 'frequent attack vectors for malicious cyber actors'

The US security watchdog CISA has warned that malicious actors are actively exploiting two flaws in the Signal clone TeleMessage TM SGNL, and has directed federal agencies to patch the flaws or discontinue use of the app by July 22.…

Nonprofit TTAM assures everything is BAU. Whether that makes customers feel better is another matter

The medical research nonprofit vying to buy 23andMe is informing existing customers that it plans to complete the deal on July 8.…

Aeza Group accused of assisting data bandits and BianLian ransomware crooks

The US Treasury has sanctioned Aeza Group, a Russian bulletproof hosting (BPH) provider, and four of its cronies for enabling ransomware and other cybercriminal activity.…

Experts say they don't expect the MOVEit menace to do much about it

Security experts have uncovered a hole in Cl0p's data exfiltration tool that could potentially leave the cybercrime group vulnerable to attack.…

It might be time to update the Submarine Telegraph Act of 1885

Cyberattacks and undersea cable sabotage are blurring the line between war and peace and exposing holes in UK law, a government minister has warned lawmakers.…

Frequent flyers’ info takes flight

Australian airline Qantas on Wednesday revealed it fell victim to a cyberattack that saw information describing six million customers stolen.…

Customizations not saved with security baseline policy update

Microsoft Intune administrators may face a few days of stress after Redmond acknowledged a problem with security baseline customizations.…

Body stays coy on details but alludes to similarities with 2023 espionage campaign

The International Criminal Court (ICC) says a "sophisticated" cyberattack targeted the institution, the second such incident in two years.…

The silly mistakes to the flagrant failures

They say that success breeds complacency, and complacency leads to failure. For cybercriminals, taking too many shortcuts when it comes to opsec delivers a little more than that. …

Makes the usual complaints about control and cost, adds argument Apple's practices harm privacy

Secure comms biz Proton has joined a lawsuit that alleges Apple’s anticompetitive ways are harming developers, consumers, and privacy.…