The Register
MINJA sneak attack poisons AI models for other chatbot users
AI models with memory aim to enhance user interactions by recalling past engagements. However, this feature opens the door to manipulation.…
Allstate Insurance sued for delivering personal info on a platter, in plaintext, to anyone who went looking for it
New York State has sued Allstate Insurance for operating websites so badly designed they would deliver personal information in plain-text to anyone that went looking for it.…
Google begs owners of crippled Chromecasts not to hit factory reset
Google's second-generation Chromecast and its Chromecast Audio are suffering a major ongoing outage, with devices failing to cast due to an expired security certificate. The web giant is aware of the breakdown and says a fix is in the works.…
Sidewinder goes nuclear, charts course for maritime mayhem in tactics shift
Researchers say the Sidewinder offensive cyber crew is starting to target maritime and nuclear organizations.…
Rhysida pwns two US healthcare orgs, extracts over 300K patients' data
Break-ins to systems hosting the data of two US healthcare organizations led to thieves making off with the personal and medical data of more than 300,000 patients.…
Consumer Reports calls out slapdash AI voice-cloning safeguards
Four out of six companies offering AI voice cloning software fail to provide meaningful safeguards against the misuse of their products, according to research conducted by Consumer Reports.…
How NOT to f-up your security incident response
Feature Experiencing a ransomware infection or other security breach ranks among the worst days of anyone's life — but it can still get worse.…
The NHS security culture problem is a crisis years in the making
Analysis Walk into any hospital and ask the same question – "Which security system should we invest in?" – to both a doctor and a board member, and you may get different answers. The doctor chooses the system that leads to the most positive patient outcomes, while the board member chooses whichever solution is best for their increasingly stretched budget.…
Strap in, get ready for more Rust drivers in Linux kernel
Rust is alive and well in the Linux kernel and is expected to translate into noticeable benefits shortly, though its integration with the largely C-oriented codebase still looks uneasy.…
Microsoft admits GitHub hosted malware that infected almost a million devices
Infosec in Brief Microsoft has spotted a malvertising campaign that downloaded nastyware hosted on GitHub and exposed nearly a million devices to information thieves.…
India wants backdoors into clouds, email, SaaS, for tax inspectors
Asia in Brief India’s government has proposed giving its tax authorities sweeping powers to access private email systems and applications.…
Kernel saunters – How Apple rearranged its XNU kernel with exclaves
Apple has been working to harden the XNU kernel that powers its various operating systems, including iOS and macOS, with a feature called "exclaves."…
Developer sabotaged ex-employer with kill switch that activated when he was let go
A federal jury in Cleveland has found a senior software developer guilty of sabotaging his employer's systems – and he's now facing a potential ten years behind bars.…
Uncle Sam charges alleged Garantex admins after crypto-exchange web seizures
The Feds today revealed more details about the US Secret Service-led Garantex takedown, a day after seizing websites and freezing assets belonging to the Russian cryptocurrency exchange in coordination with German and Finnish law enforcement agencies.…
Alleged cyber scalpers Swiftly cuffed over $635K Taylor ticket heist
Police have made two arrests in their quest to start a cybercrime crew's prison eras, alleging the pair stole hundreds of Taylor Swift tickets and sold them for huge profit. …
Like whitebox servers, rent-a-crew crime 'affiliates' have commoditized ransomware
Interview There's a handful of cybercriminal gangs that Jason Baker, a ransomware negotiator with GuidePoint Security, regularly gets called in to respond to these days, and a year ago only one of these crews — Akira — was on threat hunters' radars and infecting organizations with the same ferocity as it is today.…
The Badbox botnet is back, powered by up to a million backdoored Androids
Human Security’s Satori research team says it has found a new variant of the remote-controllable Badbox malware, and as many as a million infected Android devices running it to form a massive botnet.…
International cops seize ransomware crooks' favorite Russian crypto exchange
A coalition of international law enforcement has shut down Russian cryptocurrency exchange Garantex, a favorite of now-defunct ransomware crew Conti and others criminals for money laundering.…
Uncle Sam mulls policing social media of all would-be citizens
The US government's Citizenship and Immigration Service (USCIS) is considering monitoring not just the social media posts of non-citizens coming into the country, but also all those already in America going through an immigration or citizenship process.…
Toronto Zoo ransomware crooks snatch decades of visitor data
Toronto Zoo's final update on its January 2024 cyberattack arrived this week, revealing that visitor data going back to 2000 had been compromised.…