The Register
Combination of cheap .cloud domains and fake Shark Tank news fuel unhealthy wellness scams
Scammers are buying up cheap domain names to host sites that sell dodgy health products using fake articles, according to cybercrime disruption outfit Netcraft.…
Nokia walks the walk about its RAN to play on Uncle Sam’s China fears
Comment A vendor establishing a business unit dedicated to government sales is not new or unusual. But Finnish telecommunications giant Nokia’s decision to do so in the USA this week tells a bigger story about Washington’s paranoia regarding the security of critical communications infrastructure security.…
FBI: Beware of thieves building Androxgh0st botnets using stolen creds
Crooks are exploiting years-old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet, according to the FBI and the Cybersecurity and Infrastructure Security Agency (CISA).…
Locking down the edge
Commissioned Edge security is a growing headache. The attack surface is expanding as more operational functions migrate out of centralized locations and into distributed sites and devices.…
Double trouble for VMware and Atlassian admins – critical flaws to fix
VMware and Atlassian today disclosed critical vulnerabilities and, while neither appear to have been exploited by miscreants yet, admins should patch now to avoid disappointment.…
More than 178,000 SonicWall firewalls are exposed to old denial of service bugs
More than 178,000 SonicWall firewalls are still vulnerable to years-old vulnerabilities, an infosec reseacher claims.…
Ivanti zero-day exploits explode as bevy of attackers get in on the act
There's a "reasonable chance" that Ivanti Connect Secure (ICS) VPN users are already compromised if they didn't apply the vulnerability mitigation released last week, experts say.…
China’s gambling crackdown spawned wave of illegal online casinos and crypto-crime in Asia
Global crime networks have set up shop in autonomous territories run by armed gangs across Southeast Asia, and are using them to host physical and online casinos that, in concert with crypto exchanges, have led to an explosion of money laundering, cyberfraud, and cybercrime across the region and beyond.…
Thousands of Juniper Networks devices vulnerable to critical RCE bug
More than 11,500 Juniper Networks devices are exposed to a new remote code execution (RCE) vulnerability, and infosec researchers are pressing admins to urgently apply the patches.…
Patch time: Critical GitLab vulnerability exposes 2FA-less users to account takeovers
GitLab admins should apply the latest batch of security patches pronto given the new critical account-bypass vulnerability just disclosed.…
FTC secures first databroker settlement banning sale of sensitive location data
Infosec in brief The US Federal Trade Commission has secured its first data broker settlement agreement, prohibiting X-Mode Social from sharing or selling sensitive location data.…
Ransomware protection deconstructed
Sponsored Post Rubrik has combed through its archive to find what it judges to be the top 12 must-see demos of its products available to watch on demand whenever you feel like it.…
China loathes AirDrop so much it’s publicized an old flaw in Apple’s P2P protocol
In June 2023 China made a typically bombastic announcement: operators of short-distance ad hoc networks must ensure they run according to proper socialist principles, and ensure all users divulge their real-world identities.…