The Register
CISO who helped unmask Badbox warns: Version 3 is coming
Badbox 2.0, the botnet that infected millions of smart TV boxes and connected devices before private security researchers and law enforcement partially disrupted its infrastructure, is readying for a third round of fraud and digital attacks, according to one of the threat hunters who uncovered the original scheme.…
Microsoft warns of 66 flaws to fix for this Patch Tuesday, and two are under active attack
Patch Tuesday It's Patch Tuesday time again, and Microsoft is warning that there are a bunch of critical fixes to sort out - and two actively exploited bugs.…
Texas warns 300,000 crash reports siphoned via compromised user account
The Texas Department of Transportation says a compromised user account was used to improperly download nearly 300,000 crash reports, exposing personal data that could be exploited for financial fraud against Lone Star drivers.…
Critical Wazuh bug exploited in growing Mirai botnet infection
Cybercriminals are trying to spread multiple Mirai variants by exploiting a critical Wazuh vulnerability, researchers say – the first reported active attacks since the code execution bug was disclosed.…
Winning the war on ransomware with AI: Four real-world use cases
Partner Content Cybercriminals are evolving, and so are the tools to stop them. As AI becomes more accessible, attackers are sharpening their tactics. But here's the good news: defenders are, too. AI is no longer a buzzword; it's a frontline weapon in the fight against ransomware.…
Trump guts digital ID rules, claims they help 'illegal aliens' commit fraud
President Donald Trump late Friday signed a cybersecurity-focused executive order that, in the White House's words, "amends problematic elements of Obama and Biden-era Executive Orders."…
Cloud brute-force attack cracks Google users' phone numbers in minutes
A researcher has exposed a flaw in Google's authentication systems, opening it to a brute-force attack that left users' mobile numbers up for grabs.…
M&S online ordering system operational 46 days after cyber shutdown
UK retailer Marks & Spencer has reinstated online orders for some customers, marking a major milestone in its recovery from a cyberattack in April.…
Peep show: 40K IoT cameras worldwide stream secrets to anyone with a browser
Security researchers managed to access the live feeds of 40,000 internet-connected cameras worldwide and they may have only scratched the surface of what's possible.…
Apple tries to contain itself with lightweight Linux VMs for macOS
Apple on Monday unveiled an open source containerization framework for creating and running Linux container images on the Mac.…
Let them eat junk food: Major organic supplier to Whole Foods, Walmart, hit by cyberattack
North American grocery wholesaler United Natural Foods told regulators that a cyber incident temporarily disrupted operations, including its ability to fulfill customer orders.…
Blocking stolen phones from the cloud can be done, should be done, won't be done
Opinion A lot of our tech world is nightmarish, but sometimes this is literally true.…
Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs
An IT services company, a European media group, and a South Asian government entity are among the more than 75 companies where China-linked groups have planted malware to access strategic networks should a conflict break out.…
Are technologists a threat to doing business securely?
Partner content Cybersecurity leaders are fighting an invisible war, not just with threat actors but within their own organizations. It's a conflict I've spent a lot of time reflecting on, especially as I think about why certain leaders within organizations make the decisions they do.…
China’s asteroid-and-comet hunter probe unfurls a ‘solar wing’
China’s space agency has revealed its Tianwen 2 probe has unfurled a ‘solar wing’.…
US infrastructure could crumble under cyberattack, ex-NSA advisor warns
Infosec in Brief If a cyberattack hit critical infrastructure in the US, it would likely crumble, former deputy national security adviser and NSA cybersecurity director Anne Neuberger said last week.…
Enterprises are getting stuck in AI pilot hell, say Chatterbox Labs execs
Interview Before AI becomes commonplace in enterprises, corporate leaders have to commit to an ongoing security testing regime tuned to the nuances of AI models.…
ChatGPT used for evil: Fake IT worker resumes, misinfo, and cyber-op assist
Fake IT workers possibly linked to North Korea, Beijing-backed cyber operatives, and Russian malware slingers are among the baddies using ChatGPT for evil, according to OpenAI's latest threat report.…
Fresh strain of pro-Russian wiper flushes Ukrainian critical infrastructure
A new strain of wiper malware targeting Ukrainian infrastructure is being linked to pro-Russian hackers, in the latest sign of Moscow's evolving cyber tactics.…
Uncle Sam moves to seize $7.7M laundered by North Korean IT worker ring
The US is looking to finally capture the $7.74 million it froze over two years ago after indicting alleged money launderers it claims are behind North Korean IT worker schemes.…