The Register

Subscribe to The Register feed
Biting the hand that feeds IT — Enterprise Technology News and Analysis
Updated: 1 hour 59 min ago

Ruh-roh. DDR5 memory vulnerable to new Rowhammer attack

Wed, 17/09/2025 - 06:15
Google and ETH Zurich found problems with AMD/SK Hynix combo, will probe other hardware

Researchers from Google and Swiss university ETH Zurich have found a new class of Rowhammer vulnerability that could allow attackers to access info stored in DDR5 memory.…

Categories: News

Australia to let Big Tech choose its own adventure to enact kids social media ban

Wed, 17/09/2025 - 03:27
Suggests using multiple overlapping approaches and being kind to kids who get kicked off

Australia’s eSafety commissioner has told social media operators it expects them to employ multiple age assurance techniques and technologies to keep children under sixteen off social media, as required by local law from December 10th.…

Categories: News

Microsoft blocks bait for ‘fastest-growing’ 365 phish kit, seizes 338 domains

Tue, 16/09/2025 - 22:33
Redmond names alleged ringleader, claims 5K+ creds stolen and $100k pocketed

Microsoft has seized 338 websites associated with RaccoonO365 and identified the leader of the phishing service - Joshua Ogundipe - as part of a larger effort to disrupt what Redmond's Digital Crimes Unit calls the "fastest-growing tool used by cybercriminals to steal Microsoft 365 usernames and passwords."…

Categories: News

Criminals broke into the system Google uses to share info with cops

Tue, 16/09/2025 - 20:25
Talk about an inside job

Google confirmed that miscreants created a fraudulent account in its Law Enforcement Request System (LERS) portal, which police and other government agencies use to ask for data about Google users.…

Categories: News

Apple 0-day likely used in spy attacks affected devices as old as iPhone 8

Tue, 16/09/2025 - 18:19
May have been used in 'extremely sophisticated' attacks against 'specific targeted individuals'

Apple backported a fix to older iPhones and iPads for a serious bug it patched last month – but only after it may have been exploited in what the company calls "extremely sophisticated" attacks.…

Categories: News

Self-propagating worm fuels latest npm supply chain compromise

Tue, 16/09/2025 - 16:00
Intrusions bear the same hallmarks as recent Nx mess

The npm platform is the target of another supply chain attack, with crims already compromising 187 packages and counting.…

Categories: News

'FileFix' attacks use fake Facebook security alerts to trick victims into running infostealers

Tue, 16/09/2025 - 13:02
Tech evolved from PoC to global campaign in under two months

An attack called FileFix is masquerading as a Facebook security alert before ultimately dropping the widely used StealC infostealer and malware downloader.…

Categories: News

JLR stuck in neutral as losses skyrocket amid cyberattack cleanup

Tue, 16/09/2025 - 12:03
Latest extension to factory closures takes incident response into fourth week

Jaguar Land Rover (JLR) has announced a further extension to its multi-site global shutdown, bringing its cyber-related downtime to nearly four weeks.…

Categories: News

China slaps 1-hour deadline on reporting serious cyber incidents

Tue, 16/09/2025 - 08:15
Cyberspace watchdog tightens reporting regime, leaving little time to hide incidents

Beijing will soon expect Chinese network operators to 'fess up to serious cyber incidents within an hour of spotting them – or risk penalties for dragging their feet.…

Categories: News

Careless engineer stored recovery codes in plaintext, got whole org pwned

Mon, 15/09/2025 - 20:44
Cautionary tale from the recent SonicWall attacks

Failing to encrypt sensitive data leaves you wide open to attack. During the recent SonicWall attack spree, intruders bypassed multi-factor authentication (MFA) in at least one case, because a user's recovery codes were left sitting in a plaintext file on their desktop.…

Categories: News

Security begins with visibility: How IGA brings hidden access risks to light

Mon, 15/09/2025 - 16:00
Who has access to what? Without centralized governance, orgs struggle to answer this simple question.

Partner Content  From the moment users log onto their machines, access rights shape their experience. Access rights determine which apps they can run, which directories they can open, and what information they can retrieve.…

Categories: News

Former FinWise employee may have accessed nearly 700K customer records

Mon, 15/09/2025 - 14:00
Bank says incident went undetected for over a year before discovery in June

A US fintech biz is writing to nearly 700,000 customers because a former employee may have accessed or acquired their data after leaving the company.…

Categories: News

Nork snoops whip up fake South Korean military ID with help from ChatGPT

Mon, 15/09/2025 - 13:16
Kimsuky gang proves that with the right wording, you can turn generative AI into a counterfeit factory

North Korean spies used ChatGPT to generate a fake military ID for use in an espionage campaign against a South Korean defense-related institution, according to new research.…

Categories: News

China turns the screws on Nvidia with antitrust probe

Mon, 15/09/2025 - 12:30
Chip giant accused of breaching conditions of $6.9B Mellanox takeover

China has dealt Nvidia another blow, finding the chipmaker in violation of the country's anti-monopoly Law and escalating a long-running regulatory headache into a full investigation.…

Categories: News

Jaguar Land Rover supply chain workers must get Covid-style support, says union

Mon, 15/09/2025 - 11:09
As post-cyberattack layoffs begin, labor org argues UK goverment should step in

The UK's chief automotive workers' union is calling on the government to establish a Covid-esque furlough scheme for the thousands of individuals who face losing their jobs due to the cyber-related downtime at Jaguar Land Rover.…

Categories: News

UK Lords take aim at Ofcom's 'child-protection' upgrades to Online Safety Act

Mon, 15/09/2025 - 09:00
Peers will quiz campaigners on whether Ofcom's new measures will actually work, or just add more compliance pain

The House of Lords is about to put the latest child-protection plans of UK regulator the Office of Communications (Ofcom) under the microscope.…

Categories: News

Cyber-scam camp operators shift operations to vulnerable countries as sanctions strike

Mon, 15/09/2025 - 03:28
PLUS: Japan woos Micron, again; China launches chip dumping probe; Mitsubishi expands opsec empire; and more!

Criminals appear to be moving cyber-scam centers to vulnerable countries.…

Categories: News

15 ransomware gangs ‘go dark’ to enjoy 'golden parachutes'

Mon, 15/09/2025 - 00:44
PLUS: China's Great Firewall springs a leak; FBI issues rare 'Flash Alert' of Salesforce attacks; $10m bounty for alleged Russian hacker; and more

Infosec In Brief  15 ransomware gangs, including Scattered Spider and Lapsus$, have announced that they are going dark, and say no more attacks will be carried out in their name.…

Categories: News

Data destruction done wrong could cost your company millions

Sun, 14/09/2025 - 14:00
Doing a simple system reset may not be enough to save you from fines and lawsuits

With the end of Windows 10's regular support cycle fast approaching, and a good five years since the COVID pandemic spurred a wave of hardware replacements to support remote work, many IT departments are in the process of refreshing their fleets. But what they do with decommissioned systems is just as important as the shiny new ones they buy.…

Categories: News

HybridPetya: More proof that Secure Boot bypasses are not just an urban legend

Sat, 13/09/2025 - 00:05
Although it hasn't been seen in the wild yet

A new ransomware strain dubbed HybridPetya was able to exploit a patched vulnerability to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot on unrevoked Windows systems, making it the fourth publicly known bootkit capable of punching through the feature and hijacking a PC before the operating system loads.…

Categories: News

Pages