The Register

Subscribe to The Register feed
Biting the hand that feeds IT — Enterprise Technology News and Analysis
Updated: 2 hours 19 min ago

Washington courts grapple with statewide outage after 'unauthorized activity'

Tue, 05/11/2024 - 14:29
Justice still being served, but many systems are down

A statewide IT outage attributed to "unauthorized activity" is affecting the availability of services provided by all courts in Washington.…

Categories: News

Google claims Big Sleep 'first' AI to spot freshly committed security bug that fuzzing missed

Tue, 05/11/2024 - 06:38
You snooze, you lose, er, win

Google claims one of its AI models is the first of its kind to spot a memory safety vulnerability in the wild – specifically an exploitable stack buffer underflow in SQLite – which was then fixed before the buggy code's official release.…

Categories: News

Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack

Mon, 04/11/2024 - 17:01
Victims were placed in serious danger following highly sensitive data dump

The City of Columbus, Ohio, has confirmed half a million people's data was accessed and potentially stolen when Rhysida's ransomware raided its systems over the summer.…

Categories: News

Why the long name? Okta discloses auth bypass bug affecting 52-character usernames

Mon, 04/11/2024 - 11:28
Mondays are for checking months of logs, apparently, if MFA's not enabled

In potentially bad news for those with long names and/or employers with verbose domain names, Okta spotted a security hole that could have allowed crims to pass Okta AD/LDAP Delegated Authentication (DelAuth) using only a username.…

Categories: News

Public sector cyber break-ins: Our money, our lives, our right to know

Mon, 04/11/2024 - 10:27
Is that a walrus in your server logs, or aren't you pleased to see me?

Opinion  At the start of September, Transport for London was hit by a major cyber attack. TfL is the public body that moves many of London's human bodies to and from work and play in the capital, and as the attack didn't hit power, signaling, or communications systems, most of the effects went unnoticed by commuters. The organization downplayed the damage done to back office ticketing, billing, and other systems. Everything was in hand.…

Categories: News

6 IT contractors arrested for defrauding Uncle Sam out of millions

Sun, 03/11/2024 - 18:30
Also, ecommerce fraud ring disrupted, another Operation Power Off victory, Sino SOHO botnet spotted, and more

in brief  The US Department of Justice has charged six people with two separate schemes to defraud Uncle Sam out of millions of dollars connected to IT product and services contracts. …

Categories: News

Financial institutions told to get their house in order before the next CrowdStrike strikes

Sat, 02/11/2024 - 09:30
Calls for improvements will soon turn into demands when new rules come into force

The UK's finance regulator is urging all institutions under its remit to better prepare for IT meltdowns like that of CrowdStrike in July.…

Categories: News

UK councils bat away DDoS barrage from pro-Russia keyboard warriors

Fri, 01/11/2024 - 10:58
Local authority websites downed in response to renewed support for Ukraine

Multiple UK councils had their websites either knocked offline or were inaccessible to residents this week after pro-Russia cyber nuisances added them to a daily target list.…

Categories: News

Hack Nintendo's alarm clock to show cat pics? Let's-a-go!

Fri, 01/11/2024 - 08:32
How 'Gary' defeated Bowser broke into the interactive alarm clock

A hacker who uses the handle GaryOderNichts has found a way to break into Nintendo's recently launched Alarmo clock, and run code on the device.…

Categories: News

Gang gobbles 15K credentials from cloud and email providers' garbage Git configs

Thu, 31/10/2024 - 23:59
Emeraldwhale gang looked sharp – until it made a common S3 bucket mistake

A criminal operation dubbed Emeraldwhale has been discovered after it dumped more than 15,000 credentials belonging to cloud service and email providers in an open AWS S3 bucket, according to security researchers.…

Categories: News

LottieFiles supply chain attack exposes users to malicious crypto wallet drainer

Thu, 31/10/2024 - 11:55
A scary few Halloween hours for team behind hugely popular web plugin

LottieFiles is overcoming something of a Halloween fright after battling to regain control of a compromised developer account that was used to exploit users' crypto wallets.…

Categories: News

Tower PC case used as 'creative cavity' by drug importer

Thu, 31/10/2024 - 08:25
Motherboard missing, leaving space for a million hits of meth

Australian police have arrested a man after finding he imported what appear to be tower PC cases that were full of illicit drugs.…

Categories: News

Chinese attackers accessed Canadian government networks – for five years

Thu, 31/10/2024 - 05:34
India makes it onto list of likely threats for the first time

A report by Canada's Communications Security Establishment (CSE) revealed that state-backed actors have collected valuable information from government networks for five years.…

Categories: News

Windows Themes zero-day bug exposes users to NTLM credential theft

Wed, 30/10/2024 - 21:30
Plus a free micropatch until Redmond fixes the flaw

There's a Windows Themes spoofing zero-day bug on the loose that allows attackers to steal people's NTLM credentials.…

Categories: News

Fired Disney staffer accused of hacking menu to add profanity, wingdings, removes allergen info

Wed, 30/10/2024 - 15:12
If you're gonna come at the mouse, you need to be better at hiding your tracks

A disgruntled ex-Disney employee has been arrested and charged with hacking his former employer's systems to alter restaurant menus with potentially deadly consequences. …

Categories: News

Russian spies use remote desktop protocol files in unusual mass phishing drive

Wed, 30/10/2024 - 12:40
The prolific Midnight Blizzard crew cast a much wider net in search of scrummy intel

Microsoft says a mass phishing campaign by Russia's foreign intelligence services (SVR) is now in its second week, and the spies are using a novel info-gathering technique.…

Categories: News

Beijing claims it's found 'underwater lighthouses' that its foes use for espionage

Wed, 30/10/2024 - 08:31
Release the Kraken!

China has accused unnamed foreign entities of using devices hidden in the seabed and bobbing on the waves to learn its maritime secrets.…

Categories: News

Uncle Sam outs a Russian accused of developing Redline infostealing malware

Tue, 29/10/2024 - 23:30
Or: why using the same iCloud account for malware development and gaming is a bad idea

The US government has named and charged a Russian national, Maxim Rudometov, with allegedly developing and administering the notorious Redline infostealer. …

Categories: News

How to jailbreak ChatGPT and trick the AI into writing exploit code using hex encoding

Tue, 29/10/2024 - 22:30
'It was like watching a robot going rogue' says researcher

OpenAI's language model GPT-4o can be tricked into writing exploit code by encoding the malicious instructions in hexadecimal, which allows an attacker to jump the model's built-in security guardrails and abuse the AI for evil purposes, according to 0Din researcher Marco Figueroa.…

Categories: News

Belgian cops cuff 2 suspected cybercrooks in Redline, Meta infostealer sting

Tue, 29/10/2024 - 16:35
US also charges an alleged Redline dev, no mention of an arrest

International law enforcement officials have arrested two individuals and charged another in connection with the use and distribution of the Redline and Meta infostealer malware strains.…

Categories: News

Pages