News

Watch out for supply chain hacks especially

interview  The ceasefire between Iran and Israel may prevent the two countries from firing missiles at each other, but it won't carry any weight in cyberspace, according to former NATO hacker Candan Bolukbas.…

Taking advantage of the ridiculously complex US healthcare billing system

Criminals masquerading as insurers are tricking patients and healthcare providers into handing over medical records and bank account information via emails and text messages, according to the FBI.…

Getting it in might mean re-racking the entire datacenter and rebuilding the network, though

Cisco is talking up the integration of security into network infrastructure such as its latest Catalyst switches, claiming this is vital to AI applications, and in particular the current vogue for "agentic AI."…

'No impact on safety,' FAA tells The Reg

update  Hawaiian Airlines said a "cybersecurity incident" affected some of its IT systems, but noted that flights are operating as scheduled. At least one researcher believes Scattered Spider, which previously targeted retailers and insurance companies, could be to blame.…

Pen Test Partners hijack data from Renault Clio to steer, brake, and accelerate in SuperTuxKart

Cybersecurity nerds figured out a way to make those at-home racing simulators even more realistic by turning an actual car into a game controller.…

Finance, health, and national identification details compromised

Multinational grocery and retail megacorp Ahold Delhaize says upwards of 2.2 million people had their data compromised during its November cyberattack with personal, financial and health details among the trove.…

Pro tip: Don't use your personal email account on BreachForums

The notorious data thief known as IntelBroker allegedly broke into computer systems belonging to more than 40 victims worldwide and stole their data, costing them at least $25 million in damages, according to newly unsealed court documents that also name IntelBroker as 25-year-old British national Kai West.…

Czech researcher lays out a business case for reducing reliance on Redmond

Comment  A sharply argued blog post warns that heavy reliance on Microsoft poses serious strategic risks for organizations – a viewpoint unlikely to win favor with Redmond or its millions of corporate customers.…

A 10.0 and a 9.8 – these aren’t patches to dwell on

Cisco has dropped patches for a pair of critical vulnerabilities that could allow unauthenticated remote attackers to execute code on vulnerable systems.…

Nothing confirmed but authority is operating under the assumption that data has been stolen

A cyberattack on Glasgow City Council is causing massive disruption with a slew of its digital services unavailable.…

Pathology outage caused by Synnovis breach linked to harm across dozens of healthcare facilities

The NHS says Qilin's ransomware attack on pathology services provider Synnovis last year led to the death of a patient.…

Aircraft meant to bolster NATO deterrent will rely on allied support to stay airborne

The UK government is to buy 12 F-35A fighters capable of carrying nuclear weapons as part of the NATO deterrent, but there's a snag: the new jets are incompatible with the RAF's refueling tanker aircraft.…

Privacy campaigner brands Iceland's use of 'Orwellian' camera tech 'chilling,' CEO responds: 'It'll cut violent crime'

Privacy campaigners are branding frozen food retailer Iceland's decision to trial facial recognition technology (FRT) at several stores "chilling" – the UK supermarket chain says it's deploying the cameras to cut down on crime.…

Charming Kitten unsheathes its claws and tries to catch credentials

The cyber-ops arm of Iran's Islamic Revolutionary Guard Corps has started a spear-phishing campaign intent on stealing credentials from Israeli journalists, cybersecurity experts, and computer science professors from leading Israeli universities.…

Two emergency patches issued in two weeks

Hot on the heels of patching a critical bug in Citrix-owned Netscaler ADC and NetScaler Gateway that one security researcher dubbed "CitrixBleed 2," the embattled networking device vendor today issued an emergency patch for yet another super-serious flaw in the same products — but not before criminals found and exploited it as a zero-day.…

It's meant to cut down on false positives but could be a trove for mischief-makers

Ring doorbells and cameras are using AI to "learn the routines of your residence," via a new feature called Video Descriptions.…

A bottomless appetite for tracking people as "objects"

A new study shows academic computer vision papers feeding surveillance-enabling patents jumped more than fivefold from the 1990s to the 2010s.…

Who is the third party that does the thing in our thing? Yep. Attacks explode over past year

The vast majority of global businesses are handling at least one material supply chain attack per year, but very few are doing enough to counter the growing threat.…

Twentysomethings claimed to be linked to spate of high-profile cybercrimes

The Paris police force's cybercrime brigade (BL2C) has arrested a further four men as part of a long-running investigation into the criminals behind BreachForums.…

Company at center of findings blamed SEO on outsourcer

A website developed for the UK Home Office's 2022 "flop" anti-encryption campaign has seemingly been hijacked to push a payday loan scheme.…