Source: go.theregister.com – Author: Team Register Toyota Tsusho Insurance Broker India (TTIBI), an Indo-Japanese joint insurance venture, operated a misconfigured server that exposed more than 650,000...
Author:
Apple, AMD, Qualcomm GPU security hole lets miscreants snoop on AI training and chats – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register A design flaw in GPU drivers made by Apple, Qualcomm, AMD, and likely Imagination can be exploited by miscreants on...
What’s worse than paying an extortion bot that auto-pwned your database? – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Publicly exposed PostgreSQL and MySQL databases with weak passwords are being autonomously wiped out by a malicious extortion bot –...
Windows Server 2022 patch is breaking apps for some users – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register The latest Windows Server 2022 patch has broken the Chrome browser, and short of uninstalling the update, a registry hack...
Home improvement marketers dial up trouble from regulator – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Another week and yet another couple of pesky cold callers face fines from the UK’s data privacy watchdog for “bombarding”...
Combination of cheap .cloud domains and fake Shark Tank news fuel unhealthy wellness scams – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Scammers are buying up cheap domain names to host sites that sell dodgy health products using fake articles, according to...
Nokia walks the walk about its RAN to play on Uncle Sam’s China fears – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Comment A vendor establishing a business unit dedicated to government sales is not new or unusual. But Finnish telecommunications giant...
FBI: Beware of thieves building Androxgh0st botnets using stolen creds – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Crooks are exploiting years-old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet, according to the FBI and...
Locking down the edge – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Commissioned Edge security is a growing headache. The attack surface is expanding as more operational functions migrate out of centralized...
Patch now: Critical VMware, Atlassian flaws found – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register VMware and Atlassian today disclosed critical vulnerabilities and, while neither appear to have been exploited by miscreants yet, admins should...
More than 178,000 SonicWall firewalls are exposed to old denial of service bugs – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register More than 178,000 SonicWall firewalls are still vulnerable to years-old vulnerabilities, an infosec reseacher claims. A study by Jon Williams,...
Ivanti zero-day exploits explode as bevy of attackers get in on the act – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register There’s a “reasonable chance” that Ivanti Connect Secure (ICS) VPN users are already compromised if they didn’t apply the vulnerability...
China’s gambling crackdown spawned wave of illegal online casinos and crypto-crime in Asia – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Global crime networks have set up shop in autonomous territories run by armed gangs across Southeast Asia, and are using...
Thousands of Juniper Networks devices vulnerable to critical RCE bug – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register More than 11,500 Juniper Networks devices are exposed to a new remote code execution (RCE) vulnerability, and infosec researchers are...
Patch time: Critical GitLab vulnerability exposes 2FA-less users to account takeovers – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register GitLab admins should apply the latest batch of security patches pronto given the new critical account-bypass vulnerability just disclosed. Tracked...
FTC secures first databroker settlement banning sale of sensitive location data – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Infosec in brief The US Federal Trade Commission has secured its first data broker settlement agreement, prohibiting X-Mode Social from...
Ransomware protection deconstructed – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Sponsored Post Rubrik has combed through its archive to find what it judges to be the top 12 must-see demos...
China loathes AirDrop so much it’s publicized an old flaw in Apple’s P2P protocol – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register In June 2023 China made a typically bombastic announcement: operators of short-distance ad hoc networks must ensure they run according...
Number of orgs compromised via Ivanti VPN zero-days grows as Mandiant weighs in – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Two zero-day bugs in Ivanti products were likely under attack by cyberspies as early as December, according to Mandiant’s threat...
Why we update… Data-thief malware exploits SmartScreen on unpatched Windows PCs – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Criminals are exploiting a Windows Defender SmartScreen bypass vulnerability to infect PCs with Phemedrone Stealer, a malware strain that scans...
Exploit for under-siege SharePoint vuln reportedly in hands of ransomware crew – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Security experts claim ransomware criminals have got their hands on a functional exploit for a nearly year-old critical Microsoft SharePoint...
Secret multimillion-dollar cryptojacker snared by Ukrainian police – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register The criminal thought to be behind a multimillion-dollar cryptojacking scheme is in custody following a Europol-led investigation. Supported by the...
Secure network operations for hybrid working – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Webinar Remote working has rapidly become the norm for many organizations and isn’t ever going away. But it still needs...
So, are we going to talk about how GitHub is an absolute boon for malware, or nah? – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register The popularity of Github has made it too big to block, which is a boon to dissidents ducking government censors...
Data regulator fines HelloFresh £140k for sending 80M+ spams – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Food delivery company HelloFresh is nursing a £140,000 ($178k) fine by Britain’s data privacy watchdog after a probe found it...
While we fire the boss, can you lock him out of the network? – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register On Call Welcome once more, dear reader, to On Call, The Register‘s weekly reader-contributed column detailing the delights and dangers...
Drivers: We’ll take that plain dumb car over a flashy data-spilling internet one, thanks – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register CES Despite all the buzz around internet-connected smart cars at this year’s CES in Las Vegas, most folks don’t want...
eBay to cough up $3M after cyber-stalking couple who dared criticize the souk – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register eBay will pay $3 million to settle criminal charges that its security team stalked and harassed a Massachusetts couple in...
Mandiant’s brute-forced X account exposes perils of skimping on 2FA – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Google-owned security house Mandiant’s investigation into how its X account was taken over to push cryptocurrency scams concludes the “likely”...
Infoseccers think attackers backed by China are behind Ivanti zero-day exploits – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Security experts believe Chinese nation-state attackers are actively exploiting two zero-day vulnerabilities in security products made by Ivanti. If you’re...