The Register-Security

"Biden bans Kapersky:  No more sales, updates in U.S."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 22 June 2024, 1427 UTC.

Content and Source:  https://www.theregister.com/security.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

 

The Register – Security

86K followers31 articles per week#security#tech
27

MOST POPULAR

Biden bans Kaspersky: No more sales, updates in US
Biden bans Russian cybersecurity software
42by Jessica Lyons / 1d
Blockade begins July 20 on national security grounds as antivirus slinger vows to fight back The Biden administration today banned the sale of Kaspersky Lab products and services in the United States, declaring the Russian biz a national security risk.…
Amtrak confirms crooks are breaking into accounts using creds swiped from other DBs
Amtrak and AMD data breaches
34by Connor Jones / 3d
Railco goes full steam ahead with notification letters to Rewards users about spilled card details and more US rail service Amtrak is writing to users of its Guest Rewards program to inform them that their data is potentially at risk following a derailment of their individual account security. …

YESTERDAY

Change Healthcare finally spills the tea on what medical data was stolen by cyber-crew
Change Healthcare notifies customers cyberattack
by Jessica Lyons / 16h
'Substantial proportion' of America to get a little note from next month Change Healthcare is formally notifying some of its pharmacy and hospital customers that their patients' data was stolen from it by ransomware criminals back in February – and for the first time has concretely disclosed the types of information swiped during that IT intrusion.…
Uncle Sam sanctions Kaspersky's top bosses – but not Mr K himself
US sanctions Kaspersky Lab executives
by Jessica Lyons / 18h
Here's America's list of the supposedly dirty dozen Uncle Sam took another swing at Kaspersky Lab today and sanctioned a dozen C-suite and senior-level executives at the antivirus maker, but spared CEO and co-founder Eugene Kaspersky.…
Phoenix UEFI flaw puts long list of Intel chips in hot seat
Privilege Escalation (Enterprise TA0004)
by Connor Jones / 22h
Researchers discuss it in same breath as BlackLotus and MosaicRegressor A new vulnerability in UEFI firmware is threatening the security of a wide range of Intel chip families in a similar fashion to BlackLotus and others like it.…
Why attack surfaces are expanding
by Annaliese Ingrams / 23h
Insights from Cloudflare Webinar In the ever-evolving world of cybersecurity, understanding why attack surfaces are expanding is more critical than ever.…

JUN 20, 2024

Since joining NATO, Sweden claims Russia has been borking Nordic satellites
Sweden accuses Russia of interference
by Matthew Connatser / 1d
If Putin likes jammin', we hope NATO likes jammin' too Sweden says its satellites have been impacted by "harmful interference" from Russia ever since the Nordic nation joined the North Atlantic Treaty Organization (NATO) last March.…
Coding error in forgotten API blamed for massive data breach
Optus faces legal action over data breach
by Simon Sharwood / 1d
Australian telco Optus allegedly left redundant website with poor access controls online for years The data breach at Australian telco Optus, which saw over nine million customers' personal information exposed, has been blamed on a coding error that broke API access controls, and was left in place for years.…
Crooks get their hands on 500K+ radiology patients' records in cyber-attack
Radiology company faces massive data breach
by Jessica Lyons / 1d
Two ransomware gangs bragged of massive theft of personal info and medical files Consulting Radiologists has notified almost 512,000 patients that digital intruders accessed their personal and medical information during a February cyberattack.…
Crypto exchange Kraken accuses blockchain security outfit CertiK of extortion
Findlay Automotive Group faces cybersecurity
by Brandon Vigliarolo / 1d
Researchers allegedly stole $3M using the vulnerability, then asked how much it was really worth Kraken, one of the largest cryptocurrency exchanges in the world, has accused a trio of security researchers of discovering a critical bug, expoliting it to steal millions in digital cash, then using stolen funds to extort the exchange for more.…
Russia's cyber spies still threatening French national security, democracy
by Connor Jones / 2d
Publishing right before a major election is apparently just a coincidence A fresh report into the Nobelium offensive cyber crew published by France's computer emergency response team (CERT-FR) highlights the group's latest tricks as the country prepares for a major election and to host this year's Olympic and Paralympic Games.…
Qilin: We knew our Synnovis attack would cause a healthcare crisis at London hospitals
3 TTPs
by Connor Jones / 2d
Hackers demand $50M ransom
Cybercriminals claim they used a zero-day to breach pathology provider’s systems Interview The ransomware gang responsible for a healthcare crisis at London hospitals says it has no regrets about its cyberattack, which was entirely deliberate, it told The Register in an interview.…

JUN 18, 2024

Rogue uni IT director pleads guilty after fraudulently buying $2.1M of tech
Former Webster University IT director defrauds
by Jessica Lyons / 3d
Two decades in the clink would be quite an education A now-former IT director has pleaded guilty to defrauding the university at which he was employed – and a computer equipment supplier – for $2.1 million over five years.…
CHERI Alliance formed to promote memory security tech ... but where's Arm?
by Dan Robinson / 3d
Academic-industry project takes next step as key promoter chip designer licks its wounds Updated A group of technology organizations has formed the CHERI Alliance CIC (Community Interest Company) to promote industry adoption of the security technology focused on memory access.…
Uncle Sam ends financial support to orgs hurt by Change Healthcare attack
US to end Medicare payments program due to Change
by Connor Jones / 4d
Billions of dollars made available but worst appears to be over The US government is winding down its financial support for healthcare providers originally introduced following the ransomware attack at Change Healthcare in February.…
NHS boss says Scottish trust wouldn't give cyberattackers what they wanted
NHS Dumfries & Galloway cyber attack data breach
by Connor Jones / 4d
CEO of Dumfries and Galloway admits circa 150K people should assume their details leaked The chief exec at NHS Dumfries and Galloway will write to thousands of folks in the Scottish region whose data was stolen by criminals, admitting the lot of it was published after the trust did not give in to the miscreants' demands.…

JUN 17, 2024

VMware by Broadcom warns of two critical vCenter flaws, plus a nasty sudo bug
3 TTPs
by Simon Sharwood / 4d
Specially crafted network packet could allow remote code execution and access to VM fleets VMware by Broadcom has revealed a pair of critical-rated flaws in vCenter Server – the tool used to manage virtual machines and hosts in its flagship Cloud Foundation and vSphere suites.…
Arm security defense shattered by speculative execution 95% of the time
by Thomas Claburn / 4d
'TikTag' security folks find anti-exploit mechanism rather fragile In 2018, chip designer Arm introduced a hardware security feature called Memory Tagging Extensions (MTE) as a defense against memory safety bugs. But it may not be as effective as first hoped.…
Shoddy infosec costs PwC spinoff and NMA $11.3M in settlement with Uncle Sam
by Jessica Lyons / 4d
Pen-testing tools didn't work – and personal info of folks hit by pandemic started appearing in search engines Updated Two consulting firms, Guidehouse and Nan McKay and Associates, have agreed to pay a total of $11.3 million to resolve allegations of cybersecurity failings over their roll-out of COVID-19 assistance.…
Suspected bosses of $430M dark-web Empire Market charged in US
Owners charged for dark web marketplace
by Jessica Lyons / 4d
Dopenugget and Zero Angel may face life behind bars if convicted The two alleged administrators of Empire Market, a dark-web bazaar that peddled drugs, malware, digital fraud, and other illegal stuff, have been detained on charges related to owning and operating the illicit souk.…
Blackbaud has to cough up a few million dollars more over 2020 ransomware attack
Blackbaud settles $6.75M data breach
by Connor Jones / 4d
Four years on and it's still paying for what California attorney general calls 'unacceptable' practice Months after escaping without a fine from the US Federal Trade Commission (FTC), the luck of cloud software biz Blackbaud ran out when it came to reaching a settlement with California's attorney general.…

END OF FEED

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deploys ne
Read more

BleepingComputer.com

Image
"Progress LoadMaster vulnerable to 10/10 severity RCE flaw." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC. Content and Source:   https://www.bleepingcomputer.com/ Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Latest Articles   Security Progress LoadMaster vulnerable to 10/10 severity RCE flaw Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. Bill Toulas   September 08, 2024   10:11 AM     0   Deals Get started learning about cybersecurity with this course bundle deal Take a real step towards a job in information security with this intro to cybersecurity. Get the 2024 Cybersecurity Essentials Bundl
Read more

SecurityWeek Briefing

Image
"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controversial ‘Airp
Read more