The Register-Security.

"Medusa Ransomware gang demands $2M from UK private health services provider."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 23 February 2025, 1441 UTC.

Content and Source:  Email subscription from https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.theregister.co.uk%2Fsecurity%2Fheadlines.atom

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

The Register – Security

94K followers29 articles per week
#security#tech
47

Most popular

Medusa ransomware gang demands $2M from UK private health services provider

4 TTPs
21by Iain Thomson / 3d
2.3 TB held to ransom as biz formerly known as Virgin Care tells us it's probing IT 'security incident' Exclusive HCRG Care Group, a private health and social services provider, has seemingly fallen victim to the Medusa ransomware gang, which is threatening to leak what's claimed to be stolen internal records unless a substantial ransom is paid.…

FreSSH bugs undiscovered for years threaten OpenSSH security

4 TTPs
20by Connor Jones / 4d
OpenSSH vulnerabilities enable MitM DoS attacks
Exploit code now available for MitM and DoS attacks Researchers can disclose two brand-new vulnerabilities in OpenSSH now that patches have been released.…

Feb 21, 2025

Experts race to extract intel from Black Basta internal chat leaks

2 TTPs
by Connor Jones / 2d
Black Basta ransomware chat logs leaked
Researchers say there's dissent in the ranks. Plus: An AI tool lets you have a go yourself at analysing the data Hundreds of thousands of internal messages from the Black Basta ransomware gang were leaked by a Telegram user, prompting security researchers to bust out their best Russian translations post haste.…

Feb 20, 2025

Thailand ready to welcome 7,000 trafficked scam call center victims back from Myanmar

Thailand to welcome 7000 trafficking victims
by Connor Jones / 2d
It comes amid a major crackdown on the abusive industry that started during COVID Thailand is preparing to receive thousands of people rescued from scam call centers in Myanmar as the country launches a major crackdown on the pervasive criminal activity across its border.…

Linux royalty backs adoption of Rust for kernel code, says its rise is inevitable

Rust kernel code faces strong opposition
by Thomas Claburn / 2d
Nobody wants memory bugs. Penguinistas continue debate on how to squish 'em Updated Some Linux kernel maintainers remain unconvinced that adding Rust code to the open source project is a good idea, but its VIPs are coming out in support of the language's integration.…

Microsoft expands Copilot bug bounty targets, adds payouts for even moderate messes

by Jessica Lyons / 2d
Said bugs 'can have significant implications' – glad to hear that from Redmond Microsoft is so concerned about security in its Copilot products for folks that it’s lifted bug bounty payments for moderate-severity vulnerabilities from nothing to a maximum of $5,000, and expanded the range of vulnerabilities it will pay people to find and report.…

Oops, some of our customers' Power Pages-hosted sites were exploited, says Microsoft

Privilege Escalation (Enterprise TA0004)
by Iain Thomson / 2d
Microsoft fixes Power Pages vulnerabilities
Don't think this is SaaS and you can relax: Redmond wants a few of you to check your websites Microsoft has fixed a security flaw in its Power Pages website-building SaaS, after criminals got there first – and urged users to check their sites for signs of exploitation.…

Feb 19, 2025

Ghost ransomware crew continues to haunt IT depts with scarily bad infosec

20 TTPs
by Jessica Lyons / 3d
FBI and CISA issue reminder - deep sigh - about the importance of patching and backups The operators of Ghost ransomware continue to claim victims and score payments, but keeping the crooks at bay is possible by patching known vulnerabilities and some basic infosec actions, according to a joint advisory issued Wednesday by the FBI and US Cybersecurity and Infrastructure Security Agency.…

Trump’s DoD CISO pick previously faced security clearance suspension

Katie Arrington named DoD CISO
by Brandon Vigliarolo / 3d
Hey, at least Katie Arrington brings a solid resume Donald Trump's nominee for a critical DoD cybersecurity role sports a resume that outshines many of his past picks, despite previously suspended security clearance.…

Feb 18, 2025

Palo Alto firewalls under attack as miscreants chain flaws for root access

3 TTPs
by Iain Thomson / 4d
If you want to avoid urgent patches, stop exposing management consoles to the public internet A flaw patched last week by Palo Alto Networks is now under active attack and, when chained with two older vulnerabilities, allows attackers to gain root access to affected systems.…

Snake Keylogger slithers into Windows, evades detection with AutoIt-compiled payload

24 TTPs
by Jessica Lyons / 4d
Snake Keylogger variant targets Windows
Because stealing your credentials, banking info, and IP just wasn’t enough A new variant of Snake Keylogger is making the rounds, primarily hitting Windows users across Asia and Europe. This strain also uses the BASIC-like scripting language AutoIt to deploy itself, adding an extra layer of obfuscation to help it slip past detection.…

Time to make C the COBOL of this century

by Rupert Goodwins / 5d
Lions juggling chainsaws are fun to watch, but you wouldn't want them trimming your trees Opinion Nobody likes The Man. When a traffic cop tells you to straighten up and slow down or else, profound thanks are rarely the first words on your lips. Then you drive past a car embedded in a tree, surrounded by blue lights and cutting equipment. Perhaps Officer Dibble had a point.…

Feb 17, 2025

Indian authorities seize loot from collapsed BitConnect crypto scam

India seizes $189M Bitconnect scam
by Simon Sharwood / 5d
Devices containing crypto wallets tracked online, then in the real world Indian authorities seize loot from BitConnect crypto-Ponzi scheme Devices containing crypto wallets tracked online, then in the real world India’s Directorate of Enforcement has found and seized over $200 million of loot it says are the proceeds of the BitConnect crypto-fraud scheme.…

XCSSET macOS malware returns with first new version since 2022

11 TTPs
by Connor Jones / 6d
XCSSET malware targets macOS developers
Known for popping zero-days of yesteryear, Microsoft puts Apple devs on high alert Microsoft says there's a new variant of XCSSET on the prowl for Mac users – the first new iteration of the malware since 2022.…

Loken: An easy interactive way to better looking websites

by Liam Proven / 6d
A 'synthesizer for websites' lets you experiment and improvize your way to CSS Interview Loken is a new type of tool which aims to let website designers feel their way towards a design in the same sort of way as musicians do with a software synthesizer.…

Feb 16, 2025

Fujitsu worries US tariffs will see its clients slow digital spend

by Simon Sharwood / 6d
PLUS: Pacific islands targeted by Chinese APT; China’s new rocket soars; DeepSeek puts Korea in a pickle; and more Asia In Brief The head of Fujitsu’s North American operations has warned that the Trump administration’s tariff plans will be bad for business.…

This open text-to-speech model needs just seconds of audio to clone your voice

AI voice cloning advances rapidly
56by Tobias Mann / 6d
El Reg shows you how to run Zyphra's speech-replicating AI on your own box Hands on Palo Alto-based AI startup Zyphra unveiled a pair of open text-to-speech (TTS) models this week said to be capable of cloning your voice with as little as five seconds of sample audio. In our testing, we generated realistic results with less than half a minute of recorded speech.…

Feb 15, 2025

Nearly 10 years after Data and Goliath, Bruce Schneier says: Privacy’s still screwed

by Iain Thomson / 7d
'In 50 years, I think we'll view these business practices like we view sweatshops today' Interview It has been nearly a decade since famed cryptographer and privacy expert Bruce Schneier released the book Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World - an examination of how government agencies and tech giants exploit personal data. Today, his predictions feel ee

Feb 14, 2025

If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish

5 TTPs
by Jessica Lyons / 8d
Storm-2372 phishing campaign targets organizations
Roses aren't cheap, violets are dear, now all your access token are belong to Vladimir Digital thieves – quite possibly Kremlin-linked baddies – have been emailing out bogus Microsoft Teams meeting invites to trick victims in key government and business sectors into handing over their authentication tokens, granting access to emails, cloud data, and other sensitive information.…

Critical PostgreSQL bug tied to zero-day attack on US Treasury

2 TTPs
31by Connor Jones / 9d
CVE-2025-1094
High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US Treasury in December, researchers say.…

2 charged over alleged New IRA terrorism activity linked to cops' spilled data

by Connor Jones / 9d
Officer says mistakenly published police details were shared 'a considerable amount of times' Two suspected New IRA members were arrested on Tuesday and charged under the Terrorism Act 2000 after they were found in possession of spreadsheets containing details of staff that the Police Service of Northern Ireland (PSNI) mistakenly published online.…

Feb 13, 2025

Watchdog ponders why Apple doesn't apply its strict app tracking rules to itself

Bundeskartellamt warns Apple over tracking
by Jude Karabus / 9d
Germany's Federal Cartel Office voices concerns iPhone maker may be breaking competition law Apple is feeling the heat over its acclaimed iPhone privacy policy after a German regulator's review of iOS tracking consent alleged that the tech giant exempted itself from the rules it enforces on third-party developers.…

Chinese spies suspected of 'moonlighting' as tawdry ransomware crooks

8 TTPs
by Jessica Lyons / 9d
CVE-2024-0012
Some employees steal sticky notes, others 'borrow' malicious code A crew identified as a Chinese government-backed espionage group appears to have started moonlighting as a ransomware player – further evidence that lines are blurring between nation-state cyberspies and financially motivated cybercriminals.…

US lawmakers press Trump admin to oppose UK's order for Apple iCloud backdoor

US lawmakers oppose UK iCloud backdoor
by Brandon Vigliarolo / 9d
Senator, Congressman tell DNI to threaten infosec agreements if Blighty won't back down US lawmakers want newly confirmed Director of National Intelligence Tulsi Gabbard to back up her tough talk on backdoors. They're urging her to push back on the UK government's reported order for Apple to weaken iCloud security for government access.…

North Korea targets crypto developers via NPM supply chain attack

10 TTPs
by Connor Jones / 10d
North Korea targets crypto developers
Yet another cash grab from Kim's cronies and an intel update from Microsoft North Korea has changed tack: its latest campaign targets the NPM registry and owners of Exodus and Atomic cryptocurrency wallets.…

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

Cyber War News Today.

Image
"International Defence Cooperation:  A key to regional stability." Views expressed in this cybersecurity, cyber espionage, and cyber crime update are those of the reporters and correspondents.  Accessed on 15 December 2024, 0134 UTC. Content and Source:   https://cyberwar.einnews.com/news/cyber-war-news?n=2&code=FA9GNesSTpp2rjO1&utm_source=NewsletterNews&utm_medium=email&utm_campaign=Cyber+War+News&utm_content=navig Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Cyber War News Monitoring Get by    Email    •     RSS Published on  Dec 13, 2024 The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 13.3% WILMINGTON, DE, UNITED STATES, December 13, 2024 /⁨EINPresswire.com⁩/ -- According to the report, The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 1...
Read more

Cyber War News Today.

Image
"ADP investing in cyber warfare workforce." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 28 May 2025, 1940 UTC. Content and Source:  "Cyber War News Today."  https://cyberwar.einnews.com/news/cyber-war-news?n=2&code=FA9GNesSTpp2rjO1&utm_source=NewsletterNews&utm_medium=email&utm_campaign=Cyber+War+News&utm_content=navig Please click email link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Cyber War News Monitoring Get by    Email    •     RSS Published on  06:47 GMT पहलगामनंतर पाकिस्तानने भारतावर कशाप्रकारे Cyber War लादले? पहलगाम हत्याकांडानंतरच्या दोन आठवड्यांनंतर, भारतीय सायबर स्पेसवर पाकिस्तानकडून मोठ्या प्रमाणात हल्ले सुरु झाले. काही दिवशी तर, दर तासाला तब्बल 90 कोटी DDoS (डिस्ट्रिब्युटेड डिनायल ऑफ सर्व्हिस) हल्ले झाले, अशी माहिती सायबर सुरक्षेत कार्...
Read more

SecurityWeek Briefing

Image
"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controvers...
Read more