Skip to main content

The Register-Security.


"FCC stands up Council on National Security to fight China in ways that CISA used to."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 17 March 2025, 0056 UTC.

Content and Source:  Email subscription via https://feedly.com.

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

 The Register – Security

94K followers27 articles per week
#security#tech
58

Most popular

FCC stands up Council on National Security to fight China in ways that CISA used to

10 TTPs
by Brandon Vigliarolo / 1h
PLUS: Alleged Garantex admin arrested in India; Google deletes more North Korean malware Infosec In Brief United States Federal Communications Commission chair Brendan Carr has unveiled plans to form a Council on National Security that will combat foreign threats to American tech and telecommunications infrastructure.…

CISA: We didn't fire red teams, we just unhired a bunch of them

CISA layoffs follow DOGE contract cancellation
39by Connor Jones / 3d
Agency tries to save face as it also pulls essential funding for election security initiatives Uncle Sam's cybersecurity agency is trying to save face by seeking to clear up what it's calling "inaccurate reporting" after a former senior pen-tester claimed the organization axed two red teams.…

Mar 14, 2025

Apple's alleged UK encryption battle sparks political and privacy backlash

Apple challenges UK backdoor demand
by Connor Jones / 2d
National security defense being used to keep appeal behind closed doors US politicians and privacy campaigners are calling for the private hearing between Apple and the UK government regarding its alleged encryption-busting order to be aired in public.…

Mar 13, 2025

Dems ask federal agencies for reassurance DOGE isn't feeding data into AI willy-nilly

DOGE replaces federal workers with AI
by Brandon Vigliarolo / 3d
Pouring sensitive info into unapproved, unaccountable, unsafe models would be a 'severe' cybersecurity fail House Democrats have sent letters to 24 federal agencies asking for assurances that Elon Musk's DOGE team is not feeding sensitive government data into "unapproved and unaccountable" AI systems.…

Google says it's rolling out fix for stricken Chromecasts

Chromecast outage affects users globally
21by Iain Thomson / 3d
It'll take a few days, give or take your situation Google has told The Register it's beginning to roll out a fix for Chromecast devices that were crippled by an expired security certificate authority. We're assured this deployment will take place over the next few days.…

That 'angry guest' email from Booking.com? It's a scam, not a 1-star review

5 TTPs
by Jessica Lyons / 3d
Phishing campaign targets hospitality sector
Phishers check in, your credentials check out, Microsoft warns An ongoing phishing campaign disguised as a Booking.com email casts keystroke and credential-stealing malware into hospitality employees' inboxes for financial fraud and theft, according to Microsoft Threat Intelligence.…

DeepSeek can be gently persuaded to spit out malware code

8 TTPs
by Connor Jones / 3d
It might need polishing, but a useful find for any budding cybercrooks out there DeepSeek's flagship R1 model is capable of generating a working keylogger and basic ransomware code, just as long as a techie is on hand to tinker with it a little.…

Mar 12, 2025

Medusa ransomware affiliate tried triple extortion scam – up from the usual double demand

20 TTPs
by Jessica Lyons / 3d
Medusa ransomware targets critical infrastructure
Feds warn gang still rampant and now cracked 300+ victims around the world A crook who distributes the Medusa ransomware tried to make a victim cough up three payments instead of the usual two, according to a government advisory on how to defend against the malware and the gangs who wield it.…

Get off that old Firefox by Friday or you'll be sorry, says Moz

Firefox certificate expiration requires update
by Iain Thomson / 3d
Root cert expiry may bring breakage or worse for add-ons, media playback, and more If you're running an outdated version of Firefox, update by Friday or risk broken add-ons, failing DRM-protected media playback, and other errors, due to an expiring root certificate.…

Expired Juniper routers find new life – as Chinese spy hubs

9 TTPs
by Jessica Lyons / 4d
Fewer than 10 known victims, but Mandiant suspects others compromised, too Chinese spies have for months exploited old Juniper Networks routers, infecting the buggy gear with custom backdoors and gaining root access to the compromised devices.…

This is the FBI, open up. China's Volt Typhoon is on your network

FBI warns of Volt Typhoon breach
by Jessica Lyons / 4d
Power utility GM talks to El Reg about getting that call and what happened next Nick Lawler, general manager of the Littleton Electric Light and Water Departments (LELWD), was at home one Friday when he got a call from the FBI alerting him that the public power utility's network had been compromised. The digital intruders turned out to be Volt Typhoon.…

UK must pay cyber pros more than its Prime Minister, top civil servant says

by Connor Jones / 4d
Leaders call for fewer contractors and more top talent installed across government Senior officials in the UK's civil service understand that future cyber hires in Whitehall will need to be paid a salary higher than that of the Prime Minister if the government wants to get serious about fending off attacks.…

Mar 11, 2025

CISA pen-tester says 100-strong red team binned after DOGE canceled contract

100+by Iain Thomson / 4d
Election infosec advisory center also shuttered Updated A penetration tester who worked at the US govt's CISA claims his 100-strong team was effectively dismissed after Elon Musk's Trump-blessed DOGE unit cancelled a contract – and that more folks have also been put out of work by the cybersecurity agency.…

'Uber for nurses' exposes 86K+ medical records, PII in open S3 bucket for months

by Jessica Lyons / 5d
Non-password-protected, unencrypted 108GB database … what could possibly go wrong Exclusive More than 86,000 records containing nurses' medical records, facial images, ID documents and more sensitive info linked to health tech company ESHYFT was left sitting in a wide-open misconfigured AWS S3 bucket for months — or possibly even longer — before it was closed it last week.…

FTC's $25.5M scam refund treats victims to $34 each

FTC refunds $25.5M to scam victims
by Connor Jones / 5d
Oh wow, just look at all the scary stuff in your Windows Event Viewer The Federal Trade Commission (FTC) is distributing over $25.5 million in refunds to consumers deceived by tech support scammers, averaging about $34 per person.…

Mar 10, 2025

MINJA sneak attack poisons AI models for other chatbot users

by Thomas Claburn / 5d
Nothing like an OpenAI-powered agent leaking data or getting confused over what someone else whispered to it AI models with memory aim to enhance user interactions by recalling past engagements. However, this feature opens the door to manipulation.…

Google begs owners of crippled Chromecasts not to hit factory reset

100+by Iain Thomson / 6d
Expired security cert kerfuffle leaves second-gen, Audio gadgets useless Updated Google's second-generation Chromecast and its Chromecast Audio are suffering a major ongoing outage, with devices failing to cast due to an expired security certificate authority. The web giant is aware of the breakdown and says a fix is in the works.…

Rhysida pwns two US healthcare orgs, extracts over 300K patients' data

Collection (Enterprise TA0009)
by Connor Jones / 6d
Terabytes of sensitive info remain available for download Break-ins to systems hosting the data of two US healthcare organizations led to thieves making off with the personal and medical data of more than 300,000 patients.…

Consumer Reports calls out slapdash AI voice-cloning safeguards

AI voice cloning tools lack safeguards
by Thomas Claburn / 6d
Study finds 4 out of 6 providers don't do enough to stop impersonation Four out of six companies offering AI voice cloning software fail to provide meaningful safeguards against the misuse of their products, according to research conducted by Consumer Reports.…

How NOT to f-up your security incident response

by Jessica Lyons / 6d
Experts say that the way you handle things after the criminals break in can make things better or much, much worse Feature Experiencing a ransomware infection or other security breach ranks among the worst days of anyone's life — but it can still get worse.…

The NHS security culture problem is a crisis years in the making

by Connor Jones / 6d
Insiders say board members must be held accountable and drive positive change from the top down Analysis Walk into any hospital and ask the same question – "Which security system should we invest in?" – to both a doctor and a board member, and you may get different answers. The doctor chooses the system that leads to the most positive patient outcomes, while the board member chooses whichever sol

Mar 9, 2025

Strap in, get ready for more Rust drivers in Linux kernel

by Thomas Claburn / 6d
Likening memory safety bugs to smallpox may not soothe sensitive C coders Rust is alive and well in the Linux kernel and is expected to translate into noticeable benefits shortly, though its integration with the largely C-oriented codebase still looks uneasy.…

Microsoft admits GitHub hosted malware that infected almost a million devices

14 TTPs
by Brandon Vigliarolo / 6d
Also, phone cleaner apps are a data-sucking scam, Singapore considering the literal rod for scammers, and more Infosec in Brief Microsoft has spotted a malvertising campaign that downloaded nastyware hosted on GitHub and exposed nearly a million devices to information thieves.…

India wants backdoors into clouds, email, SaaS, for tax inspectors

by Simon Sharwood / 7d
PLUS: Malaysia teams with Arm for local chip designs; NTT warns of possible breach; Samsung strikers settle; and more Asia in Brief India’s government has proposed giving its tax authorities sweeping powers to access private email systems and applications.…

Mar 8, 2025

Mar 7, 2025

Developer sabotaged ex-employer with kill switch activated when he was let go

Texas man convicted of computer sabotage
65by Iain Thomson / 8d
IsDavisLuEnabledInActiveDirectory? Not any more. IsDavisLuGuilty? Yes. IsDavisLuFacingJail? Also yes A federal jury in Cleveland has found a senior software developer guilty of sabotaging his employer's systems – and he's now facing a potential ten years behind bars.…

Uncle Sam charges alleged Garantex admins after crypto-exchange web seizures

by Jessica Lyons / 9d
$96B in transactions, some even labeled 'dirty funds,' since 2019, say prosecutors The Feds today revealed more details about the US Secret Service-led Garantex takedown, a day after seizing websites and freezing assets belonging to the Russian cryptocurrency exchange in coordination with German and Finnish law enforcement agencies.…

Alleged cyber scalpers Swiftly cuffed over $635K Taylor ticket heist

Cybercriminals steal Swift tickets
by Connor Jones / 9d
I knew you were trouble, Queens DA might have said Police have made two arrests in their quest to start a cybercrime crew's prison eras, alleging the pair stole hundreds of Taylor Swift tickets and sold them for huge profit. …
Labels:

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

Cyber War News Today.

"International Defence Cooperation:  A key to regional stability." Views expressed in this cybersecurity, cyber espionage, and cyber crime update are those of the reporters and correspondents.  Accessed on 15 December 2024, 0134 UTC. Content and Source:   https://cyberwar.einnews.com/news/cyber-war-news?n=2&code=FA9GNesSTpp2rjO1&utm_source=NewsletterNews&utm_medium=email&utm_campaign=Cyber+War+News&utm_content=navig Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Cyber War News Monitoring Get by    Email    •     RSS Published on  Dec 13, 2024 The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 13.3% WILMINGTON, DE, UNITED STATES, December 13, 2024 /⁨EINPresswire.com⁩/ -- According to the report, The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 1...
Post a Comment
Read more

The Cyberwire Daily Briefing

"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deplo...
Post a Comment
Read more

SecurityWeek Briefing

"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controvers...
Post a Comment
Read more