The Register-Security.

"China bans compulsory facial recognition and its use in private spaces like hotel rooms."

Views expressed in this cybersecurity and cyber crime update are those of the reporters and correspondents.  Accessed on 26 March 2025, 1523 UTC.

Content and Source: Email subscription via https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.theregister.co.uk%2Fsecurity%2Fheadlines.atom

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

The Register – Security

95K followers29 articles per week
#security#tech
32

Most popular

China bans compulsory facial recognition and its use in private spaces like hotel rooms

China restricts facial recognition use
100+by Simon Sharwood / 2d
PLUS: Zoho's Ulaa anointed India’s most patriotic browser; Typhoon-like gang targets Taiwan; Japan debates offensive cyber-ops; and more Asia In Brief China’s Cyberspace Administration and Ministry of Public Security has outlawed the use of facial recognition without consent.…

NCSC taps influencers to make 2FA go viral

by Connor Jones / 4h
Who knew social media stars had a role to play in building national cyber resilience? The world's biggest brands have benefited from influencer marketing for years – now the UK's National Cyber Security Centre (NCSC) has hopped on the bandwagon to preach two-factor authentication (2FA) to the masses.…

Yesterday

There are perhaps 10,000 reasons to doubt Oracle Cloud's security breach denial

2 TTPs
50by Connor Jones / 21h
Customers come forward claiming info was swiped from prod Oracle Cloud's denial of a digital break-in is now in clear dispute. A infosec researcher working on validating claims that the cloud provider's login servers were compromised earlier this year says some customers have confirmed data allegedly stolen and leaked from the database giant is genuine.…

Infosec pro Troy Hunt HasBeenPwned in Mailchimp phish

22by Connor Jones / 1d
16,000 stolen records pertain to former and active mail subscribers Infosec veteran Troy Hunt of HaveIBeenPwned fame is notifying thousands of people after phishers scooped up his Mailchimp mailing list.…

Mar 24, 2025

VanHelsing ransomware emerges to put a stake through your Windows heart

2 TTPs
by Iain Thomson / 1d
VanHelsing ransomware targets multiple systems
There's only one rule – don't attack Russia, duh Check Point has spotted a fresh ransomware-as-a-service crew in town: VanHelsing, touting a cross-platform locker targeting Microsoft Windows, Linux, and VMware ESXi systems, among others. But so far, only Windows machines have fallen victim, we're told.…

Hm, why are so many DrayTek routers stuck in a bootloop?

DrayTek routers face global vulnerabilities
by Iain Thomson / 1d
Time to update your firmware, if you can, to one with the security fixes, cough cough DrayTek router owners in the UK and beyond had a pretty miserable weekend after some ISPs began to notice a lot of their customers' gateways going offline.…

Public-facing Kubernetes clusters at risk of takeover thanks to Ingress-Nginx flaw

2 TTPs
by Simon Sharwood / 1d
How many K8s systems are sat on the internet front porch like that ... Oh, thousands, apparently Cloudy infosec outfit Wiz has discovered serious vulnerabilities in the admission controller component of Ingress-Nginx Controller that could allow the total takeover of Kubernetes clusters – and thinks more than 6,000 deployments of the software are at risk on the internet.…

Top Trump officials text secret Yemen airstrike plans to journo in Signal SNAFU

Trump officials' Signal chat scandal
by Iain Thomson / 1d
Massive OPSEC fail from the side who brought you 'lock her up' Updated Senior Trump administration officials used the messaging app Signal to discuss detailed plans to attack Houthi rebels in Yemen – and accidentally added a journalist to the group in which they chatted.…

FCC on the prowl for Huawei and other blocked Chinese makers in America

US investigates Chinese telecom firms
by Dan Robinson / 1d
Be vewy vewy quiet, I'm hunting rackets The FCC is investigating whether Chinese manufacturers black-listed on its so-called Covered List - including Huawei - are still somehow doing business in America, either by misreading the rules or willfully ignoring them.…

As nation-state hacking becomes 'more in your face,' are supply chains secure?

by Jessica Lyons / 1d
Ex-US Air Force officer says companies shouldn't wait for govt mandates Interview Former US Air Force cyber officer Sarah Cleveland worries about the threat of a major supply-chain attack from China or another adversarial nation. So she installed solar panels on her house: "Because what if the electric grid goes down?" …

AI agents swarm Microsoft Security Copilot

Microsoft enhances Security Copilot agents
by Thomas Claburn / 1d
Looking to sort through large volumes of security info? Redmond has your backend Microsoft's Security Copilot is getting some degree of agency, allowing the underlying AI model to interact more broadly with the company's security software to automate various tasks.…

23andMe's genes not strong enough to avoid Chapter 11

23andMe files for Chapter 11
by Connor Jones / 2d
CEO steps down after multiple failed attempts to take the DNA testing company private Beleaguered DNA testing biz 23andMe – hit by a massive cyber attack in 2023 – is filing for bankruptcy protection in the US following years of financial uncertainty.…

Is Washington losing its grip on crypto, or is it a calculated pivot to digital dominance?

Coinbase criticizes Treasury over Tornado Cash
by Iain Thomson / 2d
It's been a very busy week for Digicash Donald's administration Analysis Is the US retreating from its hardline stance on crypto? On Friday, the US Treasury Department lifted sanctions imposed on notorious crypto mixer Tornado Cash, once accused of washing billions in illicit crypto for criminals and nation-states alike.…

Mar 23, 2025

Microsoft tastes the unexpected consequences of tariffs on time

by Rupert Goodwins / 2d
Throw a spanner in the works, best get good at fixing things. Now, where did you put that spanner? Opinion Never attribute to malice that which is adequately explained by stupidity. This works well in sane times, less so when "but it's both" is the default. Apply it to Microsoft's decision to make bug reports include not only a working example but a video of the same, and the meter oscillates wil

Mobsters now overlap with cybercrime gangs and use AI for evil, Europol warns

4 TTPs
by Brandon Vigliarolo / 2d
PLUS: Russian bug-buyers seeks Telegram flaws; Another WordPress security mess; NIST backlog grows; and more! Infosec In Brief Organized crime networks are now reliant on digital tech for most of their activities according to Europol, the European agency that fights international crime on the continent and beyond.…

Mar 20, 2025

Paragon spyware deployed against journalists and activists, Citizen Lab claims

Paragon spyware scandal expands in Italy
25by Iain Thomson / 5d
Plus: Customer info stolen from 'parental control' software slinger SpyX; F-35 kill switch denied Infosec newsbytes Israeli spyware maker Paragon Solutions pitches its tools as helping governments and law enforcement agencies to catch criminals and terrorists, but a fresh Citizen Lab report claims its software has been used to target journalists, activists, and other civilians.…

Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist

3 TTPs
by Connor Jones / 5d
Palming off the blame using an ‘unknown’ best practice didn’t go down well either In patching the latest critical remote code execution (RCE) bug in Backup and Replication, software shop Veeam is attracting criticism from researchers for the way it handles uncontrolled deserialization vulnerabilities.…

Too many software supply chain defense bibles? Boffins distill advice

2 TTPs
by Thomas Claburn / 6d
How to avoid another SolarWinds, Log4j, and XZ Utils situation Organizations concerned about software supply chain attacks should focus on role-based access control, system monitoring, and boundary protection, according to a new preprint paper on the topic.…

The post-quantum cryptography apocalypse will be televised in 10 years, says UK's NCSC

Scope Technologies partners with COGITO
by Connor Jones / 6d
Wow, a government project that could be on time for once ... cos it's gonna be wayyyy more than a decade The UK's National Cyber Security Centre (NCSC) today started the post-quantum cryptography (PQC) countdown clock by claiming organizations have ten years to migrate to a safer future.…

Mar 19, 2025

Attackers swipe data of 500k+ people from Pennsylvania teachers union

3 TTPs
by Connor Jones / 6d
Pennsylvania State Education Association data
SSNs, payment details, and health info too The Pennsylvania State Education Association (PSEA) says a July 2024 "security incident" exposed sensitive personal data on more than half a million individuals, including financial and health info.…

IBM scores perfect 10 ... vulnerability in mission-critical OS AIX

2 TTPs
by Connor Jones / 6d
Big Blue's workstation workhorse patches hole in network installation manager that could let the bad guys in IBM "strongly recommends" customers running its Advanced Interactive eXecutive (AIX) operating system apply patches after disclosing two critical vulnerabilities, one of which has a perfect 10 severity score.…

Ex-US Cyber Command chief: Europe and 5 Eyes can't fully replicate US intel

by Jessica Lyons / 7d
Cue deepening existential European dread as Rest of World contemplates Trump turning off the info tap If the United States stopped sharing cyber-threat intel with Ukraine, its European allies and the rest of the Five Eyes nations wouldn't be able to provide all the info Uncle Sam collects, according to former chief of US Cyber Command and the NSA General Paul Nakasone.…

Mar 18, 2025

CISA fires, now rehires and immediately benches security crew on full pay

DOGE layoffs hit CISA employees
100+by Iain Thomson / 7d
DOGE efficiency in action The upheaval at the US government's Cybersecurity and Infrastructure Security Agency, aka CISA, took another twist on Tuesday, as it moved to reinstate staffers it had fired over the past few weeks - specifically those still in their probationary period - though they've been benched on paid leave for now.…

US tech jobs outlook clouded by DOGE cuts, Trump tariffs

by Brandon Vigliarolo / 7d
Hiring remains relatively strong as analysts warn of slowdown A pair of reports on tech sector employment trends in the United States suggest out-of-work techies right now have relatively decent prospects, but economic uncertainty and rapid policy changes initiated by the Trump administration mean the future job market looks less rosy.…

End of feed

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

Cyber War News Today.

Image
"International Defence Cooperation:  A key to regional stability." Views expressed in this cybersecurity, cyber espionage, and cyber crime update are those of the reporters and correspondents.  Accessed on 15 December 2024, 0134 UTC. Content and Source:   https://cyberwar.einnews.com/news/cyber-war-news?n=2&code=FA9GNesSTpp2rjO1&utm_source=NewsletterNews&utm_medium=email&utm_campaign=Cyber+War+News&utm_content=navig Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Cyber War News Monitoring Get by    Email    •     RSS Published on  Dec 13, 2024 The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 13.3% WILMINGTON, DE, UNITED STATES, December 13, 2024 /⁨EINPresswire.com⁩/ -- According to the report, The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 1...
Read more

Cyber War News Today.

Image
"ADP investing in cyber warfare workforce." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 28 May 2025, 1940 UTC. Content and Source:  "Cyber War News Today."  https://cyberwar.einnews.com/news/cyber-war-news?n=2&code=FA9GNesSTpp2rjO1&utm_source=NewsletterNews&utm_medium=email&utm_campaign=Cyber+War+News&utm_content=navig Please click email link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Cyber War News Monitoring Get by    Email    •     RSS Published on  06:47 GMT पहलगामनंतर पाकिस्तानने भारतावर कशाप्रकारे Cyber War लादले? पहलगाम हत्याकांडानंतरच्या दोन आठवड्यांनंतर, भारतीय सायबर स्पेसवर पाकिस्तानकडून मोठ्या प्रमाणात हल्ले सुरु झाले. काही दिवशी तर, दर तासाला तब्बल 90 कोटी DDoS (डिस्ट्रिब्युटेड डिनायल ऑफ सर्व्हिस) हल्ले झाले, अशी माहिती सायबर सुरक्षेत कार्...
Read more

SecurityWeek Briefing

Image
"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controvers...
Read more