The Register-Security.

"Crypto thief earns additional prison time for assaulting witness."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 26 August 2025, 1435 UTC.

Content and Source via email subscription from https://feedly.com.

https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.theregister.co.uk%2Fsecurity%2Fheadlines.atom

Please check subscription link or scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Florida man sentenced for witness assault

•

by Connor Jones / 41min

Remy Ra St Felix led a vicious international crime ring A violent home invader and gunpoint cryptocurrency thief will now spend more than 50 years behind bars after being found guilty of assaulting a witness.…

Farmers Insurance harvests bad news: 1.1M customers snared in data breach

4 TTPs

•

by Carly Page / 3h

•

Farmers Insurance data breach investigation

Crims raided third-party systems and lifted personal data, including license numbers and partial SSNs US insurance giant Farmers Insurance says more than a million customers had personal data nicked after a third-party vendor was compromised.…

AI crawlers and fetchers are blowing up websites, with Meta and OpenAI the worst offenders

AI bots dominate web traffic

•

21by Gareth Halfacree / 5d

One fetcher bot seen smacking a website with 39,000 requests per minute Updated Cloud services giant Fastly has released a report claiming AI crawlers are putting a heavy load on the open web, slurping up sites at a rate that accounts for 80 percent of all AI bot traffic, with the remaining 20 percent used by AI fetchers. Bots and fetchers can hit websites hard, demanding data from a single site

Yesterday

Malware-ridden apps made it into Google's Play Store, scored 19 million downloads

5 TTPs

•

by Iain Thomson / 7h

•

Google removes 77 malicious apps

Everything's fine, the ad slinger assures us Cloud security vendor Zscaler says customers of Google’s Play Store have downloaded more than 19 million instances of malware-laden apps that evaded the web giant’s security scans.…

Aug 24, 2025

Australian university used Wi-Fi location data to identify student protestors

University of Melbourne surveilled protesters

•

by Simon Sharwood / 1d

PLUS: India bans ‘money’ games; SK Hynix cranks out 321-layer SSDs; Fastly re-thinking CDNs for Asia; and more! Asia In Brief Australia’s University of Melbourne last year used Wi-Fi location data to identify student protestors.…

AWS, Cloudflare, Digital Ocean, and Google helped Feds investigate alleged Rapper Bot DDoS perp

3 TTPs

•

by Iain Thomson / 1d

Comet AI browser fooled; Microsoft sets sail for quantum safety; Sailor sent down for espionage Infosec in brief PLUS…

Aug 23, 2025

Bug bounties: The good, the bad, and the frankly ridiculous ways to do it

by Iain Thomson / 2d

For incentives remember the three Fs – finance, fame, and fixing it feature Thirty years ago, Netscape kicked off the first commercial bug bounty program. Since then, companies large and small have bought into the idea, with mixed results.…

Aug 22, 2025

Short circuit: Electronics supplier to tech giants suffers ransomware shutdown

3 TTPs

•

by Jessica Lyons / 3d

•

Data I/O suffers ransomware attack

Amazon, Apple, Google, and Microsoft among major customers Data I/O, a major electronics manufacturer whose customers include Amazon, Apple, Google, and Microsoft, notified federal regulators that it fell victim to a ransomware infection on August 16 that continues to disrupt its business operations.…

Kidney dialysis giant DaVita tells 2.4M people they were snared in ransomware data theft nightmare

2 TTPs

•

by Jessica Lyons / 3d

•

Healthcare data breaches affect millions

Health details, tax ID numbers, even images of checks were stolen, reportedly by the Interlock gang Ransomware scum breached kidney dialysis firm Davita's labs database in April and stole about 2.4 million people's personal and health-related information.…

Criminal background checker APCS faces data breach

APCS data breach from third-party attack

•

by Connor Jones / 3d

The attack first affected an upstream provider of bespoke software Exclusive A leading UK provider of criminal record checks for employers is handling a data breach stemming from a third-party development company.…

Fake CAPTCHA tests trick users into running malware

17 TTPs

•

by Gareth Halfacree / 3d

•

ClickFix social engineering attacks surge

ClickFix tricks Microsoft's security team has published an in-depth report into ClickFix, the social engineering attack which tricks users into executing malicious commands in the guise of proving their humanity.…

Interpol bags 1,209 suspects, $97M in cybercrime operation focused on Africa

Interpol arrests 1209 African cybercriminals

•

by Connor Jones / 4d

Crypto mines, BEC scams, fake passports, and a $300M fraud empire allegedly brought down during Serengeti 2.0 Interpol's latest clampdown on cybercrime resulted in 1,209 arrests across the African continent, from ransomware crooks to business email compromise (BEC) scammers, the agency says.…

Aug 21, 2025

Developer jailed for taking down employer's network with kill switch malware

by Iain Thomson / 4d

Pro tip: When taking revenge, don't use your real name A US court sentenced a former developer at power management biz Eaton to four years in prison after he installed malware on the company’s servers.…

Anthropic scanning Claude chats for queries about DIY nukes for some reason

Anthropic develops nuclear threat detection

•

by Thomas Claburn / 4d

Because savvy terrorists always use public internet services to plan their mischief, right? Anthropic says it has scanned an undisclosed portion of conversations with its Claude AI model to catch concerning inquiries about nuclear weapons.…

Microsoft reportedly cuts China's early access to bug disclosures, PoC exploit code

by Jessica Lyons / 4d

Better late than never after SharePoint assault? Microsoft has reportedly stopped giving Chinese companies proof-of-concept exploit code for soon-to-be-disclosed vulnerabilities following last month's SharePoint zero-day attacks, which appear to be related to a leak in Redmond's early-bug-notification program.…

'Impersonation as a service' the next big thing in cybercrime

by Jessica Lyons / 4d

Underground forums now recruiting English-speaking social engineers English speakers adept at social engineering are a hot commodity in the cybercrime job market.…

Honey, I shrunk the image and now I'm pwned

2 TTPs

•

by Thomas Claburn / 4d

Google’s Gemini-powered tools tripped up by image-scaling prompt injection Security researchers with Trail of Bits have found that Google Gemini CLI and other production AI systems can be deceived by image scaling attacks, a well-known adversarial challenge for machine learning systems.…

Congressman proposes bringing back letters of marque for cyber privateers

by Brandon Vigliarolo / 4d

Bill would let US President commission white hat hackers to go after foreign threats, seize assets on the online seas It's been more than 200 years since the United States issued a letter of marque allowing privateers to attack the vessels of foreign nations, but those letters may return to empower cyber operators if a bill introduced in Congress actually manages to pass. …

Orange Belgium mega-breach exposes 850K customers to serious fraud

6 TTPs

•

by Connor Jones / 5d

•

Orange Belgium data breach

Everything a criminal needs for targeted attacks exposed, but telco insists 'no critical data compromised' A significant data theft at Orange Belgium has opened hundreds of thousands of its customers to serious cybersecurity risks.…

US cops wrap up RapperBot, one of world's biggest DDoS-for-hire rackets

by Carly Page / 5d

Feds say Mirai-spawned botnet blasted 370K attacks before AWS and pals helped yank its servers RapperBot, a botnet-for-hire blamed for hundreds of thousands of DDoS attacks, has been yanked offline by the Feds, who also hauled in its alleged Oregon-based mastermind.…

Apple rushes out fix for active zero-day in iOS and macOS

CVE-2025-43300

•

by Carly Page / 5d

Another 'extremely sophisticated' exploit chewing at Cupertino's walled garden Apple has shipped emergency updates to fix an actively exploited zero-day in its ImageIO framework, warning that the flaw has already been abused in targeted attacks.…

Colt changes tune, admits data theft as Warlock gang begins auction

3 TTPs

•

by Connor Jones / 5d

•

Colt telco suffers cyberattack

Worried about your data? No probs, says firm, we'll check the dark web crims' list for you! Yes really A week after its services were disrupted by a cyberattack, UK telco Colt Technology Services has gone back on its initial statement to confirm that data has indeed been stolen.…

Google yet to take down 'screenshot-grabbing' Chrome VPN extension

4 TTPs

•

by Gareth Halfacree / 5d

Researcher claims extension didn't start out by exfiltrating info... while dev says its actions are 'compliant' Security boffins at Koi Security have warned of a shift in behavior of a popular Chrome VPN extension, FreeVPN.One, which recently appears to have begu

Search This Blog

Hawaii Cybersecurity Journal