The Register-Security
- Get link
- X
- Other Apps
"Malware-pwned laptop gifts cybercriminals...."
Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 06 November 2025, 1413 UTC.
Content and Source: "The Register-Security."
Compilation via email subscription from https://feedly.com.
https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.theregister.co.uk%2Fsecurity%2Fheadlines.atom
Please check subscription link or scroll down to read your selections. Thanks for joining us today.
Russ Roberts (https://www.hawaiicybersecurityjournal.net).
25
Most popular
Stolen creds let miscreants waltz into 17K employees' chats, spilling info on staff and partners Japanese media behemoth Nikkei has admitted to a data breach after miscreants slipped into its internal Slack workspace, exposing the personal details of more than 17,000 employees and business partners.…
Spies, not crooks, were behind digital heist – damage stopped at the backups, says US cybersec biz SonicWall has blamed an unnamed, state-sponsored collective for the September break-in that saw cybercriminals rifle through a cache of firewall configuration backups.…
23by Carly Page / 1d
After a £312M upgrade to the retiring OS, Defra still has 24,000 devices to replace The UK's Department for Environment, Food & Rural Affairs (Defra) has spent £312 million (c $407 million) modernizing its IT estate, including replacing tens of thousands of Windows 7 laptops with Windows 10 – which officially reached end of support last month.…
Yesterday
by Eirik Salmi, system analyst, Passwork / 5h
Strongly-worded emails to staff telling them to be more careful aren't going to cut it anymore Partner Content UK GDPR Article 32 mandates "appropriate security measures". The ICO has defined what that means: multi-million-pound fines for password failures. The violations that trigger them? Small, familiar, and happening in your organization right now.…
by Brandon Vigliarolo / 20h
Second time's the charm for after Wiz rejected Google's $23B offer last year Google's second attempt to acquire cloud security firm Wiz is going a lot better than the first, with the Department of Justice clearing the $32 billion deal, which ranks as Google's largest-ever acquisition.…
Local privileges required to exploit flaw in Ryzen and Epyc CPUs. Some patches available, more on the way AMD will issue a microcode patch for a high-severity vulnerability that could weaken cryptographic keys across Epyc and Ryzen CPUs.…
Meanwhile, others tried to social-engineer the chatbot itself Nation-state goons and cybercrime rings are experimenting with Gemini to develop a "Thinking Robot" malware module that can rewrite its own code to avoid detection, and build an AI agent that tracks enemies' behavior, according to Google Threat Intelligence Group.…
Retailer's tech systems aren’t down anymore, but the same can’t be said for its rocky financials Marks & Spencer says its April cyberattack will cost around £136 million ($177.2 million) in total.…
A ‘three-letter person’ experiments with the new type-safe C, and is impressed Famed mathematician, cryptographer and coder Daniel J. Bernstein has tried out the new type-safe C/C++ compiler, and he's given it a favorable report.…
Nov 4, 2025
DHS rule would expand biometric collection to immigrants and some citizens linked to them If you're filing an immigration form - or helping someone who is - the Feds may soon want to look in your eyes, swab your cheek, and scan your face. The US Department of Homeland Security wants to greatly expand biometric data collection for immigration applications, covering immigrants and even some US citi
IoC > 1 URL, 4 IPs, 4 hashes, and 1 domain
by Jessica Lyons / 1d
•14 TTPs
Curly COMrades strike again Russia's Curly COMrades is abusing Microsoft's Hyper-V hypervisor in compromised Windows machines to create a hidden Alpine Linux-based virtual machine that bypasses endpoint security tools, giving the spies long-term network access to snoop and deploy malware.…
Security program fails to meet federal standards as government cuts drain resources The infosec program run by the US' Consumer Financial Protection Bureau (CFPB) "is not effective," according to a fresh audit published by the Office of the Inspector General (OIG).…
3 TTPs
by Carly Page / 2d
Check Point lifts lid on a quartet of Teams vulns that made it possible to fake the boss, forge messages, and quietly rewrite history Microsoft Teams, one of the world's most widely used collaboration tools, contained serious, now-patched vulnerabilities that could have let attackers impersonate executives, rewrite chat history, and fake notifications or calls – all without users suspecting a thi
6 TTPs
by Connor Jones / 2d
France-based victims hit especially hard, while UK named most-targeted country generally Researchers are seeing a "dramatic" increase in cybercrime involving physical violence across Europe, with at least 18 cases reported since the start of the year.…
4 TTPs
by Carly Page / 2d
Redmond uncovers SesameOp, a backdoor hiding its tracks by using OpenAI’s Assistants API as a command channel Hackers have found a new use for OpenAI's Assistants API – not to write poems or code, but to secretly control malware.…
Nov 3, 2025
South Korea's president laughed, so perhaps it was funny? Unlike China's censorship and snooping Chinese president Xi Jinping has joked that smartphones from Xiaomi might include backdoors.…
55 cuffed last week after court ruled sting operation was legal Australian police last week made 55 arrests using evidence gathered with a backdoored messaging app that authorities distributed in the criminal community.…
Even AI has doubts about the claim that '80% of ransomware attacks are AI-driven' Do 80 percent of ransomware attacks really come from AI? MIT Sloan has now withdrawn a working paper that made that eyebrow-raising claim after criticism from security researcher Kevin Beaumont.…
Rogues committed extortion while working for infosec firms A ransomware negotiator and an incident response manager at two separate cybersecurity firms have been indicted for allegedly carrying out ransomware attacks of their own against multiple US companies.…
Last year's winner scored a $65M funding round on a $300M valuation Cloud and AI security startups have two weeks to apply for a program that fast-tracks access to investors and mentors from Amazon Web Services, CrowdStrike, and Nvidia.…
5 TTPs
by Connor Jones / 2d
Old-school cargo heists reborn in the cyber age Cybercriminals are increasingly orchestrating lucrative cargo thefts alongside organized crime groups (OCGs) in a modern-day resurgence of attacks on freight companies.…
by Connor Jones / 3d
But question marks remain over the tech’s biases London's Metropolitan Police Service (MPS) says the hundreds of live facial recognition (LFR) deployments across the Capital last year led to 962 arrests, according to a new report on the controversial tech's use.…
by Mary-Ann Russon / 3d
Ukraine first to demo open source security platform to isolate incidents, stop lateral movement Feature It was a sunny morning in late April when a massive power outage suddenly rippled across Spain, Portugal, and parts of southwestern France, leaving tens of millions of people without electricity for hours.…
Nov 2, 2025
7 TTPs
by Brandon Vigliarolo / 3d
PLUS: Cyber-exec admits selling secrets to Russia; LastPass isn't checking to see if you're dead; Nation-state backed Windows malware; and more Infosec in brief Australia’s Signals Directorate (ASD) last Friday warned that attackers are installing an implant named “BADCANDY” on unpatched Cisco IOS XE devices and can detect deletion of their wares and reinstall their malware.…
End of feed
- Get link
- X
- Other Apps
Comments
Post a Comment
Please leave a comment about our recent post.