The Register - Anti-Virus
Securing open source software: Whose job is it, anyway?
The US government and some of the largest open source foundations and package repositories have announced a series of initiatives intended to improve software supply-chain security, while also repeating calls for developers to increase support for such efforts.…
We're not Meta support: State AGs tell Zuck to fix rampant account takeover problem
A group of 41 US state attorneys general, tired of serving as a customer complaint clearinghouse for Facebook and Instagram users, have sent a letter to Meta asking it to figure out how to reduce a "dramatic and persistent spike" in account takeovers.…
Chrome users – get an alert when extensions are in danger of falling into wrong hands
Millions of Chrome users now have a way to guard against the threat of extension subversion, that is, if they don't mind installing yet another browser extension.…
Possible China link to Change Healthcare ransomware attack
A criminal claiming to be an ALPHV/BlackCat affiliate — the gang responsible for the widely disruptive Change Healthcare ransomware infection last month — may have ties to Chinese government-backed cybercrime syndicates.…
JetBrains TeamCity under attack by ransomware thugs after disclosure mess
Security researchers are increasingly seeing active exploit attempts using the latest vulnerabilities in JetBrains' TeamCity that in some cases are leading to ransomware deployment.…
Belgian ale legend Duvel's brewery borked as ransomware halts production
Belgian beer brewer Duvel says a ransomware attack has brought its facility to a standstill while its IT team works to remediate the damage.…
VMware urges emergency action to blunt hypervisor flaws
Hypervisors are supposed to provide an inviolable isolation layer between virtual machines and hardware. But hypervisor heavyweight VMware by Broadcom yesterday revealed its hypervisors are not quite so inviolable as it might like.…
Reminder: Infostealer malware is coming for your ChatGPT credentials
Stolen ChatGPT credentials are a hot commodity on the dark web, according to Singapore-based threat intelligence firm Group-IB, which claims to have found some 225,000 log files containing login details for the service last year.…
US politicians want ByteDance to sell off TikTok or face ban
A group of US lawmakers introduced legislation on Tuesday that, if passed, would force Chinese internet concern ByteDance to divest TikTok – its most valuable property – or see it banned in the US.…
Lawsuit claims gift card fraud is the gift that keeps on giving, to Google
Google has been accused of profiting from gift card scams.…
Chinese chap charged with stealing Google’s AI datacenter secrets
A now-former Google employee has been charged with stealing the ad giant’s AI trade secrets while quietly working for two Chinese companies – after easily defeating whatever security controls Big G had in place.…
FBI: Critical infrastructure suffers spike in ransomware attacks
Digital crimes potentially cost victims more than $12.5 billion last year, according to the FBI's latest Internet Crime Complaint Center (IC3) annual report. …
Apple's trademark tight lips extend to new iPhone, iPad zero-days
Apple's latest security patches address four vulnerabilities affecting iOS and iPadOS, including two zero-days that intel suggests attackers have already exploited.…
Capita says 2023 cyberattack costs a factor as it reports staggering £100M+ loss
Outsourcing giant Capita today reported a net loss of £106.6 million ($135.6 million) for calendar 2023, with the costly cyberattack by criminals making a hefty dent in its annual financials.…
Chip lobby group SEMI to EU: Export restrictions should only be used in self-defense
SEMI, an industry association representing 3,000 chip vendors, would really appreciate it if the European Union would back off plans to impose export controls on China, arguing that they should only be used as a "last resort" to protect national security.…
Japan orders local giants LINE and NAVER to disentangle their tech stacks
Japan's government has ordered local tech giants LINE and NAVER to disentangle their tech stacks, after a data breach saw over 510,000 users' data exposed.…
Uncle Sam intervenes as Change Healthcare ransomware fiasco creates mayhem
The US government has stepped in to help hospitals and other healthcare providers affected by the Change Healthcare ransomware infection, offering more relaxed Medicare rules and urging advanced funding to providers.…
Fidelity customers' financial info feared stolen in suspected ransomware attack
Criminals have probably stolen nearly 30,000 Fidelity Investments Life Insurance customers' personal and financial information — including bank account and routing numbers, credit card numbers and security or access codes — after breaking into Infosys' IT systems in the fall.…
US accuses Army vet cyber-Casanova of sharing Russia-Ukraine war secrets
Yet another US military man is facing a potentially significant stretch in prison after allegedly sending secret national defense information (NDI) overseas.…
IP address X-posure now a feature on Musk's social media thing
Video and audio calling features for X Premium users added last year to Elon Musk's version of Twitter have been expanded to everyone on the platform, and FYI: It may reveal your IP address to those you're nattering away to.…