The Register - Anti-Virus

Better late than never, we guess

An urgent ransomware warning from the Feds has some industry analysts scratching their heads and wondering if Uncle Sam's noggin has been buried in the sand for too long.…

Early signs emerge after Progress Software said there were no active attempts last week

Security researchers have spotted what they believe to be a "possible mass exploitation" of vulnerabilities in Progress Software's WS_FTP Server.…

Security exec Mark Ryland spills the tea on hush-hush threat intel tool

Interview  AWS has unveiled MadPot, its previously secret threat-intelligence tool that one of the cloud giant's security execs tells us has thwarted Chinese and Russian spies – and millions of bots.…

No, that does not mean you can leave it at home just yet

Last week the internet was abuzz with talk that Singapore's commercial Changi airport was no longer going to require passports for clearance at immigration. Although it is true the paper documentation will be replaced by biometric measures, it's not quite time to pack the document away.…

Plus: Johnson Controls hit by IT 'incident', Exim and Chrome security updates, and more

Infosec in brief  Progress Software, maker of the mass-exploited MOVEit document transfer tool, is back in the news with more must-apply security patches, this time for another file-handling product: WS_FTP.…

From AI to just plain aaaiiiee!

Microsoft introduced its Bing Chat AI search assistant in February and a month later began serving ads alongside it to help cover costs.…

'Research purposes' excuse didn't fly

A PhD student has been found guilty of building a potentially deadly drone for Islamic State terrorists, in part using his home 3D printer.…

But Meta was just about to start asking people for their permission!

Norway has told the European Data Protection Board (EDPB) it believes a countrywide ban on Meta harvesting user data to serve up advertising on Facebook and Instagram should be made permanent and extended across Europe.…

No classified systems involved apparently, but internal diplomatic notes, travel details, staff SSNs, etc

Chinese snoops stole about 60,000 State Department emails when they broke into Microsoft-hosted Outlook and Exchange Online accounts belonging to US government officials over the summer.…

FBI agents ought to get spy court approval before reviewing US persons' chats, board reckons

A privacy panel within the US government today narrowly recommended that Congress reauthorize the Feds' Section 702 spying powers — but with some stronger protections for US citizens only.…

Autonomous sub should recharge and resupply in perfect stealth, hopefully

DARPA's extended-duration unmanned undersea vehicle (UUV) is having its first aquatic excursion to test if this naval drone has wings, er, fins.…

The URLs needed to share chat histories have been indexed. Of course

Google's Bard chatbot is currently being re-educated to better understand privacy.…

He's also worried about alliances that freeze out Chinese tech

Chinese minister for national security Chen Yixin has penned an article rating the digital risks his country faces and rated network security incidents as the most realistic source of harm to the Chinternet – both in terms of attacks and the dissemination of fake news.…

Letter to City Council supports measures to ban biometric tech from public spaces

"New Yorkers should not be forced to accept biometric surveillance as part of simple activities like buying groceries or taking their kids to a baseball game," more than 30 civil and digital rights organizations said yesterday in a letter backing new privacy laws in the city.…

More precise timing tests find many implementations vulnerable

An engineer has identified longstanding undetected flaws in a 25-year-old method for encrypting data using RSA public-key cryptography.…

Progress Software vulnerability ID'd in enormous burglary at Ontario's BORN

Canada's Better Outcomes Registry & Network (BORN) fears a MOVEit breach allowed cybercriminals to copy 3.4 million people's childcare health records dating back more than a decade.…

Russian have shifted tactics in the first half of 2023, with mixed results

The Ukrainian State Service of Special Communications and Information Protection (SSSCIP) has claimed that Russian cyberspies are targeting its servers looking for data about alleged Kremlin-backed war crimes.…

Cloud provider blamed for loss of 20% of exchange's capital

Mixin Network confirmd on Monday that it has "temporarily suspended" all deposit and withdrawal services after hackers broke into a database and stole about $200 million in funds from the Hong-Kong based cryptocurrency firm. …

PLUS: Trojan hidden in PoC; cyber insurance surge; pig butchering's new cuts; and the week's critical vulns

Infosec in brief  T-Mobile US has had another bad week on the infosec front – this time stemming from a system glitch that exposed customer account data, followed by allegations of another breach the carrier denied.…

Holes in iOS, macOS and more fixed following tip off from Google, Citizen Lab

Apple emitted patches this week to close security holes that have been exploited in the wild by commercial spyware.…