The Register - Anti-Virus

Syndikovat obsah
Biting the hand that feeds IT — Enterprise Technology News and Analysis
Aktualizace: 25 min 1 sek zpět

CrowdStrike meets Murphy's Law: Anything that can go wrong will

26 Červenec, 2024 - 20:36
And boy, did last Friday's Windows fiasco ever prove that yet again

Opinion  CrowdStrike's recent Windows debacle will surely earn a prominent place in the annals of epic tech failures. On July 19, the cybersecurity giant accomplished what legions of hackers could only dream of – bringing millions of Windows systems worldwide to their knees with a single botched update.…

Kategorie: Viry a Červi

Progress discloses second critical flaw in Telerik Report Server in as many months

26 Červenec, 2024 - 15:32
These are the kinds of bugs APTs thrive on, just ask the Feds

Progress Software's latest security advisory warns customers about the second critical vulnerability targeting its Telerik Report Server in as many months.…

Kategorie: Viry a Červi

North Korean chap charged for attacks on US hospitals, military, NASA – and even China

26 Červenec, 2024 - 04:58
Microsoft, Mandiant, weigh in with info about methods used by Andariel gang alleged to have made many, many, heists

The US Department of Justice on Thursday charged a North Korean national over a series of ransomware attacks on stateside hospitals and healthcare providers, US defense companies, NASA, and even a Chinese target.…

Kategorie: Viry a Červi

Malware crew Stargazers Goblin used 3,000 GitHub accounts to make bank

26 Červenec, 2024 - 03:34
May even have targeted other malware gangs, and infosec researchers

Infosec researchers have discovered a network of over three thousand malicious GitHub accounts used to spread malware, targeting groups including gamers, malware researchers, and even other threat actors who themselves seek to spread malware.…

Kategorie: Viry a Červi

CrowdStrike update blunder may cost world billions – and insurance ain't covering it all

26 Červenec, 2024 - 02:35
We offer this formula instead: RND(100.0)*(10^9)

The cost of CrowdStrike's apocalyptic Falcon update that brought down millions of Windows computers last week may be in the billions of dollars, and insurance isn't covering most of that.…

Kategorie: Viry a Červi

Beware of fake CrowdStrike domains pumping out Lumma infostealing malware

26 Červenec, 2024 - 00:30
PSA: Only accept updates via official channels ... ironically enough

CrowdStrike is the latest lure being used to trick Windows users into downloading and running the notorious Lumma infostealing malware, according to the security shop's threat intel team, which spotted the scam just days after the Falcon sensor update fiasco.…

Kategorie: Viry a Červi

FYI: Data from deleted GitHub repos may not actually be deleted

25 Červenec, 2024 - 21:51
And the forking Microsoft-owned code warehouse doesn't see this as much of a problem

Researchers at Truffle Security have found, or arguably rediscovered, that data from deleted GitHub repositories (public or private) and from deleted copies (forks) of repositories isn't necessarily deleted.…

Kategorie: Viry a Červi

Uncle Sam accuses telco IT pro of decade-long spying campaign for China

25 Červenec, 2024 - 19:15
Beijing has a long history of recruiting US residents to carry out various espionage activities

The US is looking to prosecute a Chinese immigrant over claims he has been drip-feeding information of interest to Beijing since at least 2012.…

Kategorie: Viry a Červi

You should probably fix this 5-year-old critical Docker vuln fairly sharpish

25 Červenec, 2024 - 15:46
For some unknown reason, initial patch was omitted from later versions

Docker is warning users to rev their Docker Engine into patch mode after it realized a near-maximum severity vulnerability had been sticking around for five years.…

Kategorie: Viry a Červi

Kaspersky says Uncle Sam snubbed proposal to open up its code for third-party review

25 Červenec, 2024 - 14:01
Those national security threat claims? 'No evidence,' VP tells The Reg

Exclusive  Despite the Feds' determination to ban Kaspersky's security software in the US, the Russian business continues to push its proposal to open up its data and products to independent third-party review – and prove to Uncle Sam that its code hasn't been and won't be compromised by Kremlin spies.…

Kategorie: Viry a Červi

Patch management still seemingly abysmal because no one wants the job

25 Červenec, 2024 - 09:27
Are your security and ops teams fighting to pass the buck?

Comment  Patching: The bane of every IT professional's existence. It's a thankless, laborious job that no one wants to do, goes unappreciated when it interrupts work, and yet it's more critical than ever in this modern threat landscape.…

Kategorie: Viry a Červi

How a cheap barcode scanner helped fix CrowdStrike'd Windows PCs in a flash

25 Červenec, 2024 - 04:29
This one weird trick saved countless hours and stress – no, really

Not long after Windows PCs and servers at the Australian limb of audit and tax advisory Grant Thornton started BSODing last Friday, senior systems engineer Rob Woltz remembered a small but important fact: When PCs boot, they consider barcode scanners no differently to keyboards.…

Kategorie: Viry a Červi

The months and days before and after CrowdStrike's fatal Friday

25 Červenec, 2024 - 02:17
'In the short term, they're going to have to do a lot of groveling'

Analysis  The great irony of the CrowdStrike fiasco is that a cybersecurity company caused the exact sort of massive global outage it was supposed to prevent. And it all started with an effort to make life more difficult for criminals and their malware, with an update to its endpoint detection and response tool Falcon.…

Kategorie: Viry a Červi

Oops. Apple relied on bad code while flaming Google Chrome's Topics ad tech

24 Červenec, 2024 - 22:44
Yes, you can be fingerprinted and tracked via Privacy Sandbox – tho the risk isn't as high as feared

Apple last week celebrated a slew of privacy changes coming to its Safari browser and took the time to bash rival Google for its Topics system that serves online ads based on your Chrome history.…

Kategorie: Viry a Červi

Uncle Sam opens probe into CrowdStrike turbulence at Delta Air Lines

24 Červenec, 2024 - 19:02
Concerns abound over why it has taken so long to recover compared to competitors

The US Department of Transportation (DoT) is investigating Delta Air Lines over its handling of the global IT outage caused by CrowdStrike's content update.…

Kategorie: Viry a Červi

Windows Patch Tuesday update might send a user to the BitLocker recovery screen

24 Červenec, 2024 - 17:02
Not now, Microsoft

Some Windows devices are presenting users with a BitLocker recovery screen upon reboot following the installation of July's Patch Tuesday update.…

Kategorie: Viry a Červi

Data pilfered from Pentagon IT supplier Leidos

24 Červenec, 2024 - 15:31
With numerous US government agency customers, any leak could be serious

Updated  Internal documents stolen from Leidos Holdings, an IT services provider contracted with the Department of Defense and other US government agencies, have been leaked on the dark web.…

Kategorie: Viry a Červi

School gets an F for using facial recognition on kids in canteen

24 Červenec, 2024 - 10:32
Watchdog reprimand follows similar cases in 2021

The UK's data protection watchdog has reprimanded a school in Essex for using facial recognition for canteen payments, nearly three years after other schools were warned about doing the same.…

Kategorie: Viry a Červi

Forget security – Google's reCAPTCHA v2 is exploiting users for profit

24 Červenec, 2024 - 08:33
Web puzzles don't protect against bots, but humans have spent 819 million unpaid hours solving them

Updated  Google promotes its reCAPTCHA service as a security mechanism for websites, but researchers affiliated with the University of California, Irvine, argue it's harvesting information while extracting human labor worth billions.…

Kategorie: Viry a Červi

CrowdStrike blames a test software bug for that giant global mess it made

24 Červenec, 2024 - 07:17
Something called 'Content Validator' did not validate the content, and the rest is history

CrowdStrike has blamed a bug in its own test software for the mass-crash-event it caused last week.…

Kategorie: Viry a Červi