The Register - Anti-Virus

AI-spoofed Mark joins fellow billionaires as the voice of the street – here's how it was probably done

Video  Crosswalk buttons in various US cities were hijacked over the past week or so to – rather than robotically tell people it's safe to walk or wait – instead emit the AI-spoofed voices of Jeff Bezos, Elon Musk, and Mark Zuckerberg.…

Using LLMs to pick programs, people, contracts to cut is bad enough – but doing it with Musk's Grok? Yikes

A group of 48 House Democrats is concerned that Elon Musk's cost-trimmers at DOGE are being careless in their use of AI to help figure out where to slash, creating security risks and giving the oligarch's artificial intelligence lab an inside track to train its models on government info.…

Some in the infosec world definitely want to see Big Red crucified

CISA – the US government's Cybersecurity and Infrastructure Security Agency – has issued an alert for those who missed Oracle grudgingly admitting some customer data was stolen from the database giant's public cloud infrastructure.…

MITRE, EUVD, GCVE … WTF?

Comment  The splintering of the global system for identifying and tracking security bugs in technology products has begun.…

Illegitimi non carborundum? Nice password, Mr Ex-CISA

Chris Krebs, the former head of the US Cybersecurity and Infrastructure Security Agency (CISA) and a longtime Trump target, has resigned from SentinelOne following a recent executive order that targeted him and revoked the security clearances of everybody at the company.…

Truck-mounted demonstration weapon costs 10p a pop, says MOD

British soldiers have successfully taken down drones with a radio-wave weapon.…

Ignored infosec rules, exfiltrated data … then the mysterious login attempts from a Russian IP address began – claim

Democratic lawmakers are calling for an investigation after a tech staffer at the US National Labor Relations Board (NLRB) blew the whistle on the cost-trimming DOGE's activities at the employment watchdog – which the staffer claims included being granted superuser status in contravention of standard operating procedures, exfiltrating data, and seemingly leaking credentials to someone with a Russian IP address.…

Microsoft rewards those who patch early with bricks hurled through its operating system

Keeping with its rich history of updates that break Windows in unexpected ways, Microsoft has warned that two recent patches for Windows 11 24H2 are triggering blue screen crashes.…

Extraordinary rendition of data, or just dropped it out of a helicopter?

CIA Director John Ratcliffe's smartphone has almost no trace left of the infamous Signalgate chat – the one in which he and other top US national security officials discussed a secret upcoming military operation in a group Signal conversation a journalist was inadvertently added to.…

From noise to clarity: Why CISOs are shifting to adversarial exposure validation

Partner content  A vast majority of security teams are overwhelmed by the large number of security alerts and vulnerabilities.…

Uncertainty is the new certainty

In an 11th-hour reprieve, the US government last night agreed to continue funding the globally used Common Vulnerabilities and Exposures (CVE) program.…

DPP Law is appealing against data watchdog's conclusions

A law firm is appealing against a £60,000 fine from the UK's data watchdog after 32 GB of personal information was stolen from its systems.…

Vintage phishing varietal has improved with age

Russia never stops using proven tactics, and its Cozy Bear, aka APT 29, cyber-spies are once again trying to lure European diplomats into downloading malware with a phony invitation to a lux event.…

It involves a number close to three or six depending on the pickle you're in

Ransomware operators jack up their ransom demands by a factor of 2.8x if they detect a victim has cyber-insurance, a study highlighted by the Netherlands government has confirmed.…

Because vulnerability management has nothing to do with national security, right?

Updated  US government funding for the world's CVE program – the centralized Common Vulnerabilities and Exposures database of product security flaws – ends Wednesday.…

800K? Make that double, and we'll need a double, too, for the pain

A Texas firm that provides backend IT and other services for American insurers has admitted twice as many people had their info stolen from it than previously disclosed.…

Source code, moderator info, IP addresses, more allegedly swiped and leaked

Thousands of 4chan users reported outages Monday night amid rumors on social media that the edgy anonymous imageboard had been ransacked by an intruder, with someone on a rival forum claiming to have leaked its source code, moderator identities, and users' IP addresses.…

Beijing claims NSA went for gold in offensive cyber, got caught in the act

China's state-run press has taken its turn in trying to highlight alleged foreign cyber offensives, accusing the US National Security Agency of targeting the 2025 Asian Winter Games.…

Login green-lit for lone staffer if he’s trained, papered up, won’t pull an Elez

A federal judge has partly lifted an injunction against Elon Musk's Trump-blessed cost-trimming DOGE unit, allowing one staff member to access sensitive US Treasury payment systems. This access includes personally identifiable financial information tied to millions of Americans.…

Let the espionage and access resale campaigns begin (again)

A cyberspy crew or individual with ties to China's Ministry of State Security has infected global organizations with a remote access trojan (RAT) that's "even better" than Cobalt Strike, using this stealthy backdoor to enable its espionage and access resale campaigns.…