The Register - Anti-Virus

Syndikovat obsah
Biting the hand that feeds IT — Enterprise Technology News and Analysis
Aktualizace: 4 min 30 sek zpět

Someone is slipping a hidden backdoor into Juniper routers across the globe, activated by a magic packet

25 Leden, 2025 - 12:12
Who could be so interested in chips, manufacturing, and more, in the US, UK, Europe, Russia...

Someone has been quietly backdooring selected Juniper routers around the world in key sectors including semiconductor, energy, and manufacturing, since at least mid-2023.…

Kategorie: Viry a Červi

UK telco TalkTalk confirms probe into alleged data grab underway

25 Leden, 2025 - 10:30
Spinner says crim's claims 'very significantly overstated'

UK broadband and TV provider TalkTalk says it's currently investigating claims made on cybercrime forums alleging data from the company was up for grabs.…

Kategorie: Viry a Červi

AI chatbot startup founder, lawyer wife accused of ripping off investors in $60M fraud

25 Leden, 2025 - 00:26
GameOn? It's looking more like game over for that biz

The co-founder and former CEO of AI startup GameOn is in a pickle. After exiting the top job last year under a cloud, he's now in court – along with his wife – for allegedly bilking his company and its investors out of more than $60 million.…

Kategorie: Viry a Červi

Don't want your Kubernetes Windows nodes hijacked? Patch this hole now

24 Leden, 2025 - 16:00
SYSTEM-level command injection via API parameter *chef's kiss*

A now-fixed command-injection bug in Kubernetes can be exploited by a remote attacker to gain code execution with SYSTEM privileges on all Windows endpoints in a cluster, and thus fully take over those systems, according to Akamai researcher Tomer Peled.…

Kategorie: Viry a Červi

North Korean dev who renamed himself 'Bane' accused of IT worker fraud caper

24 Leden, 2025 - 14:45
5 indicted as FBI warns North Korea dials up aggression, plus Russian devs allegedly get in on the act

The US is indicting yet another five suspects it believes were involved in North Korea's long-running, fraudulent remote IT worker scheme – including one who changed their last name to "Bane" and scored a gig at a tech biz in San Francisco.…

Kategorie: Viry a Červi

China and friends claim success in push to stamp out tech support cyber-scam slave camps

24 Leden, 2025 - 06:59
Paint a target on Myanmar, pledge more info-sharing to get the job done

A group established by six Asian nations to fight criminal cyber-scam slave camps that infest the region claims it’s made good progress dismantling the operations.…

Kategorie: Viry a Červi

Court rules FISA Section 702 surveillance of US resident was unconstitutional

24 Leden, 2025 - 05:31
'Public interest alone does not justify warrantless querying' says judge

It was revealed this week a court in New York made a landmark ruling that sided against the warrantless state surveillance of people's private communications in America.…

Kategorie: Viry a Červi

One of Salt Typhoon's favorite flaws still wide open on 91% of at-risk Exchange Servers

24 Leden, 2025 - 00:30
But we mean, you've had nearly four years to patch

One of the critical security flaws exploited by China's Salt Typhoon to breach US telecom and government networks has had a patch available for nearly four years - yet despite repeated warnings from law enforcement and private-sector security firms, nearly all public-facing Microsoft Exchange Server instances with this vulnerability remain unpatched.…

Kategorie: Viry a Červi

Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug in Meeting Management

23 Leden, 2025 - 22:00
No in-the-wild exploits … yet

Cisco has pushed a patch for a critical, 9.9-rated vulnerability in its Meeting Management tool that could allow a remote, authenticated attacker with low privileges to escalate to administrator on affected devices.…

Kategorie: Viry a Červi

SonicWall flags critical bug likely exploited as zero-day, rolls out hotfix

23 Leden, 2025 - 17:36
Big organizations and governments are main users of these gateways

SonicWall is warning customers of a critical vulnerability that was potentially already exploited as a zero-day.…

Kategorie: Viry a Červi

Meta's pay-or-consent model under fire from EU consumer group

23 Leden, 2025 - 16:30
Company 'strongly disagrees' with law infringement allegations

Meta has again come under fire for its pay-or-consent model in the EU.…

Kategorie: Viry a Červi

FortiGate config leaks: Victims' email addresses published online

23 Leden, 2025 - 15:45
Experts warn not to take SNAFU lightly as years-long compromises could remain undetected

Thousands of email addresses included in the Belsen Group's dump of FortiGate configs last week are now available online, revealing which organizations may have been impacted by the 2022 zero-day exploits.…

Kategorie: Viry a Červi

Who is DDoSing you? Rivals, probably, or cheesed-off users

23 Leden, 2025 - 11:19
Plus: 'Largest-ever' duff traffic tsunami clocks in at 5.6 Tbps

In addition to Chinese spies invading organizations' networks and ransomware crews locking up sensitive files, botnets blasting distributed denial of service (DDoS) attacks can still cause a world of hurt — and website downtime — and it's quite likely your competitors are to blame.…

Kategorie: Viry a Červi

Biz tax rises, inflation and high interest. Why fewer UK tech firms started in 2024

23 Leden, 2025 - 10:30
And the government thinks that AI and taking shackles off big tech will help? God help Britain

For the first time since the start of the pandemic, the number of tech firms incorporated in the UK has declined, with a shrinking economy, as well as high inflation and interest rates causing a slump in business confidence.…

Kategorie: Viry a Červi

Asus lets processor security fix slip out early, AMD confirms patch in progress

23 Leden, 2025 - 08:19
Answers on a postcard to what 'Microcode Signature Verification Vulnerability' might mean

AMD has confirmed at least some of its microprocessors suffer a microcode-related security vulnerability, the existence of which accidentally emerged this month after a fix for the flaw appeared in a beta BIOS update from PC maker Asus.…

Kategorie: Viry a Červi

Oracle emits 603 patches, names one it wants you to worry about soon

23 Leden, 2025 - 02:06
Old flaws that keep causing trouble haunt Big Red

Oracle has delivered its regular quarterly collection of patches: 603 in total, 318 for its own products, and another 285 for Linux code it ships.…

Kategorie: Viry a Červi

Trump 'waved a white flag to Chinese hackers' as Homeland Security axed cyber advisory boards

22 Leden, 2025 - 22:30
And: America 'has never been less secure,' retired rear admiral tells Congress

The Trump administration gutted key cybersecurity advisory boards in its first days, as expert witnesses warned Congress of potentially destructive cyberattacks by China.…

Kategorie: Viry a Červi

Supply chain attack hits Chrome extensions, could expose millions

22 Leden, 2025 - 20:45
Threat actor exploited phishing and OAuth abuse to inject malicious code

Cybersecurity outfit Sekoia is warning Chrome users of a supply chain attack targeting browser extension developers that has potentially impacted hundreds of thousands of individuals already.…

Kategorie: Viry a Červi

Give users confidence in your digital infrastructure

22 Leden, 2025 - 18:00
Why Digital Trust and crypto-agility are essential to authentication and data security

Sponsored Post  Research firm IDC estimates that over 53 percent of organizations are now mostly or completely digital native.…

Kategorie: Viry a Červi

Microsoft issues out-of-band fix for Windows Server 2022 NUMA glitch

22 Leden, 2025 - 17:17
Update addresses boot failures on multi-node systems

Microsoft is releasing an out-of-band patch to deal with a problem that prevented some Windows Server 2022 machines from booting.…

Kategorie: Viry a Červi