The Register - Anti-Virus

Syndikovat obsah
Biting the hand that feeds IT — Enterprise Technology News and Analysis
Aktualizace: 11 min zpět

If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish

11 hodin 38 min zpět
Roses aren't cheap, violets are dear, now all your access token are belong to Vladimir

Digital thieves – quite possibly Kremlin-linked baddies – have been emailing out bogus Microsoft Teams meeting invites to trick victims in key government and business sectors into handing over their authentication tokens, granting access to emails, cloud data, and other sensitive information.…

Kategorie: Viry a Červi

SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN

14 Únor, 2025 - 23:53
Roses are red, violets are blue, CVE-2024-53704 is sweet for a ransomware crew

Miscreants are actively abusing a high-severity authentication bypass bug in unpatched internet-facing SonicWall firewalls following the public release of proof-of-concept exploit code.…

Kategorie: Viry a Červi

Critical PostgreSQL bug tied to zero-day attack on US Treasury

14 Únor, 2025 - 15:19
High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further

A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US Treasury in December, researchers say.…

Kategorie: Viry a Červi

2 charged over alleged New IRA terrorism activity linked to cops' spilled data

14 Únor, 2025 - 13:12
Officer says mistakenly published police details were shared 'a considerable amount of times'

Two suspected New IRA members were arrested on Tuesday and charged under the Terrorism Act 2000 after they were found in possession of spreadsheets containing details of staff that the Police Service of Northern Ireland (PSNI) mistakenly published online.…

Kategorie: Viry a Červi

Watchdog ponders why Apple doesn't apply its strict app tracking rules to itself

14 Únor, 2025 - 10:28
Germany's Federal Cartel Office voices concerns iPhone maker may be breaking competition law

Apple is feeling the heat over its acclaimed iPhone privacy policy after a German regulator's review of iOS tracking consent alleged that the tech giant exempted itself from the rules it enforces on third-party developers.…

Kategorie: Viry a Červi

Chinese spies suspected of 'moonlighting' as tawdry ransomware crooks

14 Únor, 2025 - 03:19
Some employees steal sticky notes, others 'borrow' malicious code

A crew identified as a Chinese government-backed espionage group appears to have started moonlighting as a ransomware player – further evidence that lines are blurring between nation-state cyberspies and financially motivated cybercriminals.…

Kategorie: Viry a Červi

More victims of China's Salt Typhoon crew emerge: Telcos just now hit via Cisco bugs

13 Únor, 2025 - 19:34
Networks in US and beyond compromised by Beijing's super-snoops pulling off priv-esc attacks

China's Salt Typhoon spy crew exploited vulnerabilities in Cisco devices to compromise at least seven devices linked to global telecom providers and other orgs, in addition to its previous victim count.…

Kategorie: Viry a Červi

US lawmakers press Trump admin to oppose UK's order for Apple iCloud backdoor

13 Únor, 2025 - 17:58
Senator, Congressman tell DNI to threaten infosec agreements if Blighty won't back down

US lawmakers want newly confirmed Director of National Intelligence Tulsi Gabbard to back up her tough talk on backdoors. They're urging her to push back on the UK government's reported order for Apple to weaken iCloud security for government access.…

Kategorie: Viry a Červi

North Korea targets crypto developers via NPM supply chain attack

13 Únor, 2025 - 13:00
Yet another cash grab from Kim's cronies and an intel update from Microsoft

North Korea has changed tack: its latest campaign targets the NPM registry and owners of Exodus and Atomic cryptocurrency wallets.…

Kategorie: Viry a Červi

Mysterious Palo Alto firewall reboots? You're not alone

13 Únor, 2025 - 08:21
Limited-edition hotfix to get wider release before end of month

Administrators of Palo Alto Networks' firewalls have complained the equipment falls over unexpectedly, and while a fix has bee prepared, it's not yet generally available.…

Kategorie: Viry a Červi

Have I Been Pwned likely to ban resellers from buying subs, citing 'sh*tty behavior' and onerous support requests

13 Únor, 2025 - 05:59
'What are customers actually getting from resellers other than massive price markups?' asks Troy Hunt

Troy Hunt, proprietor of data breach lookup site Have I Been Pwned, is likely to ban resellers from the service.…

Kategorie: Viry a Červi

Feds want devs to stop coding 'unforgivable' buffer overflow vulnerabilities

13 Únor, 2025 - 02:29
FBI, CISA harrumph at Microsoft and VMware in call for coders to quit baking avoidable defects into stuff

US authorities have labelled buffer overflow vulnerabilities "unforgivable defects”, pointed to the presence of the holes in products from the likes of Microsoft and VMware, and urged all software developers to adopt secure-by-design practices to avoid creating more of them.…

Kategorie: Viry a Červi

Sophos sheds 6% of staff after swallowing Secureworks

13 Únor, 2025 - 01:34
De-dupes some roles, hints others aren't needed as the infosec scene shifts

Nine days after completing its $859 million acquisition of managed detection and response provider Secureworks, Sophos has laid off around six percent of its staff.…

Kategorie: Viry a Červi

Trump’s cyber chief pick has little experience in The Cyber

12 Únor, 2025 - 22:14
GOP lawyer Sean Cairncross will be learning on the fly, as we also say hi to new intelligence boss Tulsi Gabbard

President Trump has reportedly chosen a candidate for National Cyber Director — another top tech appointee with no professional experience in that role.…

Kategorie: Viry a Červi

Arizona laptop farmer pleads guilty for funneling $17M to Kim Jong Un

12 Únor, 2025 - 21:30
300+ US companies, 70+ individuals hit by the fraudsters

An Arizona woman who created a "laptop farm" in her home to help fake IT workers pose as US-based employees has pleaded guilty in a scheme that generated over $17 million for herself... and North Korea.…

Kategorie: Viry a Červi

Ransomware isn't always about the money: Government spies have objectives, too

12 Únor, 2025 - 20:30
Analysts tell El Reg why Russia's operators aren't that careful, and why North Korea wants money AND data

Feature  Ransomware gangsters and state-sponsored online spies fall on opposite ends of the cyber-crime spectrum.…

Kategorie: Viry a Červi

Russia's Sandworm caught snarfing credentials, data from American and Brit orgs

12 Únor, 2025 - 18:00
'Near-global' initial access campaign active since 2021

An initial-access subgroup of Russia's Sandworm last year wriggled its way into networks within the US, UK, Canada and Australia, stealing credentials and data from "a limited number of organizations," according to Microsoft.…

Kategorie: Viry a Červi

Crimelords and spies for rogue states are working together, says Google

12 Únor, 2025 - 14:29
Only lawmakers can stop them. Plus: software needs to be more secure, but what's in it for us?

Google says the the world's lawmakers must take action against the increasing links between criminal and state-sponsored cyber activity.…

Kategorie: Viry a Červi

February's Patch Tuesday sees Microsoft offer just 63 fixes

12 Únor, 2025 - 03:58
Don't relax just yet: Redmond has made some certificate-handling changes that could trip unprepared admins

Patch Tuesday  Microsoft’s February patch collection is mercifully smaller than January’s mega-dump. But don't get too relaxed – some deserve close attention, and other vendors have stepped in with plenty more fixes.…

Kategorie: Viry a Červi

Probe finds US Coast Guard has left maritime cybersecurity adrift

12 Únor, 2025 - 00:44
Numerous systemic vulnerabilities could scuttle $5.4T industry

Despite the escalating cyber threats targeting America's maritime transportation system, the US Coast Guard still lacks a comprehensive strategy to secure this critical infrastructure - nor does it have reliable access to data on cybersecurity vulnerabilities and past attacks, the Government Accountability Office (GAO) warns.…

Kategorie: Viry a Červi