The Register - Anti-Virus

Why an eXtended Software Bill of Materials could be the next step up in cybersecurity

Webinar  A Software Bill of Materials (SBOM) has become a non-negotiable requirement to meet regulatory and buyer requirements. But does this provide enough protection if it can give only a partial view into interconnected and ever-changing application attack surfaces?…

Any govt staffers who used relocation services over past 24 years could be at risk

The government of Canada has confirmed its data was accessed after two of its third-party service providers were attacked.…

Continuous training can help improve EMEA organisations’ ability to fend off the cyber criminals in 2024

Sponsored Post  You can never afford to drop your guard when it comes to cyber security – hackers never do.  Any weakness in your organisation's defence is certain to be tested at some point.…

Real-life impact of buggy software laid bare – plus: Avast tries to profit from being caught up in attacks

Quick show of hands: whose data hasn't been stolen in the mass exploitation of Progress Software's vulnerable MOVEit file transfer application? Anyone?…

Admits to taking phones used for 'code blue' emergencies offline and more

An Atlanta tech company's former COO has pleaded guilty to a 2018 incident in which he deliberately launched online attacks on two hospitals, later citing the incidents in sales pitches.…

Crims post passport scans and internal forms up for 'auction' to prove it

The Rhysida ransomware group says it's behind the highly disruptive October cyberattack on the British Library, leaking a snippet of stolen data in the process.…

ALSO: FCC cracks down on SIM-swap scams, old ZeroLogon targeted by new ransomware, and critical vulnerabilities

Infosec in brief  It's that time of year again – NordPass has released its annual list of the most common passwords. And while it seems some of you took last year's chiding to heart, most of you arguably swapped bad for worse.…

Cybercrime group worried over dwindling payments ... didn't they tell them to Always Be Closing?

In response to growing frustrations inside the LockBit organization, its leaders have overhauled the way they negotiate with ransomware victims going forward.…

CEO Bob VanKirk makes near-20-year partnership official, teases big things coming to EMEA

Channel-focused cybersecurity company SonicWall is buying Virginia-based MSSP Solutions Granted – its first acquisition in well over a decade.…

Chaebol already the subject of suits for a pair of past indiscretions

Updated  The UK division of Samsung Electronics has allegedly alerted customers of a year-long data security breach – the third such incident the South Korean giant has experienced around the world in the past two years.…

Absence of arrests doesn't mean nothing's happening, cyber-cops insist

The FBI is applying "significant" resources to find members of the infamous Scattered Spider cyber-crime crew, which seemingly attacked a couple of high-profile casinos a few months ago and remains active, according to a senior bureau official.…

And that's not counting the incoming lawsuits. Thank goodness for insurance, eh?

Rackspace's costs from last year's ransomware infection continue to mount. The cloud hosting biz has told America's financial watchdog, the SEC, its total expenses to date regarding that cyberattack have now reached about $11 million, though insurance has helped cover half of that.…

Wild idea: Maybe Microsoft could introduce a Quality Copilot to stop pushing broken patches

Something likely to be absent from Microsoft's Ignite event is talk of a fix rolled out to deal with malfunctioning Windows Server 2022 Virtual Machines following a problematic update from the company.…

Ads for Slack and Cisco AnyConnect actually downloaded Nitrogen malware

Updated  Affiliates of the ALPHV/BlackCat ransomware-as-a-service operation are turning to malvertising campaigns to establish an initial foothold in their victims' systems.…

First time hard figure given on recovery costs for January incident

Royal Mail's parent International Distributions Services has revealed for the first time the infrastructure costs associated with its January ransomware attack.…

Linked to org that UK authorities found once failed its anti-money-laundering obligations

Swedish digital rights organization Qurium has discovered around 250 cloned websites and suggested they exist to drive people to China-linked gambling sites.…

Plus: Ransomware crooks file SEC complaint against victim

The Clorox Company's chief security officer has left her job in the wake of a corporate network breach that cost the manufacturer hundreds of millions of dollars.…

Exploits come with caveats, but Google says no fixes as user security should do the heavy lifting here

Novel weaknesses in Google Workspace have been exposed by researchers, with exploits potentially leading to ransomware attacks, data exfiltration, and password decryption.…

War of words escalates as deadline draws near

FBI director Christopher Wray made yet another impassioned plea to US lawmakers to kill a proposed warrant requirement for so-called "US person queries" of data collected via the Feds' favorite snooping tool, FISA Section 702.…

No matter what stage your security career is at, SANS has resources that will add to your knowledge

Sponsored Post  Fighting cybercrime demands constant vigilance and can be a huge drain on time and resources. So it's good to know that not every weapon in the armory of the cybersecurity professional has to cost the earth. In fact, there's quite a bit of free stuff out there if you know where to look for it.…