News

Microsoft enjoys first Patch Tuesday of 2025 with no active exploits

The Register - 7 hours 33 min ago
Sure, 130 fixes were sent out, but bask in the security goodness

For the first time this year, Microsoft has released a Patch Tuesday bundle with no exploited security problems, although one has been made public already, and there are ten critical flaws to fix.…

Categories: News

Massive browser hijacking campaign infects 2.3M Chrome, Edge users

The Register - Tue, 08/07/2025 - 20:07
These extensions weren't malware-laced from the start, researcher says

A Chrome and Edge extension with more than 100,000 downloads that displays Google's verified badge does what it purports to do: It delivers a color picker to users. Unfortunately, it also hijacks every browser session, tracks activities across websites, and backdoors victims' web browsers, according to Koi Security researchers.…

Categories: News

The cloud-native imperative for effective cyber resilience

The Register - Tue, 08/07/2025 - 16:00
Modern threats demand modern defenses. Cloud-native is the new baseline

Partner content  Every organization is investing in cyberresilience tools, training, and processes. Unfortunately, only some of them will be able to successfully respond and recover from an attack. Regardless of how hard they work, many IT and security teams are constrained by legacy technology architectures that were built for the challenges of 2015, not 2025.…

Categories: News

SUSE launching region-locked support for the sovereignty-conscious

The Register - Tue, 08/07/2025 - 14:27
Move targets European orgs wary of cross-border data exposure

Linux veteran SUSE has unveiled a new support package aimed at customers concerned about data sovereignty.…

Categories: News

Suspected Chinese cybersnoop grounded in Italy after US tipoff

The Register - Tue, 08/07/2025 - 12:47
Zewei Xu's family reportedly bemused at arrest as extradition tabled

A man who US authorities allege is a member of Chinese state-sponsored cyberespionage outfit Silk Typhoon was arrested in Milan last week following a tipoff from the US embassy.…

Categories: News

Is your password ecosystem ready for the regulators?

The Register - Tue, 08/07/2025 - 09:00
The clipboard warriors are coming. Time to check on your password management

Sponsored feature  It's 2025, and credential theft is a thing of the past.…

Categories: News

Suspected Scattered Spider domains target everyone from manufacturers to Chipotle

The Register - Tue, 08/07/2025 - 07:28
Plus: Qantas makes contact with 'potential cyber criminal'

While the aviation industry has borne the brunt of Scattered Spider's latest round of social engineering attacks, the criminals aim to catch manufacturing and medical tech companies — and even Chipotle Mexican Grill — in tjeor web, as evidenced by hundreds of domains that security researchers say look a lot like phishing websites used by the criminal crews.…

Categories: News

CitrixBleed 2 exploits are on the loose as security researchers yell and wave their hands

The Register - Mon, 07/07/2025 - 21:31
NetScaler vendor issued a patch but otherwise, stony silence

Multiple exploits are circulating for CVE-2025-5777, a critical bug in Citrix NetScaler ADC and NetScaler Gateway dubbed CitrixBleed 2, and security analysts are warning a "significant portion" of users still haven't patched.…

Categories: News

Phishing platforms, infostealers blamed as identity attacks soar

The Register - Mon, 07/07/2025 - 13:00
Get your creds in order or risk BEC, ransomware attacks, orgs warned

A rise in advanced phishing kits and info-stealing malware are to blame for a 156 percent jump in cyberattacks targeting user logins, say researchers.…

Categories: News

Stalkerware firm gets scooped by SQL-slinging security snoop

The Register - Sun, 06/07/2025 - 21:10
Also, Swiss ransomware posture looks like its cheese, the CVE Program wants YOU, more sus checks and more

Infosec In Brief  A security researcher looking at samples of stalkerware discovered an SQL vulnerability that allowed him to steal a database of 62,000 user accounts. …

Categories: News

Ingram Micro confirms ransomware behind multi-day outage

The Register - Sun, 06/07/2025 - 14:09
SafePay crew claims responsibility for intrusion at one of world's largest tech distributors

Ingram Micro, one of the world’s largest distributors, has confirmed it is trying to restore systems following a ransomware attack.…

Categories: News

Massive spike in use of .es domains for phishing abuse

The Register - Sat, 05/07/2025 - 13:43
¡Cuidado! Time to double-check before entering your Microsoft creds

Cybersecurity experts are reporting a 19x increase in malicious campaigns being launched from .es domains, making it the third most common, behind only .com and .ru.…

Categories: News

Microsoft Windows Firewall complains about Microsoft code

The Register - Thu, 03/07/2025 - 17:00
Just ignore the warnings. Nothing to see here. Move along

A mysterious piece of "under development" code is playing havoc with the Windows Firewall after the latest preview update for Windows 11 24H2.…

Categories: News

Young Consulting finds even more folks affected in breach mess – now over 1 million

The Register - Thu, 03/07/2025 - 15:31
The insurance SaaS slinger may trade under a different name, but past continues to haunt it

Young Consulting's cybersecurity woes continue after the number of affected individuals from last year's suspected ransomware raid passed the 1 million mark.…

Categories: News

Meta calls €200M EU fine over pay-or-consent ad model 'unlawful'

The Register - Thu, 03/07/2025 - 13:42
'Deserves fair compensation for the valuable and innovative services'? Which ones are those then?

Meta has come out swinging following the European Commission's decision that its pay-or-consent model falls foul of the Digital Markets Act (DMA).…

Categories: News

Ransomware crew Hunters International shuts down, hands out keys to victims

The Register - Thu, 03/07/2025 - 12:23
Don't let their kind words sway you – leaders are still up to no good

Ransomware gang Hunters International has shut up shop and offered decryption keys to all victims as a parting favor.…

Categories: News

Let's Encrypt rolls out free security certs for IP addresses

The Register - Thu, 03/07/2025 - 08:34
You probably don't need one, but it's nice to have the option

Let's Encrypt, a certificate authority (CA) known for its free TLS/SSL certificates, has begun issuing digital certificates for IP addresses.…

Categories: News

ChatGPT creates phisher’s paradise by recommending the wrong URLs for major companies

The Register - Thu, 03/07/2025 - 07:30
Crims have cottoned on to a new way to lead you astray

AI-powered chatbots often deliver incorrect information when asked to name the address for major companies’ websites, and threat intelligence business Netcraft thinks that creates an opportunity for criminals.…

Categories: News

Cisco scores a perfect 10 - sadly for a critical flaw in its comms platform

The Register - Wed, 02/07/2025 - 23:33
The second max score this week for Netzilla - not a good look

If you're running the Engineering-Special (ES) builds of Cisco Unified Communications Manager or its Session Management Edition, you need to apply Cisco's urgent patch after someone at Switchzilla made a big mistake.…

Categories: News

CISA warns the Signal clone used by natsec staffers is being attacked, so patch now

The Register - Wed, 02/07/2025 - 21:47
Two flaws in TeleMessage are 'frequent attack vectors for malicious cyber actors'

The US security watchdog CISA has warned that malicious actors are actively exploiting two flaws in the Signal clone TeleMessage TM SGNL, and has directed federal agencies to patch the flaws or discontinue use of the app by July 22.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News