You had a year to patch this Veeam flaw and now it's going to hurt

The Register - Thu, 11/07/2024 - 08:28
LockBit variant targets backup software - which you may remember is supposed to help you recover from ransomware

Yet another new ransomware gang, this one dubbed EstateRansomware, is exploiting a Veeam vulnerability that was patched more than a year ago to drop file-encrypting malware, a LockBit variant, and extort payments from victims.…

Categories: News

Japanese space agency spotted zero-day attacks while cleaning up attack on M365

The Register - Thu, 11/07/2024 - 06:31
Multiple malware attack saw personal data acessed, but rocket science remained safe

The Japanese Space Exploration Agency (JAXA) discovered it was under attack using zero-day exploits while working with Microsoft to probe a 2023 cyberattack on its systems.…

Categories: News

Snowflake lets admins make MFA mandatory across all user accounts

The Register - Wed, 10/07/2024 - 17:45
Company announces intent following Ticketmaster, Santander break-ins

A month after incident response giant Mandiant suggested the litany of data thefts linked to Snowflake account intrusions had the common component of lacking multi-factor authentication (MFA) controls, the cloud storage and data analytics company is offering a mandatory MFA option to admins.…

Categories: News

Malware that is 'not ransomware' wormed its way through Fujitsu Japan's systems

The Register - Wed, 10/07/2024 - 14:47
Company says data exfiltration was extremely difficult to detect

Fujitsu Japan says an unspecified "advanced" malware strain was to blame for a March data theft, insisting the strain was "not ransomware", yet it hasn't revealed how many individuals are affected.…

Categories: News

Ransomware crews investing in custom data stealing malware

The Register - Wed, 10/07/2024 - 11:00
BlackByte, LockBit among the criminals using bespoke tools

As ransomware crews increasingly shift beyond just encrypting victims' files and demanding a payment to unlock them, instead swiping sensitive info straight away, some of the more mature crime organizations are developing custom malware for their data theft.…

Categories: News

Big Tech's eventual response to my LLM-crasher bug report was dire

The Register - Wed, 10/07/2024 - 08:25
Fixes have been made, it appears, but disclosure or discussion is invisible

Column  Found a bug? It turns out that reporting it with a story in The Register works remarkably well ... mostly. After publication of my "Kryptonite" article about a prompt that crashes many AI chatbots, I began to get a steady stream of emails from readers – many times the total of all reader emails I'd received in the previous decade.…

Categories: News

ViperSoftX variant spotted abusing .NET runtime to disguise data theft

The Register - Wed, 10/07/2024 - 07:26
Freeware AutoIt also used to hide entire PowerShell environments in scripts

A rapidly-changing infostealer malware known as ViperSoftX has evolved to become more dangerous, according to security researchers at threat detection vendor Trellix.…

Categories: News

RADIUS networking protocol blasted into submission through MD5-based flaw

The Register - Wed, 10/07/2024 - 04:15
If someone can do a little MITM'ing and hash cracking, they can log in with no valid password needed

Cybersecurity experts at universities and Big Tech have disclosed a vulnerability in a common client-server networking protocol that allows snoops to potentially bypass user authentication via man-in-the-middle (MITM) attacks.…

Categories: News

Critical Windows licensing bugs – plus two others under attack – top Patch Tuesday

The Register - Wed, 10/07/2024 - 01:59
Citrix, SAP also deserve your attention – because miscreants are already thinking about Exploit Wednesday

Patch Tuesday  Clear your Microsoft system administrator's diary: The bundle of fixes in Redmond's July Patch Tuesday is a doozy, with at least two bugs under active exploitation.…

Categories: News

FBI, cyber-cops zap ~1K Russian AI disinfo Twitter bots

The Register - Wed, 10/07/2024 - 00:35
RT News snarks back after it's accused of building social nyet-work for Kremlin

The FBI and cybersecurity agencies in Canada and the Netherlands say they have taken down an almost 1,000-strong Twitter bot farm set up by Russian state-run RT News that used generative AI to spread disinformation to Americans and others.…

Categories: News

Elexon's Insight into UK electricity felled by expired certificate

The Register - Tue, 09/07/2024 - 15:01
Understanding the power needs of the UK begins with knowing when renewals are due

Certificate Watch  Demonstrating that Microsoft is not alone in its inability to keep track of certificates is UK power market biz Elexon.…

Categories: News

Evolve Bank & Trust confirms LockBit stole 7.6 million people's data

The Register - Tue, 09/07/2024 - 14:52
Making cyberattack among the largest ever recorded in finance industry

Evolve Bank & Trust says the data of more than 7.6 million customers was stolen during the LockBit break-in in late May, per a fresh filing with Maine's attorney general.…

Categories: News

Houthi rebels are operating their own GuardZoo spyware

The Register - Tue, 09/07/2024 - 11:56
Fairly 'low budget', unsophisticated malware, say researchers, but it can collect the same data as Pegasus

Interview  When it comes to surveillance malware, sophisticated spyware with complex capabilities tends to hog the limelight – for example NSO Group's Pegasus, which is sold to established governments. But it's actually less polished kit that you've never heard of, like GuardZoo – developed and used by Houthi rebels in Yemen – that dominates the space.…

Categories: News

Microsoft China staff can't log on with an Android, so Redmond buys them iThings

The Register - Tue, 09/07/2024 - 07:32
Google's absence creates software distribution issues not even mighty Microsoft can handle

Microsoft China will provide staff with Apple devices so they can log on to the software giant's systems.…

Categories: News

Scammers double-scam victims by offering to help recover from scams

The Register - Tue, 09/07/2024 - 06:58
Scum keep databases of the people they've already skimmed

Australia's Competition and Consumer Commission has warned that scammers are targeting scam victims with fake offers to help them recover from scams.…

Categories: News

China's APT40 gang is ready to attack vulns within hours or days of public release.

The Register - Tue, 09/07/2024 - 03:33
Lax patching and vulnerable small biz kit make life easy for Beijing's secret-stealers

Law enforcement agencies from eight nations, led by Australia, have issued an advisory that details the tradecraft used by China-aligned threat actor APT40 – aka Kryptonite Panda, GINGHAM TYPHOON, Leviathan and Bronze Mohawk – and found it prioritizes developing exploits for newly found vulnerabilities and can target them within hours.…

Categories: News

Microsoft forgets about SwiftKey's support site

The Register - Mon, 08/07/2024 - 15:12
Injecting Copilot branding will not make TLS certificates auto-renew

Another Microsoft certificate has expired, leaving SwiftKey users that are seeking support faced with an alarming certificate error.…

Categories: News

Avast secretly gave DoNex ransomware decryptors to victims before crims vanished

The Register - Mon, 08/07/2024 - 13:44
Good riddance to another pesky tribe of miscreants

Updated  Researchers at Avast have provided decryptors to DoNex ransomware victims on the down-low since March after discovering a flaw in the crims' cryptography, the company confirmed today.…

Categories: News

Navigating Europe’s digital identity crossroads

The Register - Mon, 08/07/2024 - 09:54
How to get ready for the future of digital identity in the European Union from eIDAS 1.0 to eIDAS 2.0 and beyond

Partner Content  : Opening a bank account, making or receiving a payment, instructing an accountant or booking a doctor's appointment. These everyday tasks depend on identity, either proving who you are or verifying who you're dealing with.…

Categories: News

Selfie-based authentication raises eyebrows among infosec experts

The Register - Mon, 08/07/2024 - 06:30
Vietnam now requires it for some purchases. It may be a fraud risk in Singapore. Or ML could be making it safe

The use of selfies to verify identity online is an emerging trend in some parts of the world since the pandemic forced more business to go digital. Some banks – and even governments – have begun requiring live images over Zoom or similar in order to participate in the modern economy. The question must be asked, though: is it cyber smart?…

Categories: News


Subscribe to Sec Tec Limited aggregator - News