Casino cyberattacks put a bullseye on Scattered Spider – and the FBI is closing in

The Register - Thu, 23/05/2024 - 21:16
Mandiant CTO chats to The Reg about the looming fate of this ransomware crew

Interview  The cyberattacks against Las Vegas casinos over the summer put a big target on the backs of prime suspects Scattered Spider, according to Mandiant CTO Charles Carmakal.…

Categories: News

Google guru roasts useless phishing tests, calls for fire drill-style overhaul

The Register - Thu, 23/05/2024 - 20:01
Current approaches aren't working and demonize security teams

A Google security bigwig has had enough of federally mandated phishing tests, saying they make colleagues hate IT teams for no added benefit.…

Categories: News

Veeam says critical flaw can't be abused to trash backups

The Register - Thu, 23/05/2024 - 15:30
It's still a rough one, so patch up

Veeam says the recent critical vulnerability in its Backup Enterprise Manager (VBEM) can't be used by cybercriminals to delete an organization's backups.…

Categories: News

70% of CISOs worry their org is at risk of a material cyber attack

The Register - Thu, 23/05/2024 - 14:30
Wait, why do you want this job again?

Chief information security officers around the globe "are nervously looking over the horizon," according to a survey of 1,600 CISOs that found more than two thirds (70 percent) worry their organization is at risk of a material cyber attack over the next 12 months. …

Categories: News

UK data watchdog wants six figures from N Ireland cops after 2023 data leak

The Register - Thu, 23/05/2024 - 09:30
Massive discount applied to save cop shop’s helicopter budget

Following a data leak that brought "tangible fear of threat to life", the UK's data protection watchdog says it intends to fine the Police Service of Northern Ireland (PSNI) £750,000 ($955,798).…

Categories: News

How Apple Wi-Fi Positioning System can be abused to track people around the globe

The Register - Thu, 23/05/2024 - 07:34
SpaceX is smart on this, Cupertino and GL.iNet not so much

In-depth  Academics have suggested that Apple's Wi-Fi Positioning System (WPS) can be abused to create a global privacy nightmare.…

Categories: News

Would you buy Pegasus spyware from this scammer?

The Register - Thu, 23/05/2024 - 06:45
You shouldn't – Indian infosec researchers warn you'll get random junk instead

Indian infosec firm CloudSEK warned on Wednesday that scammers are selling counterfeit code advertised as the NSO Group's notorious Pegasus spyware.…

Categories: News

'China-aligned' spyware slingers operating since 2018 unmasked at last

The Register - Thu, 23/05/2024 - 04:47
Unfading Sea Haze adept at staying under the radar

Bitdefender says it has tracked down and exposed an online gang that has been operating since 2018 nearly without a trace – and likely working for Chinese interests.…

Categories: News

Lawmakers advance bill to tighten White House grip on AI model exports

The Register - Thu, 23/05/2024 - 01:16
Vague ML definitions subject to change – yeah, great

The House Foreign Affairs Committee voted Wednesday to advance a law bill expanding the White House's authority to police exports of AI systems – including models said to pose a national security threat to the United States.…

Categories: News

Go after UnitedHealth, not us, 100+ medical groups urge Uncle Sam

The Register - Wed, 22/05/2024 - 23:05
Why should we get its paperwork?

More than 100 medical industry groups have asked the Feds to make UnitedHealth Group, not them, go through the rigmarole of notifying everyone about the Change Healthcare ransomware infection.…

Categories: News

Canada's London Drugs confirms ransomware attack after LockBit demands $25M

The Register - Wed, 22/05/2024 - 21:00
Pharmacy says it's 'unwilling and unable to pay ransom'

Canadian pharmacy chain London Drugs has confirmed that ransomware thugs stole some of its corporate files containing employee information and says it is "unwilling and unable to pay ransom to these cybercriminals."…

Categories: News

NYSE parent gets $10M wrist tap for failing to report 2021 systems break-in

The Register - Wed, 22/05/2024 - 20:30
Intercontinental Exchange's Q1 revenue exceeded $1B – that'll sure teach 'em

The New York Stock Exchange's parent company has just been hit with a $10 million fine for failing to properly inform the Securities and Exchange Commission (SEC) of a 2021 cyber intrusion. …

Categories: News

Laundering cash from healthcare, romance scams lands US man in prison for a decade

The Register - Wed, 22/05/2024 - 19:00
$4.5M slushed through accounts from state healthcare and lonely people

Georgia resident Malachi Mullings received a decade-long sentence for laundering money scored in scams against healthcare providers, private companies, and individuals to the tune of $4.5 million.…

Categories: News

Confused by the SEC's breach reporting rules? Read this

The Register - Wed, 22/05/2024 - 17:30
'Clarification' weighs in on material vs voluntary disclosures

The US Securities and Exchange Commission (SEC) wants to clarify guidelines for public companies regarding the disclosure of ransomware and other cybersecurity incidents.…

Categories: News

Stopping ransomware in multicloud environments

The Register - Wed, 22/05/2024 - 16:03
Attend this Register live event to learn how

Sponsored Survey and Live Event  What are the biggest risks to your organization posed by ransomware and what security defenses does it have in place to protect its sensitive data from cyber criminals?…

Categories: News

LockBit dethroned as leading ransomware gang for first time post-takedown

The Register - Wed, 22/05/2024 - 12:00
Rivals ready to swoop in but drop in overall attacks illustrates LockBit’s influence

The takedown of LockBit in February is starting to bear fruit for rival gangs with Play overtaking it after an eight-month period of LockBit topping the attack charts.…

Categories: News

GitHub Enterprise Server patches 10-outta-10 critical hole

The Register - Wed, 22/05/2024 - 08:31
On the bright side, someone made up to $30,000+ for finding it

GitHub has patched its Enterprise Server software to fix a security flaw that scored a 10 out of 10 CVSS severity score.…

Categories: News

Uncle Sam to inject $50M into auto-patcher for hospital IT

The Register - Wed, 22/05/2024 - 01:46
Boffins, why not simply invent an algorithm that autonomously fixes flaws, thereby ending ransomware forever

The US government's Advanced Research Projects Agency for Health (ARPA-H) has pledged more than $50 million to fund the development of technology that aims to automate the process of securing hospital IT environments.…

Categories: News

Zoom adds 'post-quantum' encryption for video nattering

The Register - Tue, 21/05/2024 - 20:45
Guess we all have imaginary monsters to fear

Zoom has rolled out what it claims is post-quantum end-to-end encryption (E2EE) for video conferencing, saying it will make it available for Phone and Rooms "soon."…

Categories: News

Critical Fluent Bit bug affects all major cloud providers, say researchers

The Register - Tue, 21/05/2024 - 18:45
Crashes galore, plus especially crafty crims could use it for much worse

Infosec researchers are alerting the industry to a critical vulnerability in Fluent Bit – a logging component used by a swathe of blue chip companies and all three major cloud providers.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News