News

Victims include hospitality, retail and education sectors

A group of financially motivated cyberscammers who specialize in Scattered-Spider-like fake IT support phone calls managed to trick employees at about 20 organizations into installing a modified version of Salesforce's Data Loader that allows the crims to steal sensitive data.…

Did somebody say ransomware? Not the newspaper group, not even to deny it

Regional newspaper publisher Lee Enterprises says data belonging to around 40,000 people was stolen during an attack on its network earlier this year.…

Government details latest initiative following announcement last week

Revealing more details about the Cyber and Electromagnetic (CyberEM) military domain, the UK's Ministry of Defence (MoD) says "there are pockets of excellence" but improvements must be made to ensure the country's capability meets the needs of national defense.…

Why? There's a war in Europe, Finland has a belligerent neighbor, and cyber is a settled field

Interview  Mikko Hyppönen has spent the last 34 years creating security software that defends against criminals and state-backed actors, but now he's moving onto drone warfare.…

CEO of India's KiranaPro, which brings convenience stores online, vows to name the perp

The CEO of Indian grocery ordering app KiranaPro has claimed an attacker deleted its GitHub and AWS resources in a targeted and deliberate attack and vowed to name the perpetrator.…

Zuckercorp and Yandex used localhost loophole to tie browser data to app users, say boffins

Security researchers say Meta and Yandex used native Android apps to listen on localhost ports, allowing them to link web browsing data to user identities and bypass typical privacy protections.…

Microsoft, CrowdStrike, and pals promise clarity on cybercrew naming, deliver alias salad instead

Opinion  Microsoft and CrowdStrike made a lot of noise on Monday about teaming up with other threat-intel outfits to "bring clarity to threat-actor naming."…

TAG team spotted the V8 bug first, so you can bet nation-states weren’t far behind

Google revealed Monday that it had quietly deployed a configuration change last week to block active exploitation of a Chrome zero-day.…

Musk's 'Bitcoin-style encryption' claim has experts scratching their heads

Elon Musk's X social media platform is rolling out a new version of its direct messaging feature that the platform owner said had a "whole new architecture," but as with many a Muskian proclamation, there's reason to doubt what's been said. …

Outdoorsy brand blames credential stuffing

Joining the long queue of retailers dealing with cyber mishaps is outdoorsy fashion brand The North Face, which says crooks broke into some customer accounts using login creds pinched from breaches elsewhere.…

Out-of-band is becoming the norm rather than the exception

Microsoft is patching another patch that dumped some PCs into recovery mode with an unhelpful error code.…

To stop the JINX-0132 gang behind these attacks, pay attention to HashiCorp, Docker, and Gitea security settings

Up to a quarter of all cloud users are at risk of having their computing resources stolen and used to illicitly mine for cryptocurrency, after crims cooked up a campaign that targets publicly accessible DevOps tools.…

Nothing terribly valuable taken in data heist, though privacy a little tarnished

Global jewelry giant Cartier is writing to customers to confirm their data was exposed to cybercriminals that broke into its systems.…

A real-world Trojan Horse attack

Ukraine claims it launched a cunning drone strike on Sunday against multiple Russian airbases, hitting over 40 military aircraft and inflicting an estimated $7 billion in damage, in an operation dubbed "Spiderweb."…

Disclosure at MainStreet Bancshares comes as American finance orgs beg for looser reporting requirements

Community bank MainStreet Bancshares says thieves stole data belonging to some of its customers during an attack on a third-party provider.…

PLUS: Ransomware gang using tech support scam; Czechia accuses China of infrastructure attack; And more!

Infosec In Brief  Despite last week’s FBI announcement that it helped to take down the crew behind the Lumma infostealer, the malware continues to operate.…

'It's a high-stakes intelligence war' he told El Reg

exclusive  A mystery whistleblower calling himself GangExposed has exposed key figures behind the Conti and Trickbot ransomware crews, publishing a trove of internal files and naming names.…

Pen tester on ScreenConnect bug: This one ‘terrifies’ me

ConnectWise has brought in the big guns to investigate a "sophisticated nation state actor" that broke into its IT environment and then breached some of its customers.…

28-year-old alleged to have made multiple drops to folks who turned out to be undercover FBI agents

A Defense Intelligence Agency (DIA) IT specialist is scheduled to appear in court today after being caught by the FBI trying to surreptitiously drop top secret information to a foreign government in a public park.…

Cash splashed on damages, infrastructure improvements, and fraud monitoring

A Seattle cancer facility has agreed to fork out around $52.5 million as part of a class action settlement linked to a Thanksgiving 2023 cyberattack where criminals directly threatened cancer patients with swat attacks.…