News

Various data points compromised but no risk to flight security

The International Civil Aviation Organization (ICAO), the United Nations' aviation agency, has confirmed to The Register that a cyber crim did indeed steal 42,000 records from its recruitment database.…

Here's what $20 gets you these days

More than 4,000 unique backdoors are using expired domains and/or abandoned infrastructure, and many of these expose government and academia-owned hosts – thus setting these hosts up for hijacking by criminals who likely have less altruistic intentions than the security researchers who uncovered the backdoors.…

Security and cloud compute have so much more upside than the boring business of shifting bits

Akamai has decided to end its content delivery network services in China, but not because it’s finding it hard to do business in the Middle Kingdom.…

Telcos would effectively fund grants paid to protect national security

The outgoing boss of the FCC, Jessica Rosenworcel, has called on her colleagues to "quickly" adopt rules allowing the US regulator to stage a radio spectrum auction, the proceeds of which would fund the removal from American networks of equipment made by Chinese vendors Huawei and ZTE.…

Crime forum-dweller claims to have leaked 42,000 documents packed with personal info

The United Nations' aviation agency is investigating "a potential information security incident" after a cybercriminal claimed they had laid hands on 42,000 of the branch's documents.…

Marc Rogers is 'lucky to be alive'

Marc Rogers, DEF CON's head of security, faces tens of thousands of dollars in medical bills following an accident that left him with a broken neck and temporary quadriplegia.…

This could be the start of a saga to rival TikTok’s troubles, and embroil Tesla and Microsoft

The US Department of Defense has added Chinese messaging and gaming Tencent to its list of “Chinese military company”, a designation that won’t necessarily result in a ban but is nonetheless unpleasant.…

Slow drip of compromised telecom networks continues

The list of telecommunications victims in the Salt Typhoon cyberattack continues to grow as a new report names Charter Communications, Consolidated Communications, and Windstream among those breached by Chinese government snoops.…

Once installed, it helps itself to your data like it's a free buffet

Android malware dubbed FireScam tricks people into thinking they are downloading a Telegram Premium application that stealthily monitors victims' notifications, text messages, and app activity, while stealing sensitive information via Firebase services.…

Manufacturers should have had ample time to apply the fixes

MediaTek kicked off the first full working week of the new year by disclosing a bevy of security vulnerabilities, including a critical remote code execution bug affecting 51 chipsets.…

If 40 years of faulty building gets blown down, don’t rebuild with the rubble

Opinion  When a typhoon devastates a land, it takes a while to understand the scale of the destruction. Disaster relief kicks in, communications rebuilt, and news flows out. Salt Typhoon is no different.…

More evidence of Beijing’s liking for gray zone warfare, or a murky claim with odd African entanglements?

Taiwanese authorities have asserted that a China-linked ship entered its waters and damaged a submarine cable.…

PLUS: DoJ bans data sale to enemy nations; Do Kwon extradited to US; Tenable CEO passes away; and more

Infosec in Brief  Welcome to 2025: hopefully you enjoyed a pleasant holiday season and returned to the security operations center without incident - unlike Volkswagen, which last week admitted it exposed data describing journeys made by some of its electric vehicles, plus info about the vehicle’s owners.…

When the FBI urges E2EE, you know it's serious business

interview  In the wake of the Salt Typhoon hacks, which lawmakers and privacy advocates alike have called the worst telecoms breach in America's history, the US government agencies have reversed course on encryption.…