News

Chained bugs in Nvidia's Triton Inference Server lead to full system compromise

The Register - Tue, 05/08/2025 - 15:28
Wiz Research details flaws in Python backend that expose AI models and enable remote code execution

Security researchers have lifted the lid on a chain of high-severity vulnerabilities that could lead to remote code execution (RCE) on Nvidia's Triton Inference Server.…

Categories: News

Hacker summer camp: What to expect from BSides, Black Hat, and DEF CON

The Register - Tue, 05/08/2025 - 11:45
These are the conference events to keep an eye on. You can even stream a few

The security industry is hitting Vegas hard this week with three conferences in Sin City that bring the world's largest collection of security pros together for the annual summer camp.…

Categories: News

Antivirus vendors fail to spot persistent, nasty, stealthy Linux backdoor

The Register - Tue, 05/08/2025 - 01:01
'Plague' malware has been around for months without tripping alarms

Researchers at German infosec services company Nextron Threat have spotted malware that creates a highly-persistent Linux backdoor and say antivirus engines do not flag the code as malicious.…

Categories: News

SonicWall investigates 'cyber incidents,' including ransomware targeting suspected 0-day

The Register - Mon, 04/08/2025 - 22:40
Bypassing MFA and deploying ransomware…sounds like something that rhymes with 'schmero-day'

SonicWall on Monday confirmed that it's investigating a rash of ransomware activity targeting its firewall devices, following multiple reports of a zero-day bug under active exploit in its VPNs.…

Categories: News

Python-powered malware snags hundreds of credit cards, 200K passwords, and 4M cookies

The Register - Mon, 04/08/2025 - 19:33
PXA Stealer pilfers data from nearly 40 browsers, including Chrome

More than 4,000 victims across 62 countries have been infected by stealthy infostealers pilfering people's passwords, credit card numbers, and browser cookies, which are then sold to other criminals on Telegram-based marketplaces.…

Categories: News

Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons

The Register - Mon, 04/08/2025 - 15:28
Devs told to exercise 'extreme caution' with emails disguised as account update prompts

Mozilla is warning of an ongoing phishing campaign targeting developers of Firefox add-ons.…

Categories: News

German phone repair biz collapses following 2023 ransomware attack

The Register - Mon, 04/08/2025 - 11:45
Founder miffed over prosecutors holding onto its Bitcoin

The founder of a German mobile phone repair and insurance biz has begun insolvency proceedings for some operations in his company after struggling financially following a costly ransomware attack in 2023.…

Categories: News

When hyperscalers can’t safeguard one nation’s data from another, dark clouds are ahead

The Register - Mon, 04/08/2025 - 11:00
If it’s not on-prem, it’s on the menu

Opinion  The details of cloud data regionalization are rarely the stuff of great drama. When they’ve reached the level of an exe admitting to the Senate that a foreign power can help itself to that nations data, no matter where it lives, things get interesting.…

Categories: News

Millions of age checks performed as UK Online Safey Act gets rolling

The Register - Mon, 04/08/2025 - 10:15
But it's OK, claims Brit government, no personal data stored 'unless absolutely necessary'

The UK government has reported that an additional five million age checks are being made daily as UK-based internet users seek to access age-restricted sites following the implementation of the Online Safety Act."…

Categories: News

China’s botched Great Firewall upgrade invites attacks on its censorship infrastructure

The Register - Mon, 04/08/2025 - 07:33
Attempts to censor QUIC traffic create chance to block access to offshore DNS resolvers

China’s attempts to censor traffic carried using Quick UDP Internet Connections (QUIC) are imperfect and have left the country at risk of attacks that degrade its censorship apparatus, or even cut access to offshore DNS resolvers.…

Categories: News

Lazarus Group rises again, this time with malware-laden fake FOSS

The Register - Mon, 04/08/2025 - 01:01
PLUS: Slow MFA rollout costs Canucks $5m; Lawmakers ponder Stingray ban; MSFT tightens Teams; And more!

Infosec In Brief  North Korea’s Lazarus Group has changed tactics and is now creating malware-laden open source software.…

Categories: News

Silent Push CEO on cybercrime takedowns: 'It's an ongoing cat-and-mouse game'

The Register - Sun, 03/08/2025 - 12:20
Plus: why takedowns aren't in threat-intel analysts' best interest

interview  It started out small: One US financial services company wanted to stop unknown crooks from spoofing their trading app, tricking customers into giving the digital thieves their login credentials and account information, thus allowing them to drain their accounts.…

Categories: News

CISA roasts unnamed critical national infrastructure body for shoddy security hygiene

The Register - Sat, 02/08/2025 - 09:24
Plaintext passwords, shared admin accounts, and insufficient logging rampant at mystery org

CISA is using the findings from a recent probe of an unidentified critical infrastructure organization to warn about the dangers of getting cybersecurity seriously wrong.…

Categories: News

OpenAI removes ChatGPT self-doxing option

The Register - Fri, 01/08/2025 - 21:35
Checkbox to make chatbot conversations appear in search engines deemed a footgun

OpenAI has removed the option to make ChatGPT interactions indexable by search engines to prevent users from unwittingly exposing sensitive information.…

Categories: News

Tested: Microsoft Recall can still capture credit cards and passwords, a treasure trove for crooks

The Register - Fri, 01/08/2025 - 20:14
Our tests have shown there are ways to get around the promised security improvements

exclusive  Microsoft Recall, the AI app that takes screenshots of what you do on your PC so you can search for it later, has a filter that's supposed to prevent it from screenshotting sensitive info like credit card numbers. But a The Register test shows that it still fails in many cases, creating a potential treasure trove for thieves.…

Categories: News

China says US spies exploited Microsoft Exchange zero-day to steal military info

The Register - Fri, 01/08/2025 - 19:45
Spy vs. spy

China has accused US intelligence agencies of exploiting a Microsoft Exchange zero-day exploit to steal defense-related data and take over more than 50 devices belonging to a "major Chinese military enterprise" for nearly a year.…

Categories: News

Florida prison email blunder exposes visitor contact info to inmates

The Register - Fri, 01/08/2025 - 14:00
Victims fear leak at Everglades Correctional Institution could lead to violent extortion

A data breach at a Florida prison has inmates' families concerned for their welfare after their contact details were allegedly leaked to convicted criminals.…

Categories: News

Cybercrooks attached Raspberry Pi to bank network and drained ATM cash

The Register - Fri, 01/08/2025 - 11:00
Criminals used undocumented techniques and well-placed insiders to remotely withdraw money

A ring of cybercriminals managed to physically implant a Raspberry Pi on a bank's network to steal cash from an Indonesian ATM.…

Categories: News

Top spy says LinkedIn profiles that list defence work 'recklessly invite attention of foreign intelligence services'

The Register - Fri, 01/08/2025 - 07:28
Workers on joint US/UK/Australia nuclear submarine program are painting a target on themselves

The Director-General of Security at the Australian Security Intelligence Organization (ASIO) has lamented the fact that many people list their work in the intelligence community or on sensitive military projects in their LinkedIn profiles.…

Categories: News

As ransomware gangs threaten physical harm, 'I am afraid of what's next,' ex-negotiator says

The Register - Thu, 31/07/2025 - 21:05
Crims warned 40% of respondents that they and their families would suffer

Ransomware gangs now frequently threaten physical violence against employees and their families as a way to force victim organizations into paying their demands.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News