News

Europe coughs up €400 to punter after breaking its own GDPR data protection rules

The Register - Mon, 13/01/2025 - 05:27
PLUS: Data broker leak reveals extent of info trading; Hot new ransomware gang might be all AI, no bark; and more

Infosec in brief  Gravy Analytics, a vendor of location intelligence info for marketers which reached a settlement with US authorities last year over its alleged unlawful sale of location, has reportedly been hacked – potentially exposing millions of smartphone users.…

Categories: News

Chinese cyber-spies peek over shoulder of officials probing real-estate deals near American military bases

The Register - Fri, 10/01/2025 - 21:45
Gee, wonder why Beijing is so keen on the – checks notes – Committee on Foreign Investment in the US

Chinese cyber-spies who broke into the US Treasury Department also stole documents from officials investigating real-estate sales near American military bases, it's reported.…

Categories: News

Drug addiction treatment service admits attackers stole sensitive patient data

The Register - Fri, 10/01/2025 - 15:37
Details of afflictions and care plastered online

BayMark Health Services, one of the biggest drug addiction treatment facilities in the US, says it is notifying some patients this week that their sensitive personal information was stolen.…

Categories: News

Devs sent into security panic by 'feature that was helpful … until it wasn't'

The Register - Fri, 10/01/2025 - 08:30
Screenshot showed it wasn't a possible attack – unless you qualify everything Google does as a threat

On Call  Velkomin, Vælkomin, Hoş geldin, and welcome to Friday, and therefore to another edition of On Call – The Register's end-of-week celebration of the tech support tasks you managed to tackle without too much trauma.…

Categories: News

Look for the label: White House rolls out 'Cyber Trust Mark' for smart devices

The Register - Thu, 09/01/2025 - 21:45
Beware the IoT that doesn’t get a security tag

The White House this week introduced a voluntary cybersecurity labeling program for technology products so that consumers can have some assurance their smart devices aren't spying on them.…

Categories: News

Zero-day exploits plague Ivanti Connect Secure appliances for second year running

The Register - Thu, 09/01/2025 - 14:45
Factory resets and apply patches is the advice amid fortnight delay for other appliances

The cybersecurity industry is urging those in charge of defending their orgs to take mitigation efforts "seriously" as Ivanti battles two dangerous new vulnerabilities, one of which was already being exploited as a zero-day.…

Categories: News

Security pros baited with fake Windows LDAP exploit traps

The Register - Thu, 09/01/2025 - 13:16
Tricky attackers trying yet again to deceive the good guys on home territory

Security researchers are once again being lured into traps by attackers, this time with fake exploits of serious Microsoft security flaws.…

Categories: News

Japanese Police claim China ran five-year cyberattack campaign targeting local orgs

The Register - Thu, 09/01/2025 - 03:56
‘MirrorFace’ group found ways to run malware in the Windows sandbox, which is worrying

Japan’s National Police Agency and Center of Incident Readiness and Strategy for Cybersecurity have confirmed third party reports of attacks on local orgs by publishing details of a years-long series of attacks attributed to a China-backed source.…

Categories: News

Database tables of student, teacher info stolen from PowerSchool in cyberattack

The Register - Thu, 09/01/2025 - 00:44
Class act: Biz only serves 60M people across America, no biggie

A leading education software maker has admitted its IT environment was compromised in a cyberattack, with students and teachers' personal data – including some Social Security Numbers and medical info – stolen.…

Categories: News

I tried hard, but didn't fix all of cybersecurity, admits outgoing US National Cyber Director

The Register - Wed, 08/01/2025 - 23:56
In colossal surprise, ONCD boss Harry Coker says more work is needed

The outgoing leader of the United States' Office of the National Cyber Director has a clear message for whomever President-elect Trump picks to be his successor: There's a lot of work still to do.…

Categories: News

Mitel 0-day, 5-year-old Oracle RCE bug under active exploit

The Register - Wed, 08/01/2025 - 20:30
3 CVEs added to CISA's catalog

Cybercriminals are actively exploiting two vulnerabilities in Mitel MiCollab, including a zero-day flaw – and a critical remote code execution vulnerability in Oracle WebLogic Server that has been abused for at least five years.…

Categories: News

DNA sequencers found running ancient BIOS, posing risk to clinical research

The Register - Wed, 08/01/2025 - 15:30
Devices on six-year-old firmware vulnerable to takeover and destruction

Argentine cybersecurity shop Eclypsium claims security issues affecting leading DNA sequencing devices could lead to disruptions in crucial clinical research.…

Categories: News

UN's aviation agency confirms attack on recruitment database

The Register - Wed, 08/01/2025 - 14:00
Various data points compromised but no risk to flight security

The International Civil Aviation Organization (ICAO), the United Nations' aviation agency, has confirmed to The Register that a cyber crim did indeed steal 42,000 records from its recruitment database.…

Categories: News

Crims backdoored the backdoors they supplied to other miscreants. Then the domains lapsed

The Register - Wed, 08/01/2025 - 11:00
Here's what $20 gets you these days

More than 4,000 unique backdoors are using expired domains and/or abandoned infrastructure, and many of these expose government and academia-owned hosts – thus setting these hosts up for hijacking by criminals who likely have less altruistic intentions than the security researchers who uncovered the backdoors.…

Categories: News

Akamai to quit its CDN in China, seemingly not due to trouble from Beijing

The Register - Wed, 08/01/2025 - 06:31
Security and cloud compute have so much more upside than the boring business of shifting bits

Akamai has decided to end its content delivery network services in China, but not because it’s finding it hard to do business in the Middle Kingdom.…

Categories: News

FCC boss urges speedy spectrum auction to fund 'Rip'n'Replace' of Chinese kit

The Register - Wed, 08/01/2025 - 00:12
Telcos would effectively fund grants paid to protect national security

The outgoing boss of the FCC, Jessica Rosenworcel, has called on her colleagues to "quickly" adopt rules allowing the US regulator to stage a radio spectrum auction, the proceeds of which would fund the removal from American networks of equipment made by Chinese vendors Huawei and ZTE.…

Categories: News

Turbulence at UN aviation agency as probe into potential data theft begins

The Register - Tue, 07/01/2025 - 17:45
Crime forum-dweller claims to have leaked 42,000 documents packed with personal info

The United Nations' aviation agency is investigating "a potential information security incident" after a cybercriminal claimed they had laid hands on 42,000 of the branch's documents.…

Categories: News

DEF CON's hacker-in-chief faces fortune in medical bills after paralyzing neck injury

The Register - Tue, 07/01/2025 - 14:45
Marc Rogers is 'lucky to be alive'

Marc Rogers, DEF CON's head of security, faces tens of thousands of dollars in medical bills following an accident that left him with a broken neck and temporary quadriplegia.…

Categories: News

US adds web and gaming giant Tencent to list of Chinese military companies

The Register - Tue, 07/01/2025 - 06:58
This could be the start of a saga to rival TikTok’s troubles, and embroil Tesla and Microsoft

The US Department of Defense has added Chinese messaging and gaming Tencent to its list of “Chinese military company”, a designation that won’t necessarily result in a ban but is nonetheless unpleasant.…

Categories: News

Charter, Consolidated, Windstream reportedly join China's Salt Typhoon victim list

The Register - Mon, 06/01/2025 - 20:30
Slow drip of compromised telecom networks continues

The list of telecommunications victims in the Salt Typhoon cyberattack continues to grow as a new report names Charter Communications, Consolidated Communications, and Windstream among those breached by Chinese government snoops.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News