The Register

Subscribe to The Register feed
Biting the hand that feeds IT — Enterprise Technology News and Analysis
Updated: 1 hour 4 min ago

Google dishes out homemade SLSA, a recipe to thwart software supply-chain attacks

2 hours 57 min ago
Try it with phish'n'chips

Google has proposed a framework called SLSA for dealing with supply chain attacks, a security risk exemplified by the recent compromise of the SolarWinds Orion IT monitoring platform.…

Categories: News

Ex-Brave staffer launches GDPR sueball in Germany over tech giants' real-time bidding for ad inventory

Thu, 17/06/2021 - 21:16
Privacy browser's former chief policy officer calls web advertising ecosystem 'the Biggest. Data. Breach. Ever'

Former Brave chief policy officer Johnny Ryan is continuing his crusade against the online advertising industry by filing a lawsuit against Google, Facebook, Amazon, Twitter, and US telco AT&T in Germany.…

Categories: News

Tim Cook: Sideloading is a disaster and proposed App Store reforms would harm user privacy and security

Thu, 17/06/2021 - 15:47
Apple CEO stays on message during interview while Epic case rumbles along

Tim Cook has claimed that proposed reforms to the App Store are "not in the best interests of the user" and would "destroy the security of the iPhone."…

Categories: News

Biden to Putin: Get your ransomware gangs under control and don’t you dare cyber-attack our infrastructure

Thu, 17/06/2021 - 07:00
Putin to Biden: чушь! You already attack us way more than we attack you!

US President Joe Biden and his Russian Federation counterpart Vladimir Putin have traded barbs over cyber-attacks at a summit meeting staged yesterday in Switzerland.…

Categories: News

South Korea has a huge problem with digital sex crimes against women says Human Rights Watch

Thu, 17/06/2021 - 05:04
Big tech and local authorities are both far from helpful when victims try to delete unauthorised images or prosecute creeps

International non-governmental organisation Human Rights Watch (HRW) released a report Wednesday describing digital sex crime in South Korea as rampant and pervasive, with the nation leading the world in use of spycams to capture women in vulnerable moments. The author calls on governments and companies to do more.…

Categories: News

GPRS-era mobile data encryption algorithm GEA/1 was 'weak by design', still lingers in today's phones

Thu, 17/06/2021 - 02:44
Just in case you travel back in time to 1998

The GEA/1 encryption algorithm used by GPRS phones in the 1990s was seemingly designed to be weaker than it appears to allow eavesdropping, according to European researchers.…

Categories: News

School teacher accused of pocketing $1m+ in insider trading using tips from Silicon Valley pal

Wed, 16/06/2021 - 21:20
One of six guys charged over Infinera, Fortinet securities

A teacher who knew too much about some of Silicon Valley's financial figures has been charged with insider dealing by the US Securities and Exchange Commission, along with five alleged accomplices.…

Categories: News

Ryuk ransomware recovery cost us $8.1m and counting, says Baltimore school authority

Wed, 16/06/2021 - 17:37
Spreadsheet breaks down spend on staving off future badness

An organisation whose network was infected by Ryuk ransomware has spent $8.1m over seven months recovering from it – and that’s still not the end of it, according to US news reports.…

Categories: News

We've found another reason not to use Microsoft's Paint 3D – researchers

Wed, 16/06/2021 - 16:07
Scream if you wanna go raster: Vulnerability uncovered in unloved software

As Microsoft preps the next version of Windows, a hole has been spotted in an earlier Great Hope for the company: MS Paint 3D.…

Categories: News

Cuffed: Ukraine police collar six Clop ransomware gang suspects in joint raids with South Korean cops

Wed, 16/06/2021 - 14:37
Cobalt Strike and Flawedammyy RAT named as favoured tools

Ukrainian police have arrested six people, alleged to be members of the notorious Clop* ransomware gang, seizing cash, cars – and a number of Apple Mac laptops and desktops.…

Categories: News

Papa don't breach: UK data watchdog fines that other pizza place £10,000 over unsolicited marketing blitz

Wed, 16/06/2021 - 13:03
Papa John's falls foul of 'soft opt-in' exemption in PECR rules

Pizza takeaway and delivery outfit Papa John's has been fined £10,000 by the UK's data watchdog for sending marketing fluff to punters without their say-so.…

Categories: News

Alibaba suffers billion-item data leak of usernames and mobile numbers

Wed, 16/06/2021 - 04:14
Shopping service Taobao scraped by affiliate marketer; developer and boss jailed

Alibaba’s Chinese shopping operation Taobao has suffered a data breach of over a billion data points including usernames and mobile phone numbers. The info was lifted from the site by a crawler developed by an affiliate marketer.…

Categories: News

Zoll Defibrillator Dashboard would execute contents of random Excel files ordinary users could import

Tue, 15/06/2021 - 19:16
Medical device cybersecurity raises its head in CISA warning

A defibrillator management platform was riddled with vulnerabilities including a remote command execution flaw that could seemingly be invoked by uploading an Excel spreadsheet to the platform.…

Categories: News

NCSC chief: Ransomware is more of a threat to Britain than hostile nations' spies

Tue, 15/06/2021 - 15:53
Lindy Cameron gives private industry an unusual nod in speech full of interventionism

Forget foreign spies. The head of Britain's National Cyber Security Center (NCSC) has warned it is ransomware that's the key threat for most people.…

Categories: News

TimeCache aims to block side-channel cache attacks – without hurting performance

Tue, 15/06/2021 - 14:45
Research team: We've proved hardware-plus-software mods can keep your secrets secret

Researchers from the University of Rochester have created TimeCache, an approach to system security claimed to protect against side-channel attacks like evict+reload and Spectre, without the usual deleterious impact to performance.…

Categories: News

Brit IT firms wound up by court order after fooling folk into paying for 'support' over fake computer errors

Tue, 15/06/2021 - 13:30
Companies were puppets to Indian biz Underpin Services Private Limited

Two Kent-registered IT companies have been wound up in the High Court of England and Wales for trying to scam punters with fake pop-ups to generate tech support cons.…

Categories: News

The latest REvil ransomware victim? Sol Oriens. Oh, a US nuclear weapons contractor

Tue, 15/06/2021 - 12:28
Company claims 'no current indication' top-secret data was plundered

The REvil ransomware gang, thought to be behind an attack on meat producer JBS which netted an impressive $11m payoff, has found another victim. Worryingly, this one works with the US Department of Defence on the nation's nuclear weapons programme.…

Categories: News

When security gets physical: Mossad boss hints at less-than-subtle Stuxnet followup

Tue, 15/06/2021 - 08:24
Plus: Alleged Trickbot developer cuffed by US agents

In brief  The outgoing head of Israeli foreign intelligence service Mossad has suggested that Stuxnet wasn't the only spanner in the works his agency put into Iran's nuclear programme.…

Categories: News

NATO summit communiqué compares repeat cyberattacks to armed attacks – and stops short of saying 'one-in, all-in' rule will always apply

Tue, 15/06/2021 - 07:00
China lashed for ignoring norms, retorts that Western clique isn't playing fair

A communiqué issued at the conclusion of the NATO summit has called for China to observe the laws of cyberspace, and set out new standards by which members of the alliance will consider cyberattacks.…

Categories: News

G7 nations call out Russia for harbouring ransomware crims ahead of Biden-Putin powwow

Mon, 14/06/2021 - 22:29
Hopes raised in West of an extradition or law enforcement agreement to stem the tide

The G7 summit of western countries has called upon Russia to "identify, disrupt, and hold to account those within its borders who conduct ransomware attacks, abuse virtual currency to launder ransoms, and other cybercrimes."…

Categories: News