The Register

Try it with phish'n'chips

Google has proposed a framework called SLSA for dealing with supply chain attacks, a security risk exemplified by the recent compromise of the SolarWinds Orion IT monitoring platform.…

Privacy browser's former chief policy officer calls web advertising ecosystem 'the Biggest. Data. Breach. Ever'

Former Brave chief policy officer Johnny Ryan is continuing his crusade against the online advertising industry by filing a lawsuit against Google, Facebook, Amazon, Twitter, and US telco AT&T in Germany.…

Apple CEO stays on message during interview while Epic case rumbles along

Tim Cook has claimed that proposed reforms to the App Store are "not in the best interests of the user" and would "destroy the security of the iPhone."…

Putin to Biden: чушь! You already attack us way more than we attack you!

US President Joe Biden and his Russian Federation counterpart Vladimir Putin have traded barbs over cyber-attacks at a summit meeting staged yesterday in Switzerland.…

Big tech and local authorities are both far from helpful when victims try to delete unauthorised images or prosecute creeps

International non-governmental organisation Human Rights Watch (HRW) released a report Wednesday describing digital sex crime in South Korea as rampant and pervasive, with the nation leading the world in use of spycams to capture women in vulnerable moments. The author calls on governments and companies to do more.…

Just in case you travel back in time to 1998

The GEA/1 encryption algorithm used by GPRS phones in the 1990s was seemingly designed to be weaker than it appears to allow eavesdropping, according to European researchers.…

One of six guys charged over Infinera, Fortinet securities

A teacher who knew too much about some of Silicon Valley's financial figures has been charged with insider dealing by the US Securities and Exchange Commission, along with five alleged accomplices.…

Spreadsheet breaks down spend on staving off future badness

An organisation whose network was infected by Ryuk ransomware has spent $8.1m over seven months recovering from it – and that’s still not the end of it, according to US news reports.…

Scream if you wanna go raster: Vulnerability uncovered in unloved software

As Microsoft preps the next version of Windows, a hole has been spotted in an earlier Great Hope for the company: MS Paint 3D.…

Cobalt Strike and Flawedammyy RAT named as favoured tools

Ukrainian police have arrested six people, alleged to be members of the notorious Clop* ransomware gang, seizing cash, cars – and a number of Apple Mac laptops and desktops.…

Papa John's falls foul of 'soft opt-in' exemption in PECR rules

Pizza takeaway and delivery outfit Papa John's has been fined £10,000 by the UK's data watchdog for sending marketing fluff to punters without their say-so.…

Shopping service Taobao scraped by affiliate marketer; developer and boss jailed

Alibaba’s Chinese shopping operation Taobao has suffered a data breach of over a billion data points including usernames and mobile phone numbers. The info was lifted from the site by a crawler developed by an affiliate marketer.…

Medical device cybersecurity raises its head in CISA warning

A defibrillator management platform was riddled with vulnerabilities including a remote command execution flaw that could seemingly be invoked by uploading an Excel spreadsheet to the platform.…

Lindy Cameron gives private industry an unusual nod in speech full of interventionism

Forget foreign spies. The head of Britain's National Cyber Security Center (NCSC) has warned it is ransomware that's the key threat for most people.…

Research team: We've proved hardware-plus-software mods can keep your secrets secret

Researchers from the University of Rochester have created TimeCache, an approach to system security claimed to protect against side-channel attacks like evict+reload and Spectre, without the usual deleterious impact to performance.…

Companies were puppets to Indian biz Underpin Services Private Limited

Two Kent-registered IT companies have been wound up in the High Court of England and Wales for trying to scam punters with fake pop-ups to generate tech support cons.…

Company claims 'no current indication' top-secret data was plundered

The REvil ransomware gang, thought to be behind an attack on meat producer JBS which netted an impressive $11m payoff, has found another victim. Worryingly, this one works with the US Department of Defence on the nation's nuclear weapons programme.…

Plus: Alleged Trickbot developer cuffed by US agents

In brief  The outgoing head of Israeli foreign intelligence service Mossad has suggested that Stuxnet wasn't the only spanner in the works his agency put into Iran's nuclear programme.…

China lashed for ignoring norms, retorts that Western clique isn't playing fair

A communiqué issued at the conclusion of the NATO summit has called for China to observe the laws of cyberspace, and set out new standards by which members of the alliance will consider cyberattacks.…

Hopes raised in West of an extradition or law enforcement agreement to stem the tide

The G7 summit of western countries has called upon Russia to "identify, disrupt, and hold to account those within its borders who conduct ransomware attacks, abuse virtual currency to launder ransoms, and other cybercrimes."…