The Register
DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks
The US Department of Justice and Microsoft have seized 107 websites used by Russian cyberspies in a phishing campaign to steal sensitive information from US government agencies, think tanks, and other victims.…
Average North American CISO salary now $565K, mainly thanks to one weird trick
A survey of nearly 700 CISOs in the US and Canada has found that salaries have risen over the last year to an average of $565,000 and a median of $403,000, with the top 10 percent of execs pulling in over $1 million.…
Two British-Nigerian men sentenced over multimillion-dollar business email scam
Two British-Nigerian men were sentenced for serious business email compromise schemes in the US this week, netting them millions of dollars from local government entities, construction companies, and colleges.…
Ransomware crew infects 100+ orgs monthly with new MedusaLocker variant
Exclusive An extortionist armed with a new variant of MedusaLocker ransomware has infected more than 100 organizations a month since at least 2022, according to Cisco Talos, which recently discovered a "substantial" Windows credential data dump that sheds light on the criminal and their victims.…
Brits hate how big tech handles their data, but can't be bothered to do much about it
Fewer than one in five Brits report being happy with the way their personal data is handled by big tech companies, yet the furthest many will go is to reject optional cookies on the web.…
700K+ DrayTek routers are sitting ducks on the internet, open to remote hijacking
Fourteen bugs in DrayTek routers — including one critical remote-code-execution flaw that received a perfect 10 out of 10 CVSS severity rating — could be abused by crooks looking to seize control of the equipment to then steal sensitive data, deploy ransomware, and launch denial-of-service attacks.…
Two simple give-me-control security bugs found in Optigo network switches used in critical manufacturing
Two trivial but critical security holes have been found in Optigo's Spectra Aggregation Switch, and so far no patch is available.…
NIST's security flaw database still backlogged with 17K+ unprocessed bugs. Not great
NIST has made some progress clearing its backlog of security vulnerability reports to process – though it's not quite on target as hoped.…
'Patch yesterday': Zimbra mail servers under siege through RCE vuln
"Patch yesterday" is the advice from infosec researchers as the latest critical vulnerability affecting Zimbra mail servers is now being mass-exploited.…
Protecting private data in AI deployments
Webinar As enterprises increasingly incorporate AI, the challenge of protecting private intellectual property (IP) often becomes more difficult.…
The fix for BGP's weaknesses has big, scary, issues of its own, boffins find
The Resource Public Key Infrastructure (RPKI) protocol has "software vulnerabilities, inconsistent specifications, and operational challenges" according to a pre-press paper from a trio of German researchers.…
Euro cops arrest 4 including suspected LockBit dev chilling on holiday
Building on the success of what's known around here as LockBit Leak Week in February, the authorities say they've arrested a further four individuals with ties to the now-scuppered LockBit ransomware empire.…
Evil Corp's deep ties with Russia and NATO member attacks exposed
The relationship between infamous cybercrime outfit Evil Corp and the Russian state is thought to be extraordinarily close, so close that intelligence officials allegedly ordered the criminals to carry out cyberattacks on NATO members.…
NCA unmasks man it suspects is both 'Evil Corp kingpin' and LockBit affiliate
The latest installment of the National Crime Agency's (NCA) series of ransomware revelations from February's LockBit Leak Week emerges today as the agency identifies a man it not only believes is a member of the long-running Evil Corp crime group but also a LockBit affiliate.…
Australian e-tailer digiDirect customers' info allegedly stolen and dumped online
Data allegedly belonging to more than 304,000 customers of Australian camera and tech e-tailer digiDirect has been leaked to an online cyber crime forum.…
Rackspace monitoring systems hit by zero-day
Exclusive Rackspace has told customers intruders exploited a zero-day bug in a third-party application it was using, and abused that vulnerability to break into its internal performance monitoring environment. That intrusion forced the cloud-hosting outfit to temporarily take its monitoring dashboard offline for customers.…
Ransomware forces hospital to turn away ambulances
Ransomware scumbags have caused a vital hospital to turn away ambulances after infecting its computer systems with malware.…
T-Mobile US to cough up $31.5M after that long string of security SNAFUs
T-Mobile US has agreed to fork out $31.5 million to improve its cybersecurity and pay a fine after a string of network intrusions affected millions of customers between 2021 and 2023.…
If you're holding important data, Iran is probably trying spearphish it
US and UK national security agencies are jointly warning about Iranian spearphishing campaigns, which remain an ongoing threat to various industries and governments.…
Remote ID verification tech is often biased, bungling, and no good on its own
A study by the US General Services Administration (GSA) has revealed that five remote identity verification (RiDV) technologies are unreliable, inconsistent, and marred by bias across different demographic groups.…