Application security, Security
March 11, 2024
Via: TechRadarIn today’s fast evolving digital space, the proliferation of application programming interfaces (APIs) has been nothing short of explosive. One forecast predicts there will be nearly 1.7 billion active APIs by 2030 which ushers in unparalleled opportunities for innovation and […]
February 27, 2024
Via: The RegisterAfter ten years operating under the original model, and two years working to revise it, the National Institute of Standards and Technology (NIST) has released version 2.0 of its Cybersecurity Framework (CSF). Unlike the original, which was designed with critical […]
February 22, 2024
Via: The RegisterA cache of stolen documents posted to GitHub appears to reveal how a Chinese infosec vendor named I-Soon offers rent-a-hacker services for Beijing. The trove appeared on GitHub last week and contains hundreds of documents documenting I-Soon’s activities. Analysis of […]
February 20, 2024
Via: The RegisterSmart home security camera slinger Wyze is telling customers that a cybersecurity “incident” allowed thousands of users to see other people’s camera feeds. Thanks to a helpful Reg reader who sent a customer email over to us, we know that […]
February 19, 2024
Via: TechRadarGoogle Chrome is getting an upgrade that will help safeguard devices connected to a private or home network. Google outlined its plans in a post on its Chrome Platform Status page, explaining that the new feature will behave as a […]
February 13, 2024
Via: The RegisterMeta has acknowledged that phone number reuse that allows takeovers of its accounts “is a concern,” but the ad biz insists the issue doesn’t qualify for its bug bounty program and is a matter for telecom companies to sort out. […]
Application security, Security
February 8, 2024
Via: The RegisterMemory-safety flaws represent the majority of high-severity problems for Google and Microsoft, but they’re not necessarily associated with the majority of vulnerabilities that actually get exploited. So while coding with Rust can help reduce memory safety vulnerabilities, it won’t fix […]
Threats & Malware, Vulnerabilities
February 7, 2024
Via: The RegisterWe’re very familiar with the many projects in which Raspberry Pi hardware is used, from giving old computers a new lease of life through to running the animated displays so beloved by retailers. But cracking BitLocker? We doubt the company […]
February 6, 2024
Via: The RegisterVerizon is notifying more than 63,000 people, mostly current employees, that an insider, accidentally or otherwise, had inappropriate access to their personal data. The privacy blunder happened in September, and the American telco giant attributed it to “inadvertent disclosure” and […]
Threats & Malware, Virus & Malware
January 18, 2024
Via: The RegisterSecurity researchers have pinned a DDoS botnet that’s infected potentially millions of smart TVs and set-top boxes to an eight-year-old cybercrime syndicate called Bigpanzi. At least 170,000 bots were running daily at the campaign’s height after infecting Android-based TVs and […]
January 12, 2024
Via: The RegisterDespite all the buzz around internet-connected smart cars at this year’s CES in Las Vegas, most folks don’t want vehicle manufacturers sharing their personal data with third parties – and even say they’d consider buying an older or dumber car […]
January 10, 2024
Via: SecurityWeekI have always known about physical security keys, also called hard tokens, but never actually used one despite my curiosity. So, I was kind of excited when I got my hands on two cool things: a YubiKey 5 and a […]
Threats & Malware, Vulnerabilities
January 9, 2024
Via: The RegisterMicrosoft rang in the New Year with a relatively calm Patch Tuesday: Just 49 Windows security updates including fixes for two critical-rated bugs, plus four high-severity Chrome flaws in Microsoft Edge. None of the January CVEs are under active exploit, […]
January 5, 2024
Via: TechRadarCybersecurity researchers have discovered a new piece of malware targeting Windows devices, so be on the lookout. Experts from Fortinet’s FortiGuard Labs claim to have found a previously undetected version of a remote access trojan called Bandook. This malware was […]
Threats & Malware, Virus & Malware
December 29, 2023
Via: TechRadarMicrosoft has disabled the ms-appinstaller protocol handler as default after it found new evidence of hackers using it to deploy malware. “The observed threat actor activity abuses the current implementation of the ms-appinstaller protocol handler as an access vector for […]
December 28, 2023
Via: The RegisterThe same cybercrime crew broke into two high-profile Las Vegas casino networks over the summer, infected both with ransomware, and stole data belonging to tens of thousands of customers from the mega-resort chains. But despite the similar characters and plots, […]
December 25, 2023
Via: Natalie DunnThe Fourth Industrial Revolution, commonly known as Industry 4.0, is a transformative paradigm shift that is revolutionizing the manufacturing landscape. This era of interconnectedness and automation is characterized by the convergence of physical systems, the Internet of Things (IoT), and […]
Threats & Malware, Vulnerabilities
December 19, 2023
Via: The RegisterFour vulnerabilities in Perforce Helix Core Server, including one critical remote code execution bug, should be patched “immediately,” according to Microsoft, which spotted the flaws and disclosed them to the software vendor. Perforce Server is a source code management platform […]
December 8, 2023
Via: The RegisterA series of attacks against Microsoft Active Directory domains could allow miscreants to spoof DNS records, compromise Active Directory and steal all the secrets it stores, according to Akamai security researchers. We’re told the attacks – which are usable against […]
November 29, 2023
Via: The RegisterJapan’s Space Exploration Agency (JAXA) has reported a cyber incident. Chief cabinet secretary Matsuno mentioned the incident in his morning briefing, telling reporters the agency suspected a breach, possibly to its Active Directory implementation, so conducted further research and found […]