30 Sep

T-Mobile US to cough up $31.5M after that long string of security SNAFUs

T-Mobile US has agreed to fork out $31.5 million to improve its cybersecurity and pay a fine after a string of network intrusions affected millions

Author rabih
30 Sep

Forget the Kia Boyz: Crooks could hijack your car with just a smartphone

Infosec In Brief Put away that screwdriver and USB charging cable – the latest way to steal a Kia just requires a cellphone and the

Author rabih
30 Sep

If you’re holding important data, Iran is probably trying spearphish it

US and UK national security agencies are jointly warning about Iranian spearphishing campaigns, which remain an ongoing threat to various industries and governments. A security

Author rabih
30 Sep

Remote ID verification tech is often biased, bungling, and no good on its own

A study by the US General Services Administration (GSA) has revealed that five remote identity verification (RiDV) technologies are unreliable, inconsistent, and marred by bias

Author rabih
30 Sep

Cloud threats have execs the most freaked out because they’re not prepared

Efficiency and scalability are key benefits of enterprise cloud computing, but they come at a cost. Security threats specific to cloud environments are the leading

Author rabih
30 Sep

AI code helpers just can’t stop inventing package names

AI models just can’t seem to stop making things up. As two recent studies point out, that proclivity underscores prior warnings not to rely on

Author rabih
30 Sep

Forget the Kia Boyz: Hackers could hijack your car with just a smartphone

Infosec In Brief Put away that screwdriver and USB charging cable – the latest way to steal a Kia just requires a cellphone and the

Author rabih
30 Sep

Binance claims it helped to bust Chinese crypto scam app in India

ASIA IN BRIEF It’s not often The Register writes about a cryptocurrency outfit being on the right side of a scam or crime, but last

Author rabih
29 Sep

Red team hacker on how she ‘breaks into buildings and pretends to be the bad guy’

Interview A hacker walked into a “very big city” building on a Wednesday morning with no keys to any doors or elevators, determined to steal

Author rabih
27 Sep

Feds charge 3 Iranians with ‘hack-and-leak’ of Trump 2024 campaign

The US Department of Justice has charged three Iranians for their involvement in a “wide-ranging hacking campaign” during which they allegedly stole massive amounts of

Author rabih
27 Sep

Recall the Recall recall? Microsoft thinks it can make that Windows feature palatable

Microsoft has revised the Recall feature for its Copilot+ PCs and insists that the self-surveillance system is secure. “Recall,” as Microsoft describes it, “is designed

Author rabih
27 Sep

Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud

Microsoft’s latest threat intelligence blog issues a warning to all organizations about Storm-0501’s recent shift in tactics, targeting, and backdooring hybrid cloud environments. Using a

Author rabih
27 Sep

Gamaredon’s operations under the microscope – Week in security with Tony Anscombe

Video ESET research examines the group’s malicious wares as used to spy on targets in Ukraine in the past two years 27 Sep 2024 This

Author rabih
27 Sep

That doomsday critical Linux bug: It’s CUPS. May lead to remote hijacking of devices

Final update After days of anticipation, what was billed as one or more critical unauthenticated remote-code execution vulnerabilities in all Linux systems was today finally

Author rabih
26 Sep

Patch now: Critical Nvidia bug allows container escape, complete host takeover

A critical bug in Nvidia’s widely used Container Toolkit could allow a rogue user or software to escape their containers and ultimately take complete control

Author rabih
26 Sep

That doomsday critical Linux bug: It’s CUPS. Could lead to remote hijacking of devices

Updated After days of waiting and anticipation, what was billed as one or more critical unauthenticated remote-code execution vulnerabilities in all Linux systems was today

Author rabih
26 Sep

HPE patches three critical security holes in Aruba PAPI

Aruba access points running AOS-8 and AOS-10 need to be patched urgently after HPE emitted fixes for three critical flaws in its networking subsidiary’s networking

Author rabih
26 Sep

HPE patches three critical flaws in Aruba proprietary access protocol Interface

Aruba access points running AOS-8 and AOS-10 need to be patched urgently after HPE issued emergency fixes for three critical flaws in its networking subsidiary’s

Author rabih
Load moreLoadingAll items loaded