Wednesday, April 21, 2021
The Register

Japan accuses Chinese military of cyber-attacks on its space agency

200 other companies also targeted, but no data lost Japan has accused a member of the Chinese Communist Party of conducting cyber-attacks on its space agency and 200 other local entities.…
The Register

Japan accuses Chinese military of cyber-attacks on its space agency

200 other companies also targeted, but no data lost Japan has accused a member of the Chinese Communist Party of conducting cyber-attacks on its space agency and 200 other local entities.…
The Register

China broke into govt, defense, finance networks via zero-day in Pulse Secure VPN gateways? No way

Crucial flaw won't be fixed until next month Dozens of defense companies, government agencies, and financial organizations in America and abroad appear to have been compromised via vulnerabilities in their Pulse Connect Secure VPN appliances – including a zero-day...
The Register

Would be so cool if everyone normalized these pesky data leaks, says data-leaking Facebook in leaked memo

Blundering mouthpiece sent arrogant line to journalist by accident Facebook wants you to believe that the scraping of 533 million people’s personal data from its platform, and the dumping of that data online by nefarious people, is something to...
The Register

Do you expect me to talk? No, Mr Bond, I expect you to reply: 10k Brits targeted on LinkedIn by Chinese, Russian spies

Campaign launched to alert public sector staff that not everyone on the internet is nice Ten thousand Britons have been targeted on LinkedIn by recruiters for the Chinese and Russian intelligence services, according to an awareness campaign launched by...
The Register

LinkedIn was vector for 10,000 hostile state recruiting efforts against Brits, warns MI5

Campaign launched to alert public sector staff that not everyone on the internet is nice Ten thousand Britons have been targeted on LinkedIn by recruiters for the Chinese and Russian intelligence services, according to an awarenss campaign launched by...
The Register

We need to talk about criminal adversaries who want you to eat undercooked onion rings

Cisco Talos discovers flaws in air fryer, connected chip cooker firm fails to fix Bad news for lockdown slimmers who've ignored advice about not needing to connect every friggin' appliance in their home to the internet: Talos researchers have...
The Register

Bank of England ponders minting ‘Britcoin’ to sit alongside the Pound

Taskforce and two forums to consider Central Bank Digital Currency The Bank of England and HM Treasury have formed a Taskforce to “coordinate the exploration of a potential UK Central Bank Digital Currency (CDBC).”…
The Register

Who knew Uncle Sam had strike teams for SolarWinds, Exchange flaws? Well, anyway, they are disbanded

Lessons learned and mission accomplished, apparently The US government's response groups for dealing with recent SolarWinds and Microsoft Exchange vulnerabilities have reached the end of the road.…
The Register

WordPress core contributor proposes treating Google FLoC as a security vulnerability

Let's opt every WordPress site out of FLoC. Nice idea, but security update? Really? A proposal by a WordPress core contributor to treat Google's FLoC ad tech as a security vulnerability, and therefore backport an automatic opt-out to previous...
The Register

Won’t somebody please think of the children!!! UK to mount fresh assault on end-to-end encryption in Facebook

Change the record, nobody's fooled by this now UK Home Secretary Priti Patel will badmouth Facebook's use of end-to-end encryption on Monday evening as she links the security technology with paedophilia, terrorism, organised crime, and so on.…
The Register

Codecov dev tool warns of stolen credentials from compromised script, undiscovered for two months

Environment variables full of secrets uploaded to attacker server Codecov, makers of a code coverage tool used by over 29,000 customers, has warned that a compromised script may have stolen credentials over a period of two months, before it...
The Register

Sysadmin for FIN7 criminal cracking group gets 10 years in US prison for managing card slurping malware scam

Plus Pwn2Own faces fire and update Chrome immediately In Brief  The former systems administrator for the FIN7 card-slurping gang has been sentenced to 10 years in a US prison.…
The Register

Brit authorities could legally do an FBI and scrub malware from compromised boxen without your knowledge

Would move for The Greater Good™ actually be good, though? Comment  UK authorities could lawfully copy the FBI and forcibly remove web shells from compromised Microsoft Exchange server deployments – but some members of the British infosec industry are...
The Register

Pakistan cut off Facebook, Twitter, WhatsApp, and Telegram – for just four hours

To stop protests by far-right party that wants France’s ambassador expelled Pakistan shut down several social networks within its borders last Friday but lifted the ban after around four hours.…
The Register

Pakistan cut off Facebook, Twitter, WhatsApp, and Telegram – for just four hours

To stop protests by far-right party that wants France’s ambassador expelled Pakistan shut down several social networks within its borders last Friday but lifted the ban after around four hours.…
The Register

Russian infosec firm Positive Technologies trying to stay positive after US sanctions

Company insists it's a legit operator that's here to help Positive Technologies has hit back at the US government's "groundless accusations" that it helped the Russian state carry out cyber attacks against the West – by highlighting how "government...
The Register

Russian infosec firm Positive Technologies trying to stay positive after US sanctions

Company insists it's a legit operator that's here to help Positive Technologies has hit back at the US government's "groundless accusations" that it helped the Russian state carry out cyber attacks against the West – by highlighting how "government...
The Register

Microsoft received almost 25,000 requests for consumer data from law enforcement over the last six months

25% were rejected, and it's less than 2013's figure... but be wary of what Redmond does with your information Microsoft has had a busy six months if its latest biannual digital trust report is anything to go by as...
The Register

Watchdog thinks Google tricked Australians into giving up data, sues. Judge semi-agrees

Google employees called the meeting to discuss AP's data privacy reveal the 'Oh Shit' meeting Australian federal court sent a message to Big Tech about its willingness to act on privacy violations when it ruled today that Google had...
The Hacker News

WARNING: Hackers Exploit Unpatched Pulse Secure 0-Day to Breach Organizations

If the Pulse Connect Secure gateway is part of your organization network, you need to be aware of a newly discovered critical zero-day authentication bypass vulnerability (CVE-2021-22893) that is currently being exploited in the wild and for which there...
The Register

Japan accuses Chinese military of cyber-attacks on its space agency

200 other companies also targeted, but no data lost Japan has accused a member of the Chinese Communist Party of conducting cyber-attacks on its space agency and 200 other local entities.…
The Register

Japan accuses Chinese military of cyber-attacks on its space agency

200 other companies also targeted, but no data lost Japan has accused a member of the Chinese Communist Party of conducting cyber-attacks on its space agency and 200 other local entities.…

Tool links email addresses to Facebook accounts at scale

Enlarge (credit: Getty Images) Still smarting from last month’s dump of phone numbers belonging to 500 million Facebook users, the social media giant has a new privacy crisis to contend with: a tool that, on a mass scale,...
SC Magazine

With details sparse, vendors scramble to make sense of Biden 100-day grid security plan

The Biden administration launched what it called a “bold” 100-day sprint to improve the cybersecurity of electric utilities on Tuesday. The plan was not released in full to the public, or to many vendors who might be instrumental in...