Thursday, May 19, 2022
The Register

Iran, China-linked gangs join Putin’s disinformation war online

They're using the invasion 'to take aim at the usual adversaries,' Mandiant told The Reg Pro-Beijing and Iran miscreants are using the war in Ukraine to spread disinformation that supports these countries' political interests — namely, advancing anti-Western narratives...
The Register

Hot glare of the spotlight doesn’t slow BlackByte ransomware gang

Crew's raids continue worldwide, Talos team warns The US government's alert three months ago warning businesses and government agencies about the threat of BlackByte has apparently done little to slow down the ransomware group's activities.…
The Register

The cyber threat isn’t going anywhere, but the fight back starts in London

CyberThreat 22 returns this September Sponsored Post  It might feel like you’re facing down the cyber bad guys all on your own sometimes but be assured that’s not the case. In fact, if you head to CyberThreat 22 this...
The Register

Your snoozing iOS 15 iPhone may actually be sleeping with one antenna open

No, you're not really gonna be hacked. But you may be surprised Some research into the potentially exploitable low-power state of iPhones has sparked headlines this week.…
The Register

Patch your VMware gear now – or yank it out, Uncle Sam tells federal agencies

Critical authentication bypass revealed, older flaws under active attack Uncle Sam's Cybersecurity and Infrastructure Security Agency (CISA) has issued two warnings in a single day to VMware users, as it believes the virtualization giant's products can be exploited by...
The Register

Meet Wizard Spider, the multimillion-dollar gang behind Conti, Ryuk malware

Russia-linked crime-as-a-service crew is rich, professional – and investing in R&D Analysis  Wizard Spider, the Russia-linked crew behind high-profile malware Conti, Ryuk and Trickbot, has grown over the past five years into a multimillion-dollar organization that has built a...
The Register

How these crooks backdoor online shops and siphon victims’ credit card info

FBI and co blow lid off latest PHP tampering scam The FBI and its friends have warned businesses of crooks scraping people's credit-card details from tampered payment pages on compromised websites.…
The Register

Your data’s auctioned off up to 987 times a day, NGO reports

Irish Council on Civil Liberties said this is first time the scope of real-time bidding is being measured The average American has their personal information shared in an online ad bidding war 747 times a day. For the average...
The Register

Microsoft warns partners to revoke unused authorizations that drive your software

June debut of zero trust GDAP tool should make it harder for crims to attack through MSPs and resellers Microsoft has advised its reseller community it needs to pay attention to the debut of improve security tooling aimed at...
The Register

State of internet crime in Q1 2022: Bot traffic on the rise, and more

According to this cybersecurity outfit that wants your business, anyway The fraud industry, in some respects, grew in the first quarter of the year, with crooks putting more human resources into some attacks while increasingly relying on bots to...
The Register

Monero-mining botnet targets Windows, Linux web servers

Sysrv-K malware infects unpatched tin, Microsoft warns The latest variant of the Sysrv botnet malware is menacing Windows and Linux systems with an expanded list of vulnerabilities to exploit, according to Microsoft.…
The Register

FBI warns of North Korean cyberspies posing as Western IT workers

Looking for tech talent? Kim Jong-un's friendly freelancers, at your service Pay close attention to that resume before extending a job offer. The FBI, in a joint advisory with the US Departments of State and Treasury, has warned that...
The Register

Pentester pops open Tesla Model 3 using low-cost Bluetooth module

Anything that uses proximity-based BLE is vulnerable, claim researchers Tesla Model 3 and Y owners, beware: the passive entry feature on your vehicle could potentially be fooled by a new form of relay attack.…
The Register

Google assuring open source code to secure software supply chains

Java and Python packages are the first on the list Google has a plan — and a new product plus a partnership with developer-focused security shop Snyk — that attempts to make it easier for enterprises to secure their...
The Register

Facebook rated least safe e-commerce option in government rankings

Singapore's safety scheme measures scam-combatting capability A newly implemented e-commerce rating system in the city-state of Singapore has rated Facebook's Marketplace as the least trustworthy e-commerce platform, behind Amazon and its Alibaba-owned Asian analogue Lazada.…
The Register

Europe moves closer to stricter cybersecurity standards, reporting regs

More types of biz fall under expanded rules – and fines for those who fall short Europe has moved closer toward new cybersecurity standards and reporting rules following a provisional network and information systems agreement dubbed NIS2 by the...
The Register

Venezuelan cardiologist charged with designing and selling ransomware

If his surgery was as bad as his opsec, this chap has caused a lot of trouble The US Attorney’s Office has charged a 55-year-old cardiologist with creating and selling ransomware and profiting from revenue-share agreements with criminals who...
The Register

China reveals its top five sources of online fraud

'Brushing' tops the list, as quantity of forbidden content continue to rise China’s Ministry of Public Security has revealed the five most prevalent types of fraud perpetrated online or by phone.…
The Register

US brings first-of-its-kind criminal charges of Bitcoin-based sanctions-busting

Citizen allegedly moved $10m-plus in BTC into banned nation US prosecutors have accused an American citizen of illegally funneling more than $10 million in Bitcoin into an economically sanctioned country.…
The Register

Hackers are after your data. So why are you making it so easy for them?

Here’s how to tailor a security suite that suits you Webinar  Some cyberattackers are out to cause mayhem, but the pros are really after one thing. Your data, whether that’s through exfiltration or encryption.…
SecurityWeek

Phishers Add Chatbot to the Phishing Lure

Researchers have discovered a new approach being taken by phishers to increase victim engagement and confidence: the addition of an interactive chatbot. We have all become accustomed to the chatbots used by many of the largest service providers –...
SecurityWeek

QuSecure Lauches Quantum-Resilient Encryption Platform

New firm launches to provide the Easy Button for implementing quantum secure encryption The pressure to implement quantum secure encryption is increasing. This isn’t because functioning quantum computers able to crack asymmetric encryption are expected tomorrow, but because of the...
The Register

Iran, China-linked gangs join Putin’s disinformation war online

They're using the invasion 'to take aim at the usual adversaries,' Mandiant told The Reg Pro-Beijing and Iran miscreants are using the war in Ukraine to spread disinformation that supports these countries' political interests — namely, advancing anti-Western narratives...

6 Scary Tactics Used in Mobile App Attacks

Mobile attacks have been going on for many years, but the threat is rapidly evolving as more sophisticated malware families with novel features enter the scene.