Ukrainian cops collar Kyiv programmer believed to be Conti, LockBit linchpin
28-year-old accused of major ransomware attacks across Europe
Malware Month13 Jun 2024 | 13
Special Features
Ransomware crew may have exploited Windows make-me-admin bug as a zero-day
Symantec suggests Black Basta crew beat Microsoft to the patch
Malware Month12 Jun 2024 | 2
Akira: Perhaps the next big thing in ransomware, says Tidal threat intelligence chief
Interview Scott Small tells us gang's 'intent and capability' should get the attention of CSOs
Malware Month09 Jun 2024 | 3
FBI encourages LockBit victims to step right up for free decryption keys
The bad news? Gang wasn't deleting victim data after payments
Malware Month06 Jun 2024 | 6
7-year-old Oracle WebLogic bug under active exploitation
Experts say Big Red will probably re-release patch in an upcoming cycle
Malware Month06 Jun 2024 | 6
What is RansomHub? Looks like a Knight ransomware reboot
Malware code potentially sold off, tweaked, back at it infecting victims
Malware Month05 Jun 2024 | 1
Euro cops disrupt malware droppers, seize thousands of domains
Operation Endgame just beginning: 'Stay tuned,' says Europol
Malware Month30 May 2024 |
Here's yet more ransomware using BitLocker against Microsoft's own users
Updated ShrinkLocker throws steel and vaccine makers into the hurt locker
Malware Month23 May 2024 | 4
RSA Conference 2024: The good, the bad, and the downright worrying
Kettle If there's one thing infosec needs right now, it's a little pick-me-up
Spotlight on RSA14 May 2024 | 3
AI red-teaming tools helped X-Force break into a major tech manufacturer 'in 8 hours'
RSAC Hint: It's the 'the largest' maker of a key computer component
Spotlight on RSA13 May 2024 | 7
AWS CISO tells The Reg: In the AI gold rush, folks are forgetting application security
RSAC 'Everybody's learning as they go. But there's a rush to get these apps out'
AI + ML13 May 2024 | 5
Ransomware negotiator weighs in on the extortion payment debate with El Reg
Interview As gang tactics get nastier while attacks hit all-time highs
Cyber-crime12 May 2024 | 43
Critical infrastructure security will stay poor until everyone pulls together
Interview Claroty CEO Yaniv Vardi tells us what's needed to defend vital networks
Public Sector11 May 2024 | 12
Iran most likely to launch destructive cyber-attack against US – ex-Air Force intel analyst
Interview But China's the most technologically advanced
Spotlight on RSA10 May 2024 | 8
'Four horsemen of cyber' look back on 2008 DoD IT breach that led to US Cyber Command
RSAC 'This was a no sh*tter'
Spotlight on RSA10 May 2024 | 4
Ex-White House election threat hunter weighs in on what to expect in November
Interview Spoiler alert: We're gonna talk about AI
Public Sector09 May 2024 | 36
Dell customer order database of '49M records' stolen, now up for sale on dark web
IT giant tries to downplay leak as just names, addresses, info about kit
Cyber-crime09 May 2024 | 35
America's enemies targeting US critical infrastructure should be 'wake-up call'
RSAC Having China, Russia, and Iran routinely rummaging around is cause for concern, says ex-NSA man
Spotlight on RSA09 May 2024 | 8
68 tech names sign CISA's secure-by-design pledge
RSAC Security's an uphill battle ... does this latest move have teeth?
Spotlight on RSA09 May 2024 | 14
VMware security advisories now behind bureaucratic Broadcom barricade
Updated If it ain't broke, make it less accessible
Spotlight on RSA09 May 2024 | 16
Popular
Mozilla is trying to push me out because I have cancer, CPO says in bombshell lawsuit
Steve Teixeira, said to be CEO-in-waiting, now sues Firefox maker for discrimination, retaliation
Indonesian government datacenter locked down in $8M ransomware rumble
Variant of Lockbit 3.0 said to be weapon of choice for attack
Starliner to remain docked to the ISS into July – with no new departure date
If it's Boeing, it isn't going joke gets a bit real for 'nauts
Linux geeks cheer as Arm wrestles x86
AlmaLinux and upstream kernel support for Raspberry Pi 5, plus a forthcoming high-performance Arm64 Tuxedo laptop
Andrew Tanenbaum honored for pioneering MINIX, the OS hiding in a lot of computers
Software System Award recognises his contributions to education
Julian Assange to go free in guilty plea deal with US
WikiLeaks boss already out of Blighty and, if all goes to plan, ultimately off to home in Australia
If you're using Polyfill.io code on your site – like 100,000+ are – remove it immediately
Scripts turn malicious, infect webpages after Chinese CDN swallows domain
Record labels gang up to sue AI music generator duo into utter oblivion
Updated Recording Industry Ass. of America orchestrates war on Udio and Suno
America's best chance for nationwide privacy law could do more harm than good
Analysis 'Congress has effectively gutted it as part of a backroom deal'
Humanity's satellite habit could end up choking Earth's ozone layer
Just when you think we've solved chlorofluorocarbons
STORIES
Undersea cables must have high-priority protection before they become top targets
Interview It's 'essential to national security' ex-Navy intel officer tells us
Networks08 May 2024 | 36
CISA boss: Secure code is the 'only way to make ransomware a shocking anomaly'
RSAC And it would seriously inconvenience the Chinese and Russians, too
Spotlight on RSA08 May 2024 | 58
One year on, universities org admits MOVEit attack hit data of 800K people
Nearly 95M people in total snagged by flaw in file transfer tool
Spotlight on RSA08 May 2024 | 2
UK opens investigation of MoD payroll contractor after confirming attack
China vehemently denies involvement
Cyber-crime08 May 2024 | 50
Ten years since the first corp ransomware, Mikko Hyppönen sees no end in sight
Interview On the plus side, infosec's a good bet for a long, stable career
Malware Month08 May 2024 | 24
From infosec to skunks, RSA Conference SVP spills the tea
Interview Keynotes, physical security, playlists … the buck stops with Linda Gray Martin
Spotlight on RSA08 May 2024 |
UnitedHealth's 'egregious negligence' led to Change Healthcare ransomware infection
Interview 'I'm blown away by the fact that they weren't using MFA'
Spotlight on RSA08 May 2024 | 25
America's War on Drugs and Crime will be AI powered, says Homeland Security boss
RSAC Or at least it might well be if these trial programs work out, with some civil lib oversight etc etc etc
Spotlight on RSA07 May 2024 | 25
Watch out for rogue DHCP servers decloaking your VPN connections
Avoid traffic-redirecting snoops who have TunnelVision
Spotlight on RSA07 May 2024 | 34
CISA's early-warning system helped critical orgs close 852 ransomware holes
Interview In the first year alone, that's saved us all a lot of money and woe
Spotlight on RSA07 May 2024 | 3
US State Department launches cyber and digital policy strategy
RSAC Part of the race with Beijing to set standards and advance norms
Spotlight on RSA07 May 2024 | 4
Ransomware crooks now SIM swap executives' kids to pressure their parents
RSAC Extortionists turning to 'psychological attacks', Mandiant CTO says
Spotlight on RSA07 May 2024 | 20
Fed-run LockBit site back from the dead and vows to really spill the beans on gang
Updated After very boring first reveal, this could be the real deal
Spotlight on RSA06 May 2024 | 8
UnitedHealth CEO: 'Decision to pay ransom was mine'
Updated Congress to hear how Citrix MFA snafu led to massive data theft, $870M+ loss
Malware Month30 Apr 2024 | 28
Russia's Cozy Bear dives into cloud environments with a new bag of tricks
Kremlin's spies tried out the TTPs on Microsoft, and now they're off to the races
Spotlight on Databases27 Feb 2024 | 4
Work to resolve binary babble from Voyager 1 is ongoing
You think your latency is bad? How about 45 hours to see if a command worked?
The Reg in Space08 Feb 2024 | 34
You could have heard a pin drop: Virgin Galactic reports itself to the FAA
Updated Everything's fine, but a fastening fell off when it shouldn't have
The Reg in Space06 Feb 2024 | 28
40 years ago, an astronaut first took flight from the Space Shuttle
Look Ma: no tether!
The Reg in Space05 Feb 2024 | 9
Rocket Lab is a David among Goliaths in the space race
Interview CEO Peter Beck on the future of commercial launches and not raining debris over national reserves
The Reg in Space05 Feb 2024 | 13
Space exploitation vs space exploration: Humanity has much to learn from the Voyager probes
Interview When 'what's the value to the economy?' wasn't front of mind
The Reg in Space01 Feb 2024 | 57
Square Kilometre Array prototype 'scope achieves first light
SKAMPI was made in China, driven by Docker, located in South Africa, and aimed at the stars
The Reg in Space30 Jan 2024 | 5
Japan's lander wakes up, takes blurry snap of Moon
The Reg in Space29 Jan 2024 | 15
Canada to remove China’s top messaging app WeChat from government devices
Kaspersky also on the way out due to ‘unacceptable level of risk to privacy and security'
Cybersecurity Month31 Oct 2023 | 11
SolarWinds charged after SEC says biz knew IT was leaky ahead of SUNBURST attack
Developer labels action 'unfounded' after company and CISO slapped with suit for misleading investors
Cybersecurity Month31 Oct 2023 | 9
Bug bounty hunters load up to stalk AI and fancy bagging big bucks
Google offers AI-specific rewards, HackerOne sees more specializations
Cybersecurity Month27 Oct 2023 | 1
Telcos should compensate phished subscribers, suggests Singapore
Regulator reckons letting scam texts through is a culpable act
Cybersecurity Month26 Oct 2023 | 6
Seiko watches 60K personal data records tick away in BlackCat ransomware heist
Investigations ongoing as full extent of July breach is questioned
Cybersecurity Month25 Oct 2023 |
Spanish phisherfolk caught in cops' net in multi-million-euro catch
Crooks swindled about €3 million from victims
Cybersecurity Month25 Oct 2023 | 1
After six days and thousands of pwned users, Cisco poised to patch IOS XE flaw
Security in brief ALSO: SolarWinds using plaintext passwords; North Korea attacks TeamCity; Critical vulns, and more
Cybersecurity Month22 Oct 2023 | 3
International Criminal Court blames spies for 'targeted and sophisticated attack'
Tell us it's Russia without telling us it's Russia
Cybersecurity Month21 Oct 2023 | 13
Indian authorities raid fake tech support rings after tipoff from Amazon and Microsoft
Also went after crypto-crooks who sought money to buy miners for fake token
Cybersecurity Month20 Oct 2023 | 38
‘How not to hire a North Korean plant posing as a techie’ guide updated by US and South Korean authorities
Advise turning off and never using remote desktop protocol, prohibiting private VPNs, not trusting recruiters’ due diligence
Cybersecurity Month19 Oct 2023 | 51
San Francisco mayor suggests police drones and CCTV can cure city's crime woes
Suggests bodycam footage should replace paperwork for simple arrests
Cybersecurity Month19 Oct 2023 | 30
Paying for WinRAR in all the wrong ways - Russia and China hitting ancient app
Incidentally, Windows 11 has native rar support now
Cybersecurity Month18 Oct 2023 | 22
Critical Citrix bug exploited by data thieves weeks before being patched
Updated Time to close those active sessions
Cybersecurity Month18 Oct 2023 |
Governments resent their dependence on Big Tech
Singapore summit hears how private sector's constant security sins create risk for sovereigns
Cybersecurity Month18 Oct 2023 | 22
Five Eyes intel chiefs warn China's IP theft program now at 'unprecedented' levels
Spies come in from the cold for their first public chinwag
Cybersecurity Month18 Oct 2023 | 31
Malware crooks find an in with fake browser updates, in case real ones weren't bad enough
Researchers say ransomware could be on the horizon if success continues
Cybersecurity Month18 Oct 2023 | 2
X marks the bot: Musk thinks spammers won't pay $1 a year
Annual fee won't be profitable, will require registration of phone number
Cybersecurity Month18 Oct 2023 | 69
Cisco's critical zero-day bug gets even worse – 'thousands' of IOS XE devices pwned
Good news: There's a free scanner to check your kit. Bad news: Still no fix
Cybersecurity Month17 Oct 2023 | 15
Cisco zero-day bug allows router hijacking and is being actively exploited
We'd say 'Hurry up and patch' but it hasn't written one yet. While you wait, disable HTTP
Cybersecurity Month16 Oct 2023 | 12
Signal shoots down zero-day rumors, finds 'no evidence' of device takeover
Looks to be related to critical libwebp bug found — and fixed — last month
Cybersecurity Month16 Oct 2023 | 5
Australia threatens X with fine, warns Google, for failure to comply with child abuse handling report regs
Elon Musk's social network provided no response – or junk – to official inquiries about its safety practices
Cybersecurity Month16 Oct 2023 | 18
EPA flushes water supply cybersecurity rule after losing legal fight with industry, states
What could possibly go wrong?
Cybersecurity Month13 Oct 2023 | 38
Can open source be saved from the EU's Cyber Resilience Act?
Opinion The road to Hell is paved with good intentions, and for open source this is a well meaning cluster fudge
Cybersecurity Month13 Oct 2023 | 82
Equifax scores £11.1M slap on wrist over 2017 mega breach
Not quite a pound for every one of the 13.8 million affected UK citizens, and it could have been more
Cybersecurity Month13 Oct 2023 | 11
Chinese citizens feel their government is doing such a fine job with surveillance
They know they're being watched and don't mind - maybe because Beijing says it improves safety
Cybersecurity Month13 Oct 2023 | 38
Europe mulls open sourcing TETRA emergency services' encryption algorithms
Turns out secrecy doesn't breed security
Cybersecurity Month12 Oct 2023 | 26
Casino giant Caesars tells thousands: Yup, ransomware crooks stole your data
House always wins, er, wait ...
Cybersecurity Month12 Oct 2023 | 13
Microsoft takes another run at closing Exchange brute-force security hole
Meanwhile, Exchange Online is on the fritz
Cybersecurity Month11 Oct 2023 | 13
CISOs' salary growth slows – with pay gap widening
We still doubt any infosec leaders will be going without heating this winter
Cybersecurity Month11 Oct 2023 | 2
From chaos to cadence: Celebrating two decades of Microsoft's Patch Tuesday
Feature IT folks look back on 20 years of what is now infosec tradition
Cybersecurity Month11 Oct 2023 | 17
Ransomwared health insurer wasn't using antivirus software
PhilHealth blames government procurement rules for license expiry and issues phishing warnings
Cybersecurity Month11 Oct 2023 | 15
Vietnam accused of Predator spyware attack on EU and US politicians
Awkward, seeing as the US and Vietnam just announced a refreshed relationship
Cybersecurity Month10 Oct 2023 | 1
FTC: Please stop falling for social media scams, you've given crooks at least $650M so far this year
Internet considered harmful
Cybersecurity Month07 Oct 2023 | 68
Online tracking is alive and well in link decoration
Analysis The pending death of third-party cookies won't do much for other privacy intrusions
Cybersecurity Month06 Oct 2023 | 17
China uses Alibaba's Euro logistic hub to spy on stuff, Belgian intelligence fears
Cloud and e-commerce giant mussels up, says allegations are waffle
Cybersecurity Month06 Oct 2023 | 12
Improving defense of US space assets isn't rocket science. Oh wait
Can Booz Allen Hamilton get systems engineered with $630M and 7 years?
Cybersecurity Month05 Oct 2023 | 4
Pacific telco backed by Australia, Japan, US bins Huawei
Nokia looks a more diplomatic choice at Digicel
Cybersecurity Month05 Oct 2023 | 2
FEMA to test emergency alert system US-wide today
Updated Americans are used to drills :(
Cybersecurity Month04 Oct 2023 | 62
North Korea's Lazarus Group upgrades its main malware
LightningCan evades infosec tools in new and interesting ways
Cybersecurity Month04 Oct 2023 | 4
Russia to ban all VPNs – again – says senator
Putin Zuck out of business is one goal of this repeat effort to close off internet tunnels
Cybersecurity Month04 Oct 2023 | 39
Arm patches GPU driver bug exploited by spyware to snoop on targets
As Qualcomm warns of similar fixes coming for its chips
Cybersecurity Month03 Oct 2023 | 5
Microsoft Defender 'finally' stops flagging Tor Browser as malware
Just because you're paranoid…
Cybersecurity Month03 Oct 2023 | 8
Japan drives for infosec self-sufficiency – at least in one layer of deep defenses
CYNEX Alliance brings industry, government, and academia together to share info and devise tools
Cybersecurity Month03 Oct 2023 |
US State Dept has no idea if its IT security actually works, say auditors
Updated End-of-life systems still in use, poor inventory control, and China's hunting
Cybersecurity Month02 Oct 2023 | 9
Feds hopelessly behind the times on ransomware trends in alert to industry
Better late than never, we guess
Cybersecurity Month02 Oct 2023 | 6
Ukraine accuses Russian spies of hunting for war-crime info on its servers
Russian have shifted tactics in the first half of 2023, with mixed results
Cybersecurity Month26 Sep 2023 | 21
Mixin suspends deposits and withdrawals after $200m cryptocurrency heist
Cloud provider blamed for loss of 20% of exchange's capital
Cybersecurity Month25 Sep 2023 | 37
Apple squashes security bugs after iPhone flaws exploited by Predator spyware
Holes in iOS, macOS and more fixed following tip off from Google, Citizen Lab
Cybersecurity Month22 Sep 2023 | 6
ESA gets the job of building Europe's secure satcomms network
IRIS2 oversight deal signed as constellation’s schedule slips, and Ariane 6 hits another snag
Cybersecurity Month22 Sep 2023 | 4
US govt IT help desk techie 'leaked top secrets' to foreign nation
National defense files can earn you $55K … and espionage charges
Cybersecurity Month21 Sep 2023 | 15
Google exec: Microsoft Teams concession 'too little, too late'
If you don't tackle Redmond's abuse of software licensing in rival clouds it'll be game over for innovation, warns Amit Zavery
Cloud Infrastructure Week15 Sep 2023 | 39
There are lots of ways to put a database in the cloud – here's what to consider
Feature Choosing the right one for you means understanding the trade-off, says MySQL expert Peter Zaitsev
Cloud Infrastructure Week15 Sep 2023 | 3
The Pentagon has no idea how to deal with bad cloud contracts, say auditors
Terrible IT practices at the DoD? You don't say
Cloud Infrastructure Week14 Sep 2023 | 9
Here's why cloud credentials are the hottest item on criminal marketplaces
And they cost less than a box of donuts
Cloud Infrastructure Week14 Sep 2023 | 5
Cloud infrastructure security is having an identity crisis. Can CIEM help?
Who's that poking around in your infrastructure? Roles, permissions, policies, and more
Cloud Infrastructure Week13 Sep 2023 |
Guess what? Ask clouds to behave like old-school vendors, they will – and you lose
Same salespeople and same lock-in, which may actually help this time
Cloud Infrastructure Week13 Sep 2023 | 7
Despite the hype, generative AI is not a significant chunk of enterprise cloud spend
Not to be a buzzkill, but let's take a deep dive into the disparity
Cloud Infrastructure Week12 Sep 2023 | 3
The future of the cloud sure looks like it'll be paved in even more custom silicon
You're probably using cloud providers bespoke chips already and not even know it
Cloud Infrastructure Week12 Sep 2023 | 6
Biting the hand that feeds IT
