July 10, 2024

Snowflake lets admins make MFA mandatory across all user accounts

Company announces intent following Ticketmaster, Santander break-ins A month after incident response giant Mandiant suggested the litany of data thefts linked to Snowflake account intrusions had the common component of lacking multi-factor authentication (MFA) controls, the cloud storage and data analytics company is offering a mandatory MFA option…

Malware that is ‘not ransomware’ wormed its way through Fujitsu Japan’s systems

Company says data exfiltration was extremely difficult to detect Fujitsu Japan says an unspecified "advanced" malware strain was to blame for a March data theft, insisting the strain was "not ransomware", yet it hasn't revealed how many individuals are affected.…

Ransomware crews investing in custom data stealing malware

BlackByte, LockBit among the criminals using bespoke tools As ransomware crews increasingly shift beyond just encrypting victims' files and demanding a payment to unlock them, instead swiping sensitive info straight away, some of the more mature crime organizations are developing custom malware for their data theft.…

Big Tech’s eventual response to my LLM-crasher bug report was dire

Fixes have been made, it appears, but disclosure or discussion is invisible Column  Found a bug? It turns out that reporting it with a story in The Register works remarkably well ... mostly. After publication of my "Kryptonite" article about a prompt that crashes many AI chatbots, I…

ViperSoftX variant spotted abusing .NET runtime to disguise data theft

Freeware AutoIt also used to hide entire PowerShell environments in scripts A rapidly-changing infostealer malware known as ViperSoftX has evolved to become more dangerous, according to security researchers at threat detection vendor Trellix.…

Copyright © 2024 Lugapel