2024

US military grounds entire Osprey tiltrotor fleet over safety concerns

Boeing-Bell V-22 can't outfly its checkered past, it seems The US Navy, Air Force, and Marine Corps have grounded their fleet of Boeing-Bell-made Osprey V-22s on safety grounds.…

AMD secure VM tech undone by DRAM meddling

Boffins devise BadRAM attack to pilfer secrets from SEV-SNP encrypted memory Researchers have found that the security mechanism AMD uses to protect virtual machine memory can be bypassed with $10 of hardware – and perhaps not even that.…

Fully patched Cleo products under renewed ‘zero-day-ish’ mass attack

Thousands of servers targeted while customers wait for patches Researchers at security shop Huntress are seeing mass exploitation of a vulnerability affecting three Cleo file management products, even on patched systems.…

Heart surgery device maker’s security bypassed, data encrypted and stolen

Sounds like th-aorta get this sorted quickly A manufacturer of devices used in heart surgeries says it's dealing with "a cybersecurity incident" that bears all the hallmarks of a ransomware attack.…

Bitfinex heist gets the Netflix treatment after ‘cringey couple’ sentenced

Streamer's trademark dramatic style takes on Bitcoin Bonnie and Clyde A documentary examining the 2016 Bitfinex burglars hits Netflix, bringing the curious case to living rooms for the first time.…

WhatsApp finally fixes View Once flaw that allowed theft of supposedly vanishing pics

And it only took four months, tut WhatsApp has fixed a problem with its View Once feature, designed to protect people's privacy with automatically disappearing pictures and videos.…

Crooks stole AWS credentials from misconfigured sites then kept them in open S3 bucket

ShinyHunters-linked heist thought to have been ongoing since March Exclusive  A massive online heist targeting AWS customers during which digital crooks abused misconfigurations in public websites and stole source code, thousands of credentials, and other secrets remains "ongoing to this day," according to security researchers.…

OpenWrt orders router firmware updates after supply chain attack scare

A couple of bugs lead to a potentially bad time OpenWrt users should upgrade their images to the same version to protect themselves from a possible supply chain attack reported to the open source Wi-Fi router project last week.…

Microsoft dangles $10K for hackers to hijack LLM email service

Outsmart an AI, win a little Christmas cash Microsoft and friends have challenged AI hackers to break a simulated LLM-integrated email client with a prompt injection attack – and the winning teams will share a $10,000 prize pool.…

How Chinese insiders are stealing data scooped up by President Xi’s national surveillance system

'It's a double-edged sword,' security researchers tell The Reg Feature  Chinese tech company employees and government workers are siphoning off user data and selling it online - and even high-ranking Chinese Communist Party officials and FBI-wanted hackers' sensitive information is being peddled by the Middle Kingdom's thriving illegal…

Copyright © 2024 Lugapel