January 2025

DNA sequencers found running ancient BIOS, posing risk to clinical research

Devices on six-year-old firmware vulnerable to takeover and destruction Updated  Argentine cybersecurity shop Eclypsium claims security issues affecting leading DNA sequencing devices could lead to disruptions in crucial clinical research.…

UN’s aviation agency confirms attack on recruitment database

Various data points compromised but no risk to flight security The International Civil Aviation Organization (ICAO), the United Nations' aviation agency, has confirmed to The Register that a cyber crim did indeed steal 42,000 records from its recruitment database.…

Crims backdoored the backdoors they supplied to other miscreants. Then the domains lapsed

Here's what $20 gets you these days More than 4,000 unique backdoors are using expired domains and/or abandoned infrastructure, and many of these expose government and academia-owned hosts – thus setting these hosts up for hijacking by criminals who likely have less altruistic intentions than the security researchers…

Akamai to quit its CDN in China, seemingly not due to trouble from Beijing

Security and cloud compute have so much more upside than the boring business of shifting bits Akamai has decided to end its content delivery network services in China, but not because it’s finding it hard to do business in the Middle Kingdom.…

FCC boss urges speedy spectrum auction to fund ‘Rip’n’Replace’ of Chinese kit

Telcos would effectively fund grants paid to protect national security The outgoing boss of the FCC, Jessica Rosenworcel, has called on her colleagues to "quickly" adopt rules allowing the US regulator to stage a radio spectrum auction, the proceeds of which would fund the removal from American networks…

Turbulence at UN aviation agency as probe into potential data theft begins

Crime forum-dweller claims to have leaked 42,000 documents packed with personal info The United Nations' aviation agency is investigating "a potential information security incident" after a cybercriminal claimed they had laid hands on 42,000 of the branch's documents.…

DEF CON’s hacker-in-chief faces fortune in medical bills after paralyzing neck injury

Marc Rogers is 'lucky to be alive' Marc Rogers, DEF CON's head of security, faces tens of thousands of dollars in medical bills following an accident that left him with a broken neck and temporary quadriplegia.…

US adds web and gaming giant Tencent to list of Chinese military companies

This could be the start of a saga to rival TikTok’s troubles, and embroil Tesla and Microsoft The US Department of Defense has added Chinese messaging and gaming Tencent to its list of “Chinese military company”, a designation that won’t necessarily result in a ban but is nonetheless…

Charter, Consolidated, Windstream reportedly join China’s Salt Typhoon victim list

Slow drip of compromised telecom networks continues The list of telecommunications victims in the Salt Typhoon cyberattack continues to grow as a new report names Charter Communications, Consolidated Communications, and Windstream among those breached by Chinese government snoops.…

FireScam infostealer poses as Telegram Premium app to surveil Android devices

Once installed, it helps itself to your data like it's a free buffet Android malware dubbed FireScam tricks people into thinking they are downloading a Telegram Premium application that stealthily monitors victims' notifications, text messages, and app activity, while stealing sensitive information via Firebase services.…

Copyright © 2024 Lugapel