Blog
Drug addiction treatment service admits attackers stole sensitive patient data
Details of afflictions and care plastered online BayMark Health Services, one of the biggest drug addiction treatment facilities in the US, says it is notifying some patients this week that their sensitive personal information was stolen.…
Zero-day exploits plague Ivanti Connect Secure appliances for second year running
Factory resets and apply patches is the advice amid fortnight delay for other appliances The cybersecurity industry is urging those in charge of defending their orgs to take mitigation efforts "seriously" as Ivanti battles two dangerous new vulnerabilities, one of which was already being exploited as a zero-day.…
Security pros baited with fake Windows LDAP exploit traps
Tricky attackers trying yet again to deceive the good guys on home territory Security researchers are once again being lured into traps by attackers, this time with fake exploits of serious Microsoft security flaws.…
Japanese police claim China ran five-year cyberattack campaign targeting local orgs
‘MirrorFace’ group found ways to run malware in the Windows sandbox, which may be worrying Japan’s National Police Agency and Center of Incident Readiness and Strategy for Cybersecurity have confirmed third party reports of attacks on local orgs by publishing details of a years-long series of attacks attributed…
Database tables of student, teacher info stolen from PowerSchool in cyberattack
Class act: Cloud biz only serves 60M-plus folks globally, no biggie A leading education software maker has admitted its IT environment was compromised in a cyberattack, with students and teachers' personal data – including some Social Security Numbers and medical info – stolen.…
I tried hard, but didn’t fix all of cybersecurity, admits outgoing US National Cyber Director
In colossal surprise, ONCD boss Harry Coker says more work is needed The outgoing leader of the United States' Office of the National Cyber Director has a clear message for whomever President-elect Trump picks to be his successor: There's a lot of work still to do.…
DNA sequencers found running ancient BIOS, posing risk to clinical research
Devices on six-year-old firmware vulnerable to takeover and destruction Updated Argentine cybersecurity shop Eclypsium claims security issues affecting leading DNA sequencing devices could lead to disruptions in crucial clinical research.…
UN’s aviation agency confirms attack on recruitment database
Various data points compromised but no risk to flight security The International Civil Aviation Organization (ICAO), the United Nations' aviation agency, has confirmed to The Register that a cyber crim did indeed steal 42,000 records from its recruitment database.…
Crims backdoored the backdoors they supplied to other miscreants. Then the domains lapsed
Here's what $20 gets you these days More than 4,000 unique backdoors are using expired domains and/or abandoned infrastructure, and many of these expose government and academia-owned hosts – thus setting these hosts up for hijacking by criminals who likely have less altruistic intentions than the security researchers…
Akamai to quit its CDN in China, seemingly not due to trouble from Beijing
Security and cloud compute have so much more upside than the boring business of shifting bits Akamai has decided to end its content delivery network services in China, but not because it’s finding it hard to do business in the Middle Kingdom.…