Cybersecurity
Trickbot malware scumbag gets five years for infecting hospitals, businesses
Rest of the crew still at large A former Trickbot developer has been sent down for five years and four months for his role in infecting American hospitals and businesses with ransomware and other malware, costing victims tens of millions of dollars in losses.…
EquiLend drags systems offline after admitting attacker broke in
Securities lender processes trillions of dollars worth of Wall Street transactions every day US securities lender EquiLend has pulled a number of its systems offline after a security "incident" in which an attacker gained "unauthorized access".…
HPE joins the ‘our executive email was hacked by Russia’ club
Moscow-backed Cozy Bear may have had access to the green rectangular email cloud for six months HPE has become the latest tech giant to admit it has been compromised by Russian operatives.…
US judge rejects spyware developer NSO’s attempt to bin Apple’s spyware lawsuit
Judge says anti-hacking laws fits Pegasus case "to a T" A US court has rejected spyware vendor NSO Group's motion to dismiss a lawsuit filed by Apple that alleges the developer violated computer fraud and other laws by infecting customers' iDevices with its surveillance software.…
Major IT outage at Europe’s largest caravan and RV club makes for not-so-happy campers
1 million members still searching for answers as IT issues floor primary digital services The UK's Caravan and Motorhome Club (CAMC) is battling a suspected cyberattack with members reporting widespread IT outages for the past five days.…
Using GoAnywhere MFT for file transfers? Patch now – an exploit’s out for a critical bug
Ancient path traversal exploit offers remote attackers admin access Security experts are wasting no time in publishing working exploits for a critical vulnerability in Fortra GoAnywhere MFT, which was publicly disclosed just over a day ago.…
What Microsoft’s latest email breach says about this IT security heavyweight
Senator Wyden tells The Reg this latest security lapse is 'inexcusable' Comment For most organizations – especially security vendors – disclosing a corporate email breach, in which executives' internal messages and attachments were stolen, would noticeably ding their stock prices.…
COVID-19 test lab accused of exposing 1.3 million patient records to open internet
Now that's a Dutch crunch A password-less database containing an estimated 1.3 million sets of Dutch COVID-19 testing records was left exposed to the open internet, and it's not clear if anyone is taking responsibility.…
GCHQ’s NCSC warns of ‘realistic possibility’ AI will help state-backed malware evade detection
That means Brit spies want the ability to do exactly that, huh? The idea that AI could generate super-potent and undetectable malware has been bandied about for years – and also already debunked. However, an article published today by the UK National Cyber Security Centre (NCSC) suggests there…
CISA boss swatted: ‘While my own experience was certainly harrowing, it was unfortunately not unique’
Election officials, judges, politicians, and gamers are in swatters' crosshairs CISA Director Jen Easterly has confirmed she was the subject of a swatting attempt on December 30 after a bogus report of a shooting at her home.…