Chrome, Firefox patch privacy-destroying security flaw • The Register
Google pushed out an emergency patch for Chrome on Windows this week to stop attackers exploiting a sandbox-breaking zero-day vulnerability, seemingly used by snoops to target certain folks in Russia. Now Mozilla's doing damage control, too, after spotting a...
Ransomware gang uses song to claim it cracked American ISP • The Register
A cyber-crime ring calling itself Arkana has made a cringe music video to boast of an alleged theft of subscriber account data from Colorado-based cableco WideOpenWest (literally, WOW!) The video features gloomy music plus narration and text in Russian that...
Hijacked Microsoft Stream classic domain “spams” SharePoint sites
The legacy domain for Microsoft Stream was hijacked to show a fake Amazon site promoting a Thailand casino, causing all SharePoint sites with old embedded videos to display it as spam. Microsoft Stream is an enterprise video streaming service that allows...
China’s FamousSparrow flies back, breaches US org • The Register
The China-aligned FamousSparrow crew has resurfaced after a long period of presumed inactivity, compromising a US financial-sector trade group and a Mexican research institute. The gang also likely targeted a governmental institution in Honduras, along with...
New Windows scheduled task will launch Office apps faster
In May, Microsoft plans to roll out a new Windows scheduled task that launches automatically to help Microsoft Office apps load faster. The company says the "Startup Boost" task will launch in the background on logon, with the roll-out to start in mid-May and...
Resecurity turns the table on BlackLock ransomware • The Register
Here's one you don't see every day: A cybersecurity vendor is admitting to breaking into a notorious ransomware crew's infrastructure and gathering data it relayed to national agencies to help victims. Resecurity said it contributed to the shuttering of the...
CrushFTP CEO flames VulnCheck for assigning critical CVE • The Register
CrushFTP's CEO is not happy with VulnCheck after the CVE numbering authority (CNA) released an unofficial ID for the critical vulnerability in its file transfer tech disclosed almost a week ago. According to an email exchange between CrushFTP's Ben Spink and...
UK’s first permanent facial recognition cameras installed • The Register
The Metropolitan Police has confirmed its first permanent installation of live facial recognition (LFR) cameras is coming this summer and the lucky location will be the South London suburb of Croydon. The two cameras will be installed in the city center in an...
ICO fines NHS software supplier £3M for ransomware failings • The Register
The UK's data protection watchdog is dishing out a £3.07 million ($3.95 million) fine to Advanced Computer Software Group, whose subsidiary's security failings led to a ransomware attack affecting NHS care. Among the data pilfered by ransomware crooks were the...
UK fines software provider £3.07 million for 2022 ransomware breach
The UK Information Commissioner's Office (ICO) has issued a £3.07 million fine on Advanced Computer Software Group Ltd for a 2022 ransomware attack that exposed the sensitive personal data of 79,404 people, including National Health Service (NHS) patients. The...