Ukraine's battlefield lessons show quantity and affordability now trump exquisite hardware NATO is unprepared to deal with attacks by cheap, mass-produced drones and urgently needs layered, affordable air defense systems to counter the threat, taking a cue from the experience gained by Ukrainian forces over the past four years.…
PLUS: US takes down Iranian propaganda sites; Marketing company asks 'Why Do We Have Your Information?' And more! Infosec In Brief Russian intelligence-affiliated parties are posing as customer support services on commercial messaging applications such as Signal to compromise accounts and conduct phishing attacks, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) warned last Friday.…
Rust security maintainers contend Nadim Kobeissi's vulnerability claims are too much Updated Since February, cryptographer Nadim Kobeissi has been trying to get code fixes applied to Rust cryptography libraries to address what he says are critical bugs. For his efforts, he's been dismissed, ignored, and banned from Rust security channels.…
Pedestrians crossing a street in Denver, Colorado, got rather more than they bargained for last weekend, when the audio signals at two crosswalks began broadcasting a political message alongside their usual walking instructions. Read more in my article on the Hot for Security blog.
Cams statistically more likely to ID Black people, says new research A UK police force has suspended its deployment of live facial recognition (LFR) technology after a study revealed it was statistically more likely to identify Black people on a watchlist database.…
Millions of hijacked devices powered traffic floods targeting defense systems and beyond The US government has moved to disrupt a cluster of IoT botnets behind some of the largest DDoS attacks ever recorded, including traffic bursts topping 30 terabits per second.…
Lack of clear criteria risks encouraging firms to lean on state support instead of worrying about insurance The UK's cyber watchdog has warned that the government's £1.5 billion bailout of Jaguar Land Rover (JLR) risks setting a troubling precedent for how Britain handles major cyber crises.…
A ransomware gang that claims to be a group of "investigative journalists"? Meet LeakNet - the group using fake CAPTCHA pages to trick employees into hacking themselves. Read more in my article on the Fortra blog.
Audit trails aplenty, but no price tag – and no clue how long your data sticks around Opinion Last week's UK government consultation on its plans for digital identity had quite a few things missing. It did not include a price estimate - something it said was due to decisions yet to be taken on the scheme's scope - or how long the government would keep "audit trail" records of ID checks.…
He would have gotten away with it too, if it weren't for a meddling security team's fear of USB On Call Each Friday The Register offers a fresh installment of On Call, the reader-contributed column that celebrates the fine art of tech support.…
Situation as at 31 December 2025
(first publication: 30 October 2024)
Situation as at 31 December 2025
Situation as at 31 December 2025
Last time: Beijing-backed snoops and ransomware crims. Who's next? Unknown baddies are abusing yet another critical Microsoft SharePoint bug to compromise victims' SharePoint servers, the US government warned.…
Chocolate Factory describes concession as an attempt to balance openess with safety It turns out you won't be limited to Google-verified apps and developers on Android after all. In the face of sustained community dissatisfaction with its developer verification requirement, Google has given Android users an out.…
Iran-linked attackers wiped employees' devices using Intune The US government has urged companies to better secure Microsoft Intune, an endpoint management tool that was abused in last week's cyberattack against med-tech firm Stryker.…