Security News > 2023

A data regulator has reminded companies they need to take care while writing emails to avoid unintentionally blurting out personal data. As a reminder for any Reg readers living under rocks, using the "BCC" field means that recipients cannot see each other's email addresses - useful for a bulk email with a large mailing list.

Google on Thursday announced that it will start testing a new feature called "Tracking Protection" starting January 4, 2024, to 1% of Chrome users as part of its efforts to deprecate third-party...

A novel multi-platform threat called NKAbuse has been discovered using a decentralized, peer-to-peer network connectivity protocol known as NKN (short for New Kind of Network) as a communications...

Instead of investing time in formulating non-binding pledges rather than working on actionable solutions, the US Government should adopt a more proactive stance by directly procuring advanced cybersecurity tools. By spearheading the implementation, through investment and education, the government can set a powerful example for the private sector to follow, thereby reinforcing the nation's cyber infrastructure.

"Multi-cloud computing offers huge benefits but makes IT far more complex," said Bernie Hoecker, partner, Enterprise Cloud Transformation leader, ISG. "Enterprises that have made the leap are adopting increasingly powerful tools to manage that complexity." Cloud observability platforms are increasingly essential as multi-cloud complexity increases, the report says.

Today's CIOs have evolved from managing IT infrastructure and ensuring systems' efficiency to becoming key business strategists, according to IDC. They stand at the intersection of technology and business, leveraging innovations to shape organizational directions, create value, and boost revenue for the company. As they move their organizations toward the goal of becoming a digital business, they are grappling with pressing challenges such as optimizing IT investments, fortifying cybersecurity, and driving innovation through generative AI. IDC expects companies to expand their digital business capabilities further as they seek to gain competitive advantage and CIOs will play a crucial role in the success of these efforts.

Kraft Heinz has confirmed that their systems are operating normally and that there is no evidence they were breached after an extortion group listed them on a data leak site. In a post to Snatch extortion group's data leak site dated August 16th, but not made visible until today, the threat actors claim that they breached Kraft Heinz.

A new Go-based multi-platform malware identified as 'NKAbuse' is the first malware abusing NKN technology for data exchange, making it a stealthy threat. NKN is a relatively new decentralized peer-to-peer network protocol leveraging blockchain technology to manage resources and maintain a secure and transparent model for network operations.

Microsoft has taken down US-based infrastructure and websites used by a cybercrime group to sell fraudulent online accounts to other crooks including Scattered Spider, the infamous social-engineering and extortion crew that hacked two Las Vegas casinos over the summer. The gang, Storm-1152, is the "Number one seller and creator of fraudulent Microsoft accounts" and has listed for sale 750 million of these, according to Amy Hogan-Burney, Microsoft's associate general counsel for cybersecurity policy and protection.

Since yesterday, users of Ubiquiti networking devices, ranging from routers to security cameras, have reported seeing other people's devices and notifications through the company's UniFi cloud services. Ubiquiti is a popular networking device manufacturer offering a cloud-based UniFi platform where admins can manage all their devices from a single cloud portal.