The Register

Cryptography whizz Phil Zimmermann looks back at 30 years of Pretty Good Privacy

The Register Encryption and verification package Pretty Good Privacy (PGP) has celebrated a troubled 30 years of securing secrets and giving cypherpunks an excuse to meet in person, with original developer and security specialist Phil Zimmermann toasting a world where encryption is common but, he warns, still under threat. It was on this day (6 …

Cryptography whizz Phil Zimmermann looks back at 30 years of Pretty Good Privacy Read More »

Uncle Sam recovers 63.7 of 75 Bitcoins Colonial Pipeline paid to ransomware crew

The Register The US Department of Justice on Monday said it has recovered 63.7 Bitcoins, right now worth $2.1m and falling, of the 75 or so BTC the Colonial Pipeline operators paid the ransomware miscreants who infected the fuel provider’s computers. Deputy Attorney General Lisa Monaco said Colonial contacted the Feds shortly after some of …

Uncle Sam recovers 63.7 of 75 Bitcoins Colonial Pipeline paid to ransomware crew Read More »

Good news for pentesters and network admins: US issues ransomware guidance asking biz to skill up security teams

The Register The White House has issued a communique to business leaders urging them to take the threat of ransomware a bit more seriously. The memo, from deputy national security advisor for Cyber and Emerging Technology Anne Neuberger, said the private sector has a “critical responsibility” to protect their businesses against ransomware. Full article

New Zealand hospitals infected by ransomware, cancel some surgeries

The Register New Zealand’s Waikato District Health Board (DHB) has been hit with a strain of ransomware that took down most IT services Tuesday morning and drastically reduced services at six of its affiliate hospitals. The attack disabled all IT services except email. Patient notes a became inaccessible, clinical services were disrupted and surgeries postponed …

New Zealand hospitals infected by ransomware, cancel some surgeries Read More »

Oops, says Manchester City Council after thousands of number plates exposed in parking ticket spreadsheet

The Register anchester City Council exposed online the number plates of more than 60,000 cars slapped with parking tickets, breaking data protection laws as it did so. In what appears to be a sincere if misguided attempt to provide public accountability over parking wardens, the council publishes income from parking tickets online in the open …

Oops, says Manchester City Council after thousands of number plates exposed in parking ticket spreadsheet Read More »

Ransomware victim Colonial Pipeline paid $5m to get oil pumping again, restored from backups anyway – report

The Register Colonial Pipeline’s operators reportedly paid $5m to regain control of their digital systems and get the pipeline pumping oil following last week’s ransomware infection. News of the payoff was broken by Bloomberg – which not only cited anonymous sources but also mocked other news outlets’ anonymous sources for saying earlier this week that …

Ransomware victim Colonial Pipeline paid $5m to get oil pumping again, restored from backups anyway – report Read More »

Russian cyber-spies changed tactics after the UK and US outed their techniques – so here’s a list of those changes

The Register Russian spies from APT29 responded to Western agencies outing their tactics by adopting a red-teaming tool to blend into targets’ networks as a legitimate pentesting exercise. Now, the UK’s National Cyber Security Centre (NCSC) and the US warn, the SVR is busy exploiting a dozen critical-rated vulns (including RCEs) in equipment ranging from …

Russian cyber-spies changed tactics after the UK and US outed their techniques – so here’s a list of those changes Read More »

Privacy activist Max Schrems on Microsoft’s EU data move: It won’t keep the NSA away

The Register Microsoft has announced plans to ensure data processing of EU cloud services within the borders of the political bloc in a move that expert observers claim reveals problems with the firm’s existing setup. Those problems extend to UK public sector organisations seeking to stick within government guidance as well as a longstanding issue …

Privacy activist Max Schrems on Microsoft’s EU data move: It won’t keep the NSA away Read More »

21 nails in Exim mail server: Vulnerabilities enable ‘full remote unauthenticated code execution’, millions of boxes at risk

The Register Researchers at security biz Qualys discovered 21 vulnerabilities in Exim, a popular mail server, which can be chained to obtain “a full remote unauthenticated code execution and gain root privileges on the Exim Server.” Exim is a mail transfer agent (MTA), responsible for receiving and forwarding email messages. It runs primarily on Unix …

21 nails in Exim mail server: Vulnerabilities enable ‘full remote unauthenticated code execution’, millions of boxes at risk Read More »

East London council blurts thousands of residents’ email addresses in To field blunder

The Register A local authority in East London has committed a classic privacy blunder by emailing what appear to be thousands of residents – while forgetting to use the BCC field and exposing all of the email addresseses to each recipient. The cockup, which happened on Monday, had locals in the borough of Tower Hamlets …

East London council blurts thousands of residents’ email addresses in To field blunder Read More »