The Register

Get ready for SANS Institute’s biggest ever Asia-Pacific training event Promo  Whatever your plans for the third quarter of 2021, an emerging security vulnerability or a network security breach has the potential to throw them into disarray. Unless, of course, you’ve made the effort to hone your existing skills or expand your knowledge into new areas ahead of time.… READ MORE HERE…

You gotta work hard for those three-bytes-a-second transfers, though Apple’s Find My network, used to locate iOS and macOS devices – and more recently AirTags and other kit – also turns out to be a potential espionage tool.… READ MORE HERE…

Preserving privacy is hard. I know because when I tried, I quickly learned not to play with weapons Column  Nearly a decade ago I decided to try my hand as a cryptographer. It went about as well as you might expect. I’d gotten the crazy idea to write a tool that would encrypt Twitter’s direct messages – sent in the clear – so that your private communications would truly be private, visible to no one, including Twitter.… READ MORE HERE…

‘This can happen to anybody. There’s always learning in any crisis. And we were no exception’ CyberUK 21  SolarWinds’ chief exec has described the 18,000 customers who downloaded backdoored versions of its Orion software as a “very small” number while giving a speech to an infosec event.… READ MORE HERE…

Someone at West Midlands Trains approved nasty cybersecurity drill UK rail operator West Midlands Trains sent an email to 2,500 employees to thank them for hard work during COVID and promised a one-time bonus as a reward, but that lovely news turned out to be phishing training. Needless to say, it did not go over well.… READ MORE HERE…

But we heard the message loud and clear – it’s pretty much the standard runtime platform now Kubecon  A session on how to hack into a Kubernetes cluster was among the highlights of a Kubecon where the main events were generally bland and corporate affairs, perhaps indicative of the technology now being a de facto infrastructure standard among enterprises.… READ MORE HERE…

Also we fixed SS7 use by British telcos. How? Why? Not saying Domains’n’hosting outfit Namecheap harboured more than a quarter of all known phishing sites that falsely posed as UK government web presences during 2020, according to the National Cyber Security Centre today.… READ MORE HERE…

Plus: NCSC warns of how hostile powers may exploit smart city infrastructure Russian spies from APT29 responded to Western agencies outing their tactics by adopting a red-teaming tool to blend into targets’ networks as a legitimate pentesting exercise.… READ MORE HERE…

Software giant vows data processing of EU cloud services to stay in EU, which means that currently… Microsoft has announced plans to ensure data processing of EU cloud services within the borders of the political bloc in a move that expert observers claim reveals problems with the firm’s existing setup.… READ MORE HERE…