The Register

And why it's not actually a leak Documents filed in crypto lender Celsius Networks' bankruptcy case have revealed financial info on more than 600,000 users.…

'Oh what a feeling' when your contractor leaks site source code Toyota has admitted it put 296,019 email addresses and customer management numbers of folks who signed up for its T-Connect assistance website at risk of online theft by bungling its security.…

It'll just go back to randomly shutting down accounts PayPal has backed away from fining its own customers up to $2,500 for promoting whatever it determines is "misinformation."…

Wouldn't want anyone to know how much luggage is lost, eh? Lufthansa over the weekend said it is banning Apple AirTags from checked bags, only to subsequently attribute the policy to the International Civil Aviation Organization (ICAO).…

How's that boot taste? Updated Russian miscreants claimed responsibility for knocking more than a dozen US airports' websites offline on Monday morning in what appeared to be a large-scale, distributed-denial-of-service (DDoS) attack.…

A faulty fastener could leave drivers with wheel in hand and no steering control Beleaguered electric automaker Rivian is facing another setback: the recall of nearly 80 percent of the vehicles it has produced.…

Gurus say source includes secret hardware info, private signing key for Boot Guard protection Source code for the BIOS used with Intel's 12th-gen Core processors has been leaked online, possibly including details of undocumented model-specific registers (MSRs) and even the private signing key for Intel's Boot Guard security technology.…

Keeping the contents of your clusters secure from whoever's hosting them Red Hat is backing a Cloud Native Computing Foundation (CNCF) project that aims to improve the security of containers in Kubernetes clusters by running them inside hardware-enforced enclaves.…

Expect more sequels than Rocky: Europeans' view of 'proportional' very different from US Comment The Trans-Atlantic Data Privacy Framework agreement between the EU and the US is unlikely to settle the issue of sharing personal data between the two economic superpowers, as a set of court cases and legal challenges loom on the horizon.…

While you're having a blast, your mobe could be telling your family you're dead Perhaps "a million hours of crash data, real-world driving and crash test labs" aren't quite enough for Apple's car crash detection feature on the iPhone 14 amid reports that it is being triggered by roller coasters.…

Delays and cancellations thought to have cost Aer Lingus millions Aer Lingus says it is in talks with its IT services supplier, former IBM arm Kyndryl, after the disastrous combo of a sliced fiber optic cable and a faulty network card on the backup line caused an IT systems outage that forced the airline to cancel more than 50 flights.…

China thinks America targets its tech to kill off competition, and some believe economic standoff on way Analysis Nvidia believes it will not be affected by the latest US controls on technology, if only because it is already under similar restrictions. However, the effects on Chinese companies could be dramatic amid fears of a protracted trade war.…

Cupertino managed to buck the trend with year-on-year growth of 40% Global PC shipments declined in calendar Q3 by 15 percent year-on-year thanks to reduced demand and lingering supply chain issues, according to number cruncher IDC.…

US consumers start to get the message about protecting themselves online End users, often viewed by infosec specialists as a corporation's weakest link, appear to be finally understanding the importance of good security and privacy practices.…

Research by Lansweeper shows Microsoft's stringent hardware requirements still at play Nearly 43 percent of millions of devices studied by asset management provider Lansweeper are unable to upgrade to Windows 11 due to the hardware requirements Microsoft set out for the operating system.…

Second of Singapore telco's Australian businesses to be prised open by criminals in weeks Singtel has confirmed that another Australian business it owns, consulting unit Dialog, has fallen victim to a cyber burglary just weeks after the mammoth data leak at telco Optus was revealed.…

Bespoke botnet up for grabs from outfit praised for, er, customer service A Russia based threat group that set up a malware distribution shop earlier this year is behind a Swiss Army knife-like botnet that comes with a range of other malicious capabilities, from stealing information to mining cryptocurrency.…

Challenge your people to try to break into your systems, and see how interesting life gets for your colleagues Opinion People are the biggest problem in corporate infosec. Make them the biggest asset. …

In the immortal words of Shaggy: It wasn't me Who, Me? This week's instalment of Who, Me takes a slightly different turn, as in the end (spoiler alert) it wasn't their fault. But what a lesson to learn, nonetheless.…

Expands into a sector so toxic many won't touch it Supposedly ingenious schemes to revolutionize the finance industry with crypto are not hard to find – nor are their failures. And scarcely a day passes on which a cryptocurrency venture's infosec is not found wanting. That sad situation is causing financial institutions sufficient pain that Mastercard thinks the time is ripe for a service that helps lenders to understand if their customers' crypto purchases are dangerous.…

Posture, posture, posture, posture, posture, posture, mushroom, mushroom Four researchers at the Unconventional Computing Laboratory at the University of West England have enlisted fungi to measure how people walk.…

US software developer Chetu ordered to pay restitution for employee's unlawful termination A telephone sales rep in the Netherlands has won an unfair dismissal court case against his former employer, US software company Chetu, after he was fired for refusing to spend his work day surveilled by his computer camera.…

To get you upgrading faster, vSphere will now be released for Initial Availability before reaching General Availability VMware has acknowledged what most IT pros have learned the hard way – never buy a first-generation product – with a revised release cadence for its flagship vSphere private cloud suite.…

Emperor penguin swipes Intel's attitude to ECC memory and maybe wimpy Mac performance too If the next version of the Linux kernel emerges a little slower than usual, blame a dodgy DIMM in Linus Torvalds's AMD Threadripper-powered PC and the vagaries of the memory market.…

PLUS: SK hynix outgasses Putin; Canon's new litho plant; Equinix into Indonesia; and more! Asia In Brief South Korean chipmakers Samsung and SK hynix have reportedly reacted cautiously to the Biden administration's swingeing bans on certain chip tech reaching China.…

RPKI is supposed to verify network routes. Instead, here's how it could be subverted An internet security mechanism called Resource Public Key Infrastructure (RPKI), intended to safeguard the routing of data traffic, is broken, according to security experts from Germany's ATHENE, the National Research Center for Applied Cybersecurity.…

It's not like the good old days with iffy cryptography and begging for keys Comment It's getting difficult these days to find a ransomware group that doesn't steal data and promise not to sell it if a ransom is paid off. What's more, these criminals are going down the extortion-only route, and not even bothering to scramble your files with encryption.…

Plus: US AI Bill of Rights, and a new framework to run models on AMD and Nvidia GPUs more flexibly In brief America's Pacific Northwest National Laboratory is looking into how AI technologies can be used to create a "Digital Police Officer" or "D-PO" in the future.…

Also, Albania almost called in NATO over cyber attacks, and Facebook warns of account-stealing mobile apps In brief An executive order signed by President Biden on Friday to setting out fresh rules on how the US and Europe share people's private personal info may still fall short of the EU's wishes, says the privacy advocate who defeated the previous regulations in court.…

Radio comms vulnerabilities detailed A couple of vulnerabilities in Ikea smart lighting systems can be exploited to make lights annoyingly flicker for hours.…

How's your day going? Cryptocurrency exchange Binance temporarily halted its blockchain network on Thursday in response to a cyberattack that led to the theft of two million BNB tokens, notionally exchangeable for $566 million in fiat currency.…

So is this why YMTC's CEO stepped down? Yangtze Memory Technologies Company (YMTC) is one of more than two dozen Chinese companies and institutions targeted in the Biden Administration’s latest round of export restrictions on semiconductor tech.…

Instead of a week of profits, mere days of net income for Cook The record-setting €1.1 billion fine levied against Apple by French authorities has been cut by two-thirds to just €372 million ($363 million) – an even more paltry sum for the world's first company to surpass $3 trillion in market valuation. …

… Including virtual machines as well as physical ones Friday Freeware Fest Elmar Hanlhofer's Plop Boot Managers are a small family of tiny tools to enable booting from media that a computer can't usually boot from.…

Probe takes highest resolution surface shot yet while citizen scientists get busy with their coloring pencils NASA's Juno probe had a close encounter with the Jovian moon Europa on September 29 and this week the space agency released the highest resolution photograph ever taken of its icy crust.…

New hardware? Consultants? You tell us because your infosec is off the grid The US Department of Energy has proposed regulations to financially reward cybersecurity modernization at power plants by offering rate deals for everything from buying new hardware to paying for outside help.…

Isn't it ironic: Potentially helping its former customers to ditch big iron Microsoft and Kyndryl have unveiled a new aspect of their global strategic partnership with plans to help enterprise customers make better use of data held on mainframe systems.…

Ubiquitous database language support continued through third-party tool, users told Fivetran, the automated data integration company once valued at $5.6 billion, has received a volley of criticism for ending direct support for ubiquitous data language SQL, leading to a frank mea culpa from its CEO.…

Made in Taiwan: Only TSMC seems to be dodging the downturn The bad news from the semiconductor industry continues as more chip companies report falling demand, with only TSMC bucking the trend and delivering higher than expected earnings for the quarter just ended.…

The multibillion dollar question: Will it make in-flight Wi-Fi on planes more expensive? Global satellite maker Viasat's proposed $7.3 billion purchase of rival Inmarsat is being held up because Britain's competition regulator is worried about the deal's impact on in-flight passenger Wi-Fi on planes.…

The Great Unresignation as inflation forces hordes of retirees back into work A sustained upswing in the cost of living is forcing hundreds of thousands of retirees across Britain to reconsider a return to the workplace.…

They probably shouldn't be connected in the first place, says database expert Only a third of PostgreSQL databases connected to the internet use SSL for encrypted messaging, according to a cloud database provider.…

But we can say what this upcoming protocol is good for Systems Approach Some might say there's a possibility QUIC will start to replace TCP. This week I want to argue that QUIC is actually solving a different problem than that solved by TCP, and so should be viewed as something other than a TCP replacement.…

They can't be any worse than some human developers Machine-learning models that power next-gen code-completion tools like GitHub Copilot can help software developers write more functional code, without making it less secure.…

What’s worse than absurd support requests at work? Ridiculous requests at home, that’s what On Call As another working week ebbs away into history, dispel any thoughts that your efforts have made no mark in history by wallowing in other readers’ misery in another instalment of On-Call, The Register’s weekly tale of being asked to fix the ridiculous and absurd.…

Kieren's here to chew bubblegum and kick Nominet ass. And he's all out of bubblegum Former Register journo Kieren McCarthy was this week elected to the board of Nominet, the domain registry in charge of the .uk name space.…

Microsoft has four entries on list of shame, Log4j tops the chart Three US national security agencies - CISA, the FBI and the NSA - on Thursday issued a joint advisory naming the 20 infosec exploited by state-sponsored Chinese threat actors since 2020.…

Meanwhile in China, Alibaba runs 500 delivery-bots and they’ve delivered 10 million items to Easy Street E-commerce behemoth Amazon.com has stopped work on its “Scout” parcel delivery robots.…

Q3 revenue still set to be up overall, Ryzen biz says in FYI to Wall St AMD has warned investors its guidance for quarterly revenue was out by $1.1 billion.…

Two Americans, a Japanese bloke and a Russian float into a lab. The bartender says... SpaceX has dropped off another four astronauts at the International Space Station, their Dragon capsule successfully docking just now with the orbiting lab.…