Jessica Lyons

@jessicalyons.bsky.social

Followers

196

Following

Posts

Cybersecurity editor at The Register. Mama bear, book worm, outdoor lover, coffee and wine snob.

Posts Replies Media

EXCLUSIVE A Microsoft zero-day exploit that Trend Micro's Zero Day Initiative team claims it found and reported to Redmond in May was disclosed and patched by the Windows giant in July's Patch Tuesday – but without any credit given to ZDI.

ZDI shames Microsoft for coordinated vuln disclosure snafuwww.theregister.com 'It seems like they really don't have a full grasp of what's going on with this patch'

After claiming to break into a database belonging to The Heritage Foundation, and then leaking 2GB of files belonging to the ultra-conservative think tank, the hacktivist crew SiegedSec claims to have disbanded.

'Gay furry hackers' disband after Project 2025 data theftwww.theregister.com Ultra-conservative org funnily enough not ready to turn the other cheek

Uncle Sam took another swing at Kaspersky Lab today and sanctioned a dozen C-suite and senior-level executives at the antivirus maker, but spared CEO and co-founder Eugene Kaspersky.

Uncle Sam sanctions Kaspersky leadership but not Eugenewww.theregister.com Here's America's list of the supposedly dirty dozen

Microsoft's Brad Smith also tried to say the fact that the US State Department — not Microsoft — discovered Chinese cyber spies in its officials' inboxes wasn't a security failure on Redmond's part, but rather "the way it should work."

Congress hammers Microsoft president on security after hackswww.theregister.com 'It's not our job to find the culprits – That's what we're paying you for' lawmaker scolds Brad Smith

Reposted by

Jessica Lyons

Why does the Pentagon persist with Microsoft after its awful cloud security, US senators are wondering out loud Check out this report by @jessicalyons.bsky.social www.theregister.com/2024/06/04/p...

Pentagon 'doubling down' on Microsoft despite security woeswww.theregister.com Meanwhile Mr Smith goes to Washington to testify before Congress

Billions of records detailing people's personal information may soon be dumped online after being allegedly obtained from a Florida firm that handles background checks and other requests for folks' private info.

Crooks threaten to leak 2.9B records of personal infowww.theregister.com Turns out opting out actually works?

Hudson Rock, citing legal pressure from Snowflake, has removed its online report that claimed miscreants broke into the cloud storage and analytics giant's underlying systems and stole data from potentially hundreds of customers including Ticketmaster and Santander Bank.

Hudson Rock yanks report into alleged Snowflake compromisewww.theregister.com Cloud storage giant lawyers up against infosec house

BreachForums is back online just weeks after the notorious ransomware leak site was seized by law enforcement.

BreachForums returns, just weeks after FBI-led takedownwww.theregister.com Website whack-a-mole getting worse

This was a fun interview with Mandiant CTO Charles Carmakal. Check out our discussion ⬇️

The cyberattacks against Las Vegas casinos over the summer put a big target on the backs of Scattered Spider, the suspected perps, Mandiant CTO Charles Carmakal told our @jessicalyons.bsky.social in an interview you can watch below... www.theregister.com/2024/05/23/m...

Casino cyberattacks put a bullseye on Scattered Spiderwww.theregister.com Mandiant CTO chats to The Reg about the looming fate of this ransomware crew

Canadian pharmacy chain London Drugs has confirmed that ransomware thugs stole some of its corporate files containing employee information and says it is "unwilling and unable to pay ransom to these cybercriminals."

London Drugs confirms ransomware as LockBit demands $25Mwww.theregister.com Pharmacy says it's 'unwilling and unable to pay ransom'

Digital intruders from China, Russia, and Iran breaking into US water systems this year should be a "wake-up call," according to former National Security Agency cyber boss Rob Joyce at RSA Conference this week.

Countries hacking infrastructure 'should be a wake-up call'www.theregister.com Having China, Russia, and Iran routinely rummaging around is cause for concern, says ex-NSA man

Check out my interview with CISA's Gabe Davis on the agency's pilot program to warn critical infra about ransomware-related vulnerabilities ⬇️

CISA's early-warning system helped critical organizations close 852 holes typically exploited by ransomware, we're told Find out more from Gabe Davis, CISA's acting risk intelligence and operations section chief, in this interview with @jessicalyons.bsky.social www.youtube.com/watch?v=XfCX...

CISA's ransomware vulnerability warnings helped critical orgs fix 852 bugswww.youtube.com CISA launched the Ransomware Vulnerability Warning Pilot (RVWP) in January 2023, and during its first year the warning system sent out 1,754 notifications to entities operating an internet-accessible vulnerable device. "We proactively look for these vulnerabilities, and make notifications to critical infrastructure organizations to let them know that the vulnerabilities in question are being exploited by ransomware threat groups, and that they should remediate those vulnerabilities as soon as possible," Gabe Davis, CISA's acting risk intelligence and operations section chief, told The Register's Cybersecurity Editor, Jessica Lyons in this interview.

"As chief executive officer, the decision to pay a ransom was mine," UnitedHealth CEO Andrew Witty will tell US lawmakers Wednesday as he testifies about the Change Healthcare breach.

UnitedHealth CEO: 'Decision to pay ransom was mine'www.theregister.com Congress to hear how Citrix MFA snafu led to massive data theft, $870M+ loss

Collaboration software used by federal government agencies — this includes apps from Microsoft, Zoom, Slack, and Google — will be required to work together and be securely end-to-end encrypted, if legislation proposed by US Senator Ron Wyden (D-OR) passes.

Feds' collab tools must be interoperable, encrypted – Wydenwww.theregister.com Doctorow: 'The most amazing part is that this isn't already the way it's done'

Reposted by

Jessica Lyons

* US ISP Frontier suffered an internal outage this week – now a confirmed cyberattack * Octapharma Plasma has blamed "network issues" for the ongoing closure of its 150-plus centers – a source tells us it's ransomware Details here by @jessicalyons.bsky.social www.theregister.com/2024/04/18/r...

Ransomware feared as Octapharma Plasma closes 150+ centerswww.theregister.com Source blames BlackSuit infection – as separately ISP Frontier confirms cyberattack

Once they have gained root, your TV essentially belongs to the intruder who can use that access to do all sorts of nefarious things: moving laterally through your home network, dropping malware, spying on you — or at the very least severely screwing up your streaming service algorithms.

Critical bugs in LG TVs could allow complete device takeoverwww.theregister.com Four fatal flaws allow TV takeover

Microsoft has therefore been let off the hook – just as it was after previous security failures that allowed Russia and China to snoop on its customers, including government agencies and other major corporations. www.theregister.com/2024/04/05/m...

US government keeps paying Microsoft despite infosec errorswww.theregister.com In what other sphere does a bad supplier not feel pain for its foulups?

The US on Monday accused seven Chinese men of breaking into computer networks, email accounts, and cloud storage belonging to numerous critical infrastructure organizations, companies, and individuals, including politicians and their political parties.

US charges 7 suspected Chinese cyber-spieswww.theregister.com Plus: Alleged front sanctioned, UK blames PRC for Electoral Commission theft, and does America need a Cyber Force?

Vulnerabilities in common Electronic Logging Devices (ELDs) required in US commercial trucks could be present in over 14 million medium- and heavy-duty rigs, according to boffins at Colorado State University.

Truck-to-truck worm could infect entire US fleetwww.theregister.com The device that makes it possible is required in all American big rigs, and has poor security

Microsoft has now confirmed that the Russian cyberspies who broke into its executives' email accounts stole source code and gained access to internal systems. The intrusion is "ongoing."

Microsoft confirms Russian spies stole source codewww.theregister.com Still "no evidence" of any compromised customer-facing systems, we're told

"Some of our HUMINT sources with direct contact to Notchy says it's high probability that Notchy is associated with China Nation-State groups," Menlo Security's threat intel team said in a report.

Possible China link to Change Healthcare ransomware attackwww.theregister.com Alleged crim bought SmartScreen Killer, Cobalt Strike on dark-web markets

The US government has stepped in to help hospitals and other healthcare providers affected by the Change Healthcare ransomware infection, offering more relaxed Medicare rules and urging advanced funding to providers.

Uncle Sam intervenes in Change Healthcare ransomware fiascowww.theregister.com As the crooks behind the attack - probably ALPHV/BlackCat - fake their own demise

"This election cycle, the US will face more adversaries, moving at a faster pace, and enabled by new technology," warned FBI director Christopher Wray, ahead of Super Tuesday.

US elections face existential and homegrown threatswww.theregister.com Misinformation is rife, AI makes it easier to create, and 42 percent of the planet’s inhabitants get to vote this year

ALPHV/BlackCat, the gang behind the Change Healthcare cyberattack, has received more than $22 million in Bitcoin in what might be a ransomware payment.

Change Healthcare extortionists ALPHV get $22M in Bitcoinwww.theregister.com No honor among thieves?

The Biden Administration has asked a court to renew controversial warrantless surveillance powers used by American intelligence and due to expire within weeks. It's a move that is either business as usual or an end-run around spying reforms, depending on who in Washington you believe.

FBI gets at least four more months of Section 702 snoopingwww.theregister.com Congress renews warrantless spying tool scribbled on back of huge check for Pentagon

It should go without saying that these are criminals, and not the most trustworthy sources of information. Plus, ransomware crews have been known to exaggerate their claims of stolen data to increase the pressure on those hit to pay up quickly.

ALPHV lists Change Healthcare, claims 6TB stolen datawww.theregister.com Brags it lifted 6TB of data, but let's remember these people are criminals and not worthy of much trust

US President Joe Biden is expected to sign an executive order today that aims to prevent the sale or transfer of Americans' sensitive personal information and government-related data to adversarial countries including China and Russia.

White House proposes banning sale of personal data to Chinawww.theregister.com Biden readies executive order targeting China, Russia, and pals

Cybercrims: When we hit IT, they sometimes pay, but when we hit OT... jackpot

Cybercriminals follow the money to hit manufacturing sectorwww.theregister.com Or so says opsec firm, which confirms 70% of all industrial org ransomware in 2023 targeted manufacturers

The ALPHV/BlackCat ransomware gang is reportedly responsible for the massive Change Healthcare cyberattack that has disrupted pharmacies across the US since last week.

ALPHV responsible for Change Healthcare cyberattackwww.theregister.com US government's bounty hasn't borne fruit as whack-a-mole game goes on

Reposted by

Jessica Lyons

ALPHV/BlackCat responsible for Change Healthcare cyberattack

ALPHV responsible for Change Healthcare cyberattackwww.theregister.com US government's bounty hasn't borne fruit as whack-a-mole game goes on