The Register

1. Uncle Sam wants DEF CON hackers to pwn this Moonlighter satellite in space

   'World's first and only' orbiting infosec playpen due to blast off today

   Feature  Assuming the weather and engineering gods cooperate, a US government-funded satellite dubbed Moonlighter will launch at 1235 EDT (1635 UTC) on Saturday, hitching a ride on a SpaceX rocket before being releasing into Earth's orbit.…

2. Malaysia goes its own Huawei, won't ban Chinese vendor from 5G network

   Country to have two networks as first buildout falls behind schedule

   Malaysia could be putting itself on a collision course with the EU and US as the country looks set to allow Chinese suppliers including Huawei a chance to play a part in its planned 5G network rollout.…

3. This malicious PyPI package mixed source and compiled code to dodge detection

   Oh cool, something else to scan for

   Researchers recently uncovered the following novel attack on the Python Package Index (PyPI).…

4. You might have been phished by the gang that stole North Korea’s lousy rocket tech

   US, South Korea, warn 'Kimsuky' is a very sophisticated social engineer

   The United States and the Republic of Korea have issued a joint cyber security advisory [PDF] about North Koreas "Kimsuky" cyber crime group.…

5. Millions of Gigabyte PC motherboards backdoored? What's the actual score?

   It's the 2020s and we're still running code automatically fetched over HTTP

   FAQ  You may have seen some headlines about a supply-chain backdoor in millions of Gigabyte motherboards. Here's the lowdown.…

6. Deployed publicly accessible MOVEit Transfer? Oh no. Mass exploitation underway

   Time to MOVEit, MOVEit. We don't like to MOVEit, MOVEit

   Security researchers and the US government have sounded the alarm on a flaw in Progress Software's MOVEit Transfer that criminals have been "mass exploiting" for at least a month to break into IT environments and steal data.…

7. Kremlin claims Apple helped NSA spy on diplomats via iPhone backdoor

   Did we just time warp back to 2013?

   Russian intelligence has accused American snoops and Apple of working together to backdoor iPhones to spy on "thousands" of diplomats worldwide.…

8. The downside of frenemies

   Are DevOps Tools a potential risk to your software supply chain security?

   Webinar  Popular DevOps tools are great when it comes to helping developers optimize digital infrastructure, but there's a potential downside – the hidden risks they can contain which may compromise your supply chain.…

9. Amazon Ring, Alexa accused of every nightmare IoT security fail you can imagine

   Staff able to watch customers in the bathroom? Tick! Obviously shabby infosec? Tick! Training AI as an excuse for data retention? Tick!

   America's Federal Trade Commission has made Amazon a case study for every cautionary tale about how sloppily designed internet-of-things devices and associated services represent a risk to privacy – and made the cost of those actions, as alleged, a mere $30.8 million.…

10. Ukraine war blurs lines between cyber-crims and state-sponsored attackers

    This RomCom is no laughing matter

    A change in the deployment of the RomCom malware strain has illustrated the blurring distinction between cyberattacks motivated by money and those fueled by geopolitics, in this case Russia's illegal invasion of Ukraine, according to Trend Micro analysts.…