The truth about that draft law banning Uncle Sam buying insecure software

The Register - 46 min 26 sec ago
There's always a get-out clause

An attempt by lawmakers to improve parts of the US government's cybersecurity defenses has raised questions – and hackles – among infosec professionals.…

Categories: News

Keeping the keys to the kingdom secure

The Register - Thu, 18/08/2022 - 17:30
Learn how you can improve your password security and keep your organization's data safe

Webinar  Believe it or not the word 'password' is still being used as the most common password across all industries, including retail and ecommerce.…

Categories: News

Google blocks third record-breaking DDoS attack in as many months

The Register - Thu, 18/08/2022 - 17:00
46 million requests per second network flood comes as attacks increase by more than 200% compared to last year

Google says it has blocked the largest ever HTTPS-based distributed-denial-of-service (DDoS) attack in June, which peaked at 46 million requests per second.…

Categories: News

Ransomware attack on UK water company clouded by confusion

The Register - Thu, 18/08/2022 - 07:28
Clop gang thought it hit Thames Water – but real victim was elsewhere

A water company in the drought-hit UK was recently compromised by a ransomware gang, though initially it was unclear exactly which water company was the victim.…

Categories: News

Deluge of of entries to Spamhaus blocklists includes 'various household names'

The Register - Thu, 18/08/2022 - 06:59
Nastymail tracking service blames sloppy sending practices for swelling lists of dangerous mailers

Spam-tracking service Spamhaus reported Tuesday that some of the world's biggest brands are getting loose with their email practices, causing its spam blocklists (SBL) to swell significantly.…

Categories: News

Janet Jackson music video declared a cybersecurity vulnerability

The Register - Thu, 18/08/2022 - 06:30
Another reason not to play 1989's Rhythm Nation – it messes with some hard disk drives

The music video for Janet Jackson's 1989 pop hit Rhythm Nation has been recognized as a cybersecurity vulnerability after Microsoft reported it can crash old laptop computers.…

Categories: News

Google, Apple squash exploitable browser bugs

The Register - Wed, 17/08/2022 - 23:47
Chrome flaw has public exploit, WebKit hole actively abused along with kernel escalation

Google has issued 11 security fixes for desktop Chrome, including one bug that has an exploit for it out in the wild.…

Categories: News

Software developer cracks Hyundai car security with Google search

The Register - Wed, 17/08/2022 - 21:19
Top tip: Your RSA private key should not be copied from a public code tutorial

A developer says he was able to run his own software on his car infotainment hardware after discovering the vehicle's manufacturer had secured its system using keys that were not only publicly known but had been lifted from programming examples.…

Categories: News

After 7 years, long-term threat DarkTortilla crypter is still evolving

The Register - Wed, 17/08/2022 - 19:41
.NET-based malware can push wide range of malicious payloads, and evades detection, Secureworks says

A highly pervasive .NET-based crypter that has flown under the radar since about 2015 and can deliver a wide range of malicious payloads continues to evolve rapidly, with almost 10,000 code samples being uploaded to VirusTotal over a 16-month period.…

Categories: News

How to stop the evil lurking in the shadows

The Register - Wed, 17/08/2022 - 17:54

Webinar  Barely a day goes by without news of a ransomware attack somewhere in the media. And these types of cyber security incident can seriously derail financial, social, health and industrial activity, inflicting massive damage and requiring a multiagency response in their aftermath.…

Categories: News

TikTok wants your trust around US midterm elections data

The Register - Wed, 17/08/2022 - 17:00
Misinformation's a concern, but Chinese media giant's own data privacy practices also have people worried

TikTok has joined Twitter in publishing new US midterm misinformation rules, with considerable crossover in scope and style.…

Categories: News

Mozilla finds 18 of 25 popular reproductive health apps leak data

The Register - Wed, 17/08/2022 - 09:00
Scary in post-Roe America, and Poland, and far too many other places

It's official: your period and/or pregnancy tracker will probably share your data with law enforcement. And they might even do it on purpose.…

Categories: News

Russian military uses Chinese drones and bots in combat, over manufacturers' protests

The Register - Wed, 17/08/2022 - 06:30
Testimonials from Russian generals not welcomed by DJI or Unitree Robotics

Russia's military has praised civilian grade Chinese-made drones and robots for having performed well on the battlefield, leading their manufacturers to point out the equipment is not intended or sold for military purposes.…

Categories: News

RubyGems now requires multi-factor auth for top package maintainers

The Register - Wed, 17/08/2022 - 00:17
Sign-on you crazy diamond, the Ruby programming community's software package registry, now requires maintainers of popular "gems" to secure their accounts using multi-factor authentication (MFA).…

Categories: News

SEC says brokerage accounts hijacked for $1.3m pump-and-dump scam

The Register - Tue, 16/08/2022 - 22:25
18 people and businesses charged, one giant web of connections

America's financial watchdog has accused 18 individuals and shell companies of using compromised brokerage accounts to manipulate stock prices to rake in $1.3 million in illicit profits.…

Categories: News

PC store told it can't claim full cyber-crime insurance after social-engineering attack

The Register - Tue, 16/08/2022 - 17:43
Two different kinds of fraud, says judge while throwing out lawsuit against insurer

A Minnesota computer store suing its crime insurance provider has had its case dismissed, with the courts saying it was a clear instance of social engineering, a crime for which the insurer was only liable to cover a fraction of total losses.…

Categories: News

Do you know what’s happening on your users’ devices?

The Register - Tue, 16/08/2022 - 15:39
Head this way to find if your strategy’s on (end) point

Sponsored Post  You might be happy with your cloud infrastructure and totally on top of your internal network, but one thing for certain is that whatever your workforce is doing, they'll have endpoints. Are you sure you know exactly what's happening on all those devices?…

Categories: News

Microsoft's macOS Tamper Protection hits general availability

The Register - Tue, 16/08/2022 - 15:03
A boon for administrators having to deal with Apple hardware while also keeping everything secure

Microsoft Defender for Endpoint's Tamper Protection in macOS has entered general availability.…

Categories: News

1,900 Signal users exposed: Twilio attacker 'explicitly' looked for certain numbers

The Register - Tue, 16/08/2022 - 13:33
Bad guy also got SMS verification codes, and re-registered one of the numbers they searched for

The security breach at Twilio earlier this month affected at least one high-value customer, Signal, and led to the exposure of the phone number and SMS registration codes for 1,900 users of the encrypted messaging service, it confirmed.…

Categories: News

Reckon Russian spies are lurking in your inbox? Check for these IOCs, Microsoft says

The Register - Tue, 16/08/2022 - 11:16
Seaborgium targeted dozens of orgs this year alone

Microsoft said it disabled accounts used by Russian-linked Seaborgium troupe to phish and steal credentials from its customers as part of the cybercrime gang's illicit spying and data-stealing activities.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News