News

Millions of personal files exposed by insurance biz, serial web hacker strikes again, and more from infosec land

The Register - Sat, 25/05/2019 - 07:52
Your two-minute guide to all the other security news this week

Roundup  It's a bumper three-day weekend in the US and UK, so we won't keep you long. Here's a rapid summary of information security news from the past week beyond what El Reg has already covered.…

Categories: News

Maker of US border's license-plate scanning tech ransacked by hacker, blueprints and files dumped online

The Register - Fri, 24/05/2019 - 00:45
Perceptics confirms intrusion and theft, stays quiet on details

Exclusive  The maker of vehicle license plate readers used extensively by the US government and cities to identify and track citizens and immigrants has been hacked. Its internal files were pilfered, and are presently being offered for free on the dark web to download.…

Categories: News

WikiLeaks boss Assange acted as a foreign spy, Uncle Sam exclaims in fresh rap sheet

The Register - Thu, 23/05/2019 - 22:51
Prosecutors try to paint a line between journos and internet dump lord in case with significant free speech implications

Julian Assange has been formally accused by the US government of breaking the Espionage Act 18 times, expanding the legal case against him and raising significant free speech issues.…

Categories: News

Why telcos 'handed over' people's GPS coords to a bounty hunter: He just had to ask nicely

The Register - Thu, 23/05/2019 - 21:44
Privacy slip allegations dog US cellular network giants... while FCC twiddles its thumbs

A bounty hunter was able to get the live location of a number of different individuals from American cellphone networks through a single phone call, it is claimed.…

Categories: News

British Army cyber 'n' psyops unit 77 Brigade can't even brainwash civvies into helping it meet recruitment targets

The Register - Thu, 23/05/2019 - 16:43
Part-timers needed

The British Army's psyops unit 77 Brigade is still falling short of recruiting targets, despite cyber skills being bigged up repeatedly by the military and government.…

Categories: News

We'll hack back at Russians, declare UK ministers in cyber-Blitz blitz

The Register - Thu, 23/05/2019 - 13:09
NATO's getting in on the action too

British ministers are stepping up their rhetoric on cyber warfare, with £22m to be splurged on embiggening an "offensive hacking" unit as Foreign Secretary Jeremy Hunt vowed to retaliate against Russian cyber-attacks.…

Categories: News

Phisher folk reel in Computacenter security vetting mailbox packed with sensitive staff data

The Register - Thu, 23/05/2019 - 11:05
Haul included employee passports, driving licences, bank statements and more

The third-party mailbox used by Computacenter employees and contractors to deposit data for security clearance applications has been hacked and used in phishing scams.…

Categories: News

US Air Force probes targeted malware attack, blames... er, the US Navy? What?

The Register - Wed, 22/05/2019 - 15:59
War crimes trial takes a fresh twist

The US Air Force has opened an investigation into a "malware" infection – which it is blaming on lawyers employed by the US Navy who are working on a war crimes case.…

Categories: News

Windows 10 bug-hunter reveals another 'make me admin' zero-day – and vows: 'There's more where that came from'

The Register - Wed, 22/05/2019 - 04:59
Vulnerability can be exploited to turn users into system stars, no patch available yet

A bug-hunter who previously disclosed Windows security flaws has publicly revealed another zero-day vulnerability in Microsoft's latest operating systems.…

Categories: News

G Suite'n'sour: Google resets passwords after storing some unhashed creds for months, years

The Register - Wed, 22/05/2019 - 01:00
Biz app login details encrypted at rest, though, ad giant insists

Google admitted Tuesday its paid-for G Suite of cloudy apps aimed at businesses stored some user passwords in plaintext albeit in an encrypted form.…

Categories: News

iPhone gyroscopes, of all things, can uniquely ID handsets on anything earlier than iOS 12.2

The Register - Tue, 21/05/2019 - 12:25
Cheapskate fandroids get a pass on this one, though

Your iPhone can be uniquely fingerprinted by apps and websites in a way that you can never clear. Not by deleting cookies, not by clearing your cache, not even by reinstalling iOS.…

Categories: News

Sharing Threat Intelligence: Time for an Overhaul

Kapersky Labs - Mon, 20/05/2019 - 21:08
All too often, information-sharing is limited to vertical market silos; to build better defenses, it's time to take a broader view beyond the ISAC.
Categories: News

Windows 10 Update Bricks PCs, Microsoft Offers Workarounds

Kapersky Labs - Mon, 20/05/2019 - 19:44
A glitch in Microsoft's Windows 10 update is causing systems to freeze after users tried to use the System Reboot function. Luckily, workarounds exist.
Categories: News

Salesforce Woes Linger as Admins Clean Up After Service Outage

Kapersky Labs - Mon, 20/05/2019 - 16:55
An accidental permissions snafu caused a massive outage for all Salesforce customers that continues to affect some businesses.
Categories: News

Sophos tells users to roll back Microsoft's Patch Tuesday run if they want PC to boot

The Register - Mon, 20/05/2019 - 16:15
Yes, the one with the critical security fixes

Brit security software slinger Sophos has advised its customers to uninstall Microsoft's most recent Patch Tuesday run – the same patches that protect servers against the latest Intel cockups.…

Categories: News

Behind the Naming of ZombieLoad and Other Intel Spectre-Like Flaws

Kapersky Labs - Mon, 20/05/2019 - 16:14
A lot of thought and meaning goes into the naming of infamous CPU side channel flaws, like ZombieLoad, Spectre and Meltdown.
Categories: News

Boeing admits 737 Max sims didn't accurately reproduce what flying without MCAS was like

The Register - Mon, 20/05/2019 - 15:28
Turning off trim control software in training wouldn't give realistic results – report

Boeing has admitted that pilot training simulators for the controversial 737 Max did not accurately reproduce what happened if the infamous MCAS system went gaga.…

Categories: News

Slack Bug Allows Remote File Hijacking, Malware Injection

Kapersky Labs - Mon, 20/05/2019 - 15:22
An attacker can supply a malicious hyperlink in order to secretly alter the download path for files shared in a Slack channel.
Categories: News

ZombieLoad: How Intel’s Latest Side Channel Bug Was Discovered and Disclosed

Kapersky Labs - Mon, 20/05/2019 - 14:42
Daniel Gruss, the researcher behind Spectre, Meltdown - and most recently, ZombieLoad - Intel CPU side channel attacks, gives an inside look into how he discovered the flaws.
Categories: News

Let adware be treated as malware, Canuck boffins declare after breaking open Wajam ad injector

The Register - Mon, 20/05/2019 - 11:05
If it walks like a duck and quacks like a duck then...

Analysis  The technology industry has numerous terms for sneaky software, including malware, adware, spyware, ransomware, and the ever adorable PUPs – potentially unwanted programs. But there isn't always a clear difference between malware and less threatening descriptors.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News