White-listing Azure cloud connections to grease your Office 365 wheels? About that...

The Register - 3 hours 41 min ago
Dev fears sub-domain abuse – Plus, unofficial patches for trio of Windows zero-days

Microsoft has been accused of ignoring an IT security risk that could be exploited to create legit-looking malware-laden webpages that sport seemingly trusted Azure and Office 365 domain names. Alternatively, the domains potentially could be used to stealthily leak stolen data from networks.…

Categories: News

Build the wall... around your DNS settings, US govt IT staff urged by Homeland Security amid domain hijackings

The Register - 8 hours 29 min ago
Anyone still at their posts, please stop these address takeovers... please, helloo? Anyone there?

America's Homeland Security has urged US government departments and federal agencies to shore up their DNS control panels after hackers successfully stormed the barricades.…

Categories: News

Plug in your iPhone, iPad, iPod, fire up the App Store: You have new Apple patches to install

The Register - 12 hours 23 min ago
Open the door, get on the floor – not so fast if you've an iPhone 4

Apple has emitted a handful of software patches to address security vulnerabilities in iOS, macOS, and various peripherals.…

Categories: News

Wow, fancy that. Web ad giant Google to block ad-blockers in Chrome. For safety, apparently

The Register - Tue, 22/01/2019 - 22:27
How many ad blocks could an ad slinger block if an ad slinger could block blocks?

Google engineers have proposed changes to the open-source Chromium browser that will break content-blocking extensions, including various ad blockers.…

Categories: News

Heads up: Debian's package manager is APT for root-level malware injection... Fix out now to thwart MITM hijacks

The Register - Tue, 22/01/2019 - 22:11
Disable redirects before applying update

The Debian Project has patched a security flaw in its software manager Apt that can be exploited by network snoops to execute commands as root on victims' boxes as they update or install packages.…

Categories: News

En garde! 'Cyber-war has begun' – and France will hack first, its defence sec declares

The Register - Tue, 22/01/2019 - 20:12
Parly-vous cyber-security? No plan to surrender, military bug bounty coming

FIC2019  France’s defence secretary Florence Parly today declared “Cyber war has begun.”…

Categories: News

How Web Apps Can Turn Browser Extensions Into Backdoors

Kapersky Labs - Tue, 22/01/2019 - 18:45
Researchers show how rogue web applications can be used to attack vulnerable browser extensions in a hack that gives adversaries access to private user data.
Categories: News

French diplomat: Spies gonna spy – there aren't any magical cyberspace laws that can prevent it

The Register - Tue, 22/01/2019 - 17:30
Pragmatic chap looks at reality of international relations

FIC2019  A French diplomat has suggested that future global regulation of cyberspace could exempt spying from regulation "as long as some specific sectors are preserved".…

Categories: News

Google Fined $57M in Largest GDPR Slap Yet

Kapersky Labs - Tue, 22/01/2019 - 17:05
The French Data Protection Authority (DPA) found a lack of transparency when it comes to how Google harvests and uses personal data for ad-targeting purposes.
Categories: News

Looks like Uncle Sam has pulled its finger out and appointed a Privacy Shield ombudsperson

The Register - Tue, 22/01/2019 - 16:30
White House to nominate former DocuSign boss

The US may have finally complied with the European Commission's repeated requests to name a permanent Privacy Shield ombudsperson, The Register understands.…

Categories: News

Adobe Issues Unscheduled Updates for Experience Manager Platform

Kapersky Labs - Tue, 22/01/2019 - 15:21
The patches are part of Adobe's second unscheduled update this month.
Categories: News

Stalk my pals on social media and you'll know that the next words out of my mouth will be banana hammock

The Register - Tue, 22/01/2019 - 14:30
Boffins reckon they can predict what you'll say based on your friends' activity online

The phenomenon of "prescient Facebook advertising", so beloved of conspiracy theorists who think social networks listen to your microphone, might instead simply be evidence of how good Facebook's algorithms have become.…

Categories: News

Get in the bin: Let's Encrypt gives admins until February 13 to switch off TLS-SNI

The Register - Tue, 22/01/2019 - 10:31
End-of-life followed 2018 fake Website certificate drama

If you're still using TLS-SNI, stop: a year after a slip-up allowed miscreants to claim Let's Encrypt certificates for domains they didn't own, the free certificate authority has announced the final sunset of the protocol involved.…

Categories: News

DDoS sueball, felonious fonts, leaky Android file manager, blundering building security, etc etc

The Register - Sat, 19/01/2019 - 13:37
Plus, Safari security foiled by… a finger swipe?

Roundup  This week we wrangled with alleged Russian election meddling, hundreds of millions of username-password combos spilled online, Oracle mega-patches, and cliams of RICO swap-gangs.…

Categories: News

The Iceman cometh, his smartwatch told the cops: Hitman jailed after gizmo links him to Brit gangland slayings

The Register - Sat, 19/01/2019 - 08:01
Killer jailed for life after fitness kit data tips off plod

Avid runner and hitman Mark Fellows was this week found guilty of murder after being grassed up by his Garmin watch.…

Categories: News

Google Play Removes Malicious Malware-Ridden Apps

Kapersky Labs - Fri, 18/01/2019 - 21:00
Two apps on Google Play were infecting devices with the Anubis mobile banking trojan.
Categories: News

US midterms barely over when Russians came knocking on our servers (again), Democrats claim

The Register - Fri, 18/01/2019 - 20:05
Лучшая защита – нападение?

Russian hackers attempted to infiltrate the Democratic National Committee (DNC) just after the US midterm elections last year, according to a new court filing.…

Categories: News

Fallout EK Retools for a Fresh New 2019 Look

Kapersky Labs - Fri, 18/01/2019 - 19:58
The Fallout EK has added the latest Flash vulnerability to its bad of tricks, among other tune-ups.
Categories: News

Threatpost News Wrap Podcast For Jan. 18

Kapersky Labs - Fri, 18/01/2019 - 17:58
Threatpost editors break down the top headlines from the week ended Jan. 18.
Categories: News

Critical, Unpatched Cisco Flaw Leaves Small Business Networks Wide Open

Kapersky Labs - Fri, 18/01/2019 - 17:30
A default configuration allows full admin access to unauthenticated attackers.
Categories: News


Subscribe to Sec Tec Limited aggregator - News