US and EU infosec authorities pen intel-sharing pact

The Register - 2 hours 42 min ago
As Cyber Solidarity Act edges closer to full adoption in Europe

The US Cybersecurity and Infrastructure Security Agency (CISA) has signed a working arrangement with its EU counterparts to increase cross-border information sharing and more to tackle criminals.…

Categories: News

Yet another UK public sector data blab, this time info of pregnant women, cancer patients

The Register - 8 hours 31 min ago
NHS Trust admits highly sensitive data left online for nearly three years

More than 22,000 patients of Cambridge University Hospitals NHS Foundation Trust were hit by data leaks that took place between 2020 and 2021.…

Categories: News

Belgian man charged with smuggling sanctioned military tech to Russia and China

The Register - 13 hours 40 min ago
Indictments allege plot to shift FPGAs, accelerometers, and spycams

A Belgian man has been arrested and charged for his role in a years-long smuggling scheme to export military-grade electronics from the US to Russia and China.…

Categories: News

Australia building 'top secret' cloud to catch up and link with US, UK intel orgs

The Register - 16 hours 37 min ago
Plans to share 'vast amounts of data' – very carefully

Australia is building a top-secret cloud to host intelligence data and share it with the US and UK, which have their own clouds built for the same purpose.…

Categories: News

Apple and some Linux distros are open to Bluetooth attack

The Register - Wed, 06/12/2023 - 20:47
Issue has been around since at least 2012

A years-old Bluetooth authentication bypass vulnerability allows miscreants to connect to Apple, Android and Linux devices and inject keystrokes to run arbitrary commands, according to a software engineer at drone technology firm SkySafe.…

Categories: News

Locking down the edge

The Register - Wed, 06/12/2023 - 16:09
Watch this webinar to find out how Zero Trust fits into the edge security ecosystem

Sponsored Post  Edge security is a growing headache. The attack surface is expanding as more operational functions migrate out of centralized locations and into distributed sites and devices.…

Categories: News

A year on, CISA realizes debunked vuln actually a dud and removes it from must-patch list

The Register - Wed, 06/12/2023 - 14:45
Apparently no one thought to check if this D-Link router 'issue' was actually exploitable

A security vulnerability previously added to CISA's Known Exploited Vulnerability catalog (KEV), which was recognized by CVE Numbering Authorities (CNA), and included in reputable threat reports is now being formally rejected by infosec organizations.…

Categories: News

Shielding the data that drives AI

The Register - Wed, 06/12/2023 - 10:23
Why we need the confidence to deploy secure, compliant AI-powered applications and workloads

Sponsored Feature  Every organisation must prioritise the protection of mission critical data, applications and workloads or risk disaster in the face of an ever-widening threat landscape.…

Categories: News

Atlassian security advisory reveals four fresh critical flaws – in mail with dead links

The Register - Wed, 06/12/2023 - 06:57
Bitbucket, Confluence and Jira all in danger, again. Sigh

Atlassian has emailed its customers to warn of four critical vulnerabilities, but the message had flaws of its own – the links it contained weren't live for all readers at the time of despatch.…

Categories: News

Microsoft issues deadline for end of Windows 10 support – it's pay to play for security

The Register - Wed, 06/12/2023 - 06:31
Limited options will be available into 2028, for an undisclosed price

Microsoft on Tuesday warned that full security support for Windows 10 will end on October 14, 2025, but offered a lifeline for customers unable or unwilling to upgrade two years hence.…

Categories: News

Cisco intros AI to find firewall flaws, warns this sort of thing can't be free

The Register - Wed, 06/12/2023 - 04:29
Predicts cyber crims will find binary brainboxes harder to battle

Cisco's executive veep for security Jeetu Patel has predicted that AI will change the infosec landscape, but that end users will eventually pay for the privilege of having a binary brainbox by their side when they go into battle.…

Categories: News

Fancy Bear goes phishing in US, European high-value networks

The Register - Wed, 06/12/2023 - 00:15
GRU-linked crew going after our code warns Microsoft - Outlook not good

Fancy Bear, the Kremlin's cyber-spy crew, has been exploiting two previously patched bugs for large-scale phishing campaigns against high-value targets – like government, defense, and aerospace agencies in the US and Europe – since March, according to Microsoft. …

Categories: News

CISA details twin attacks on federal servers via unpatched ColdFusion flaw

The Register - Tue, 05/12/2023 - 17:40
Tardy IT admins likely to get a chilly reception over the lack of updates

CISA has released details about a federal agency that recently had at least two public-facing servers compromised by attackers exploiting a critical Adobe ColdFusion vulnerability.…

Categories: News

DSPM deep dive: debunking data security myths

The Register - Tue, 05/12/2023 - 16:21
To maintain a strong data security posture, you must protect the data where it lives

Partner Content  There are plenty of technology acronyms in the alphabet soup of the cybersecurity industry, but DSPM is the latest one leading the charge; its recent buzz has brought scrutiny to various security concepts that have cluttered the meaning behind data security posture management.…

Categories: News

BlackCat ransomware crims threaten to directly extort victim's customers

The Register - Tue, 05/12/2023 - 12:30
Accounting software firm Tipalti says it’s investigating alleged break-in of its systems

The AlphV/BlackCat ransomware group said it plans to "go direct" to the clients of a firm it allegedly attacked to extort them, claiming to have infiltrated the systems of accounting software vendor Tipalti.…

Categories: News

It's ba-ack... UK watchdog publishes age verification proposals

The Register - Tue, 05/12/2023 - 10:22
Won't somebody think of the children?

The UK's communications regulator has laid out guidance on how online services might perform age checks as part of the Online Safety Act.…

Categories: News

UK government denies China/Russia nuke plant hack claim

The Register - Tue, 05/12/2023 - 06:30
Report suggests Sellafield compromised since 2015, response seems worryingly ignorant of Stuxnet

The government of the United Kingdom has issued a strongly worded denial of a report that the Sellafield nuclear complex has been compromised by malware for years.…

Categories: News

US warns Iranian terrorist crew broke into 'multiple' US water facilities

The Register - Mon, 04/12/2023 - 23:30
There's a war on and critical infrastructure operators are still using default passwords

Iran-linked cyber thugs have exploited Israeli-made programmable logic controllers (PLCs) used in "multiple" water systems and other operational technology environments at facilities across the US, according to multiple law enforcement agencies .…

Categories: News

Hershey phishes! - Crooks snarf chocolate lovers' creds

The Register - Mon, 04/12/2023 - 19:15
Stealing Kit Kat maker's data?! Give me a break

There's no sugarcoating this news: The Hershey Company has disclosed cyber crooks gobbled up 2,214 people's financial information following a phishing campaign that netted the chocolate maker's data.…

Categories: News

Two new versions of OpenZFS fix long-hidden corruption bug

The Register - Mon, 04/12/2023 - 16:15
Version 2.2.2 and also 2.1.14, showing that this wasn't a new issue in the latest release

The bug that was very occasionally corrupting data on file copies in OpenZFS 2.2.0 has been identified and fixed, and there's a fix for the previous OpenZFS release too.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News