DDoS and dingoes: Australia to bolster cyber-defences with 500 hackers amid China spat

The Register - Tue, 30/06/2020 - 14:49
AU$1.35bn fund follows revelations that country was hit by state-run attack

Australia will hire 500 hackers as part of a AU$1.35bn (£754m, $925m) boost to protect the nation's networks from a wave of cyber attacks.…

Categories: News

Remember when we warned in February Apple will crack down on long-life HTTPS certs? It's happening: Chrome, Firefox ready to join in, too

The Register - Tue, 30/06/2020 - 04:57
From Sept 1, new TLS certificates valid for more than 398 days will be snubbed

From September 1, Apple software, from Safari to macOS to iOS, will reject new HTTPS and other SSL/TLS certificates that are valid for more than 398 days, plus or minus some caveats.…

Categories: News

University of California San Francisco pays ransomware gang $1.14m as BBC publishes 'dark web negotiations'

The Register - Mon, 29/06/2020 - 17:29
Publicity-hungry crims find new way of pressuring victims

A California university which is dedicated solely to public health research has paid a $1.14m ransom to a criminal gang in the hopes of regaining access to its data.…

Categories: News

Yes, Prime Minister, rewrite the Computer Misuse Act: Brit infosec outfits urge reform

The Register - Mon, 29/06/2020 - 12:30
Out-of-date law prevents Britain from fully developing its cybersecurity industry, say campaigners

British infosec businesses are celebrating the 30th birthday of the Computer Misuse Act 1990 by writing to Prime Minister Boris Johnson urging reform of the elderly cybercrime law.…

Categories: News

CyberX, CyberX, does whatever a CyberX does. Locks IoT, machines too, Microsoft got it so you will to

The Register - Mon, 29/06/2020 - 06:04
Plus: DDoS'er jailed, and more

In Brief  Redmond is bulking up the security around its AzureStack hardware-to-cloud bundle by acquiring infosec firm CyberX.…

Categories: News

Macs, iPhones, iPads to get encrypted DNS – how'd you like them Apples?

The Register - Sat, 27/06/2020 - 01:55
Cupertino idiot-tax corp is fashionably late to the party

WWDC  Apple this year will boldly go where its peers have gone before by implementing support for encrypted DNS in iOS and macOS.…

Categories: News

Let's roll the 3d6 dice on today's security drama: Ah, 15, that's LG allegedly hacked, source code stolen by Maze ransomware gang

The Register - Fri, 26/06/2020 - 22:00
Crooks threaten to leak swiped software blueprints

Maze ransomware masterminds claim to have stolen source code from LG after hacking into the electronics giant.…

Categories: News

Tune in and watch live: Email encryption doesn’t have to be an all-or-nothing deal

The Register - Fri, 26/06/2020 - 19:00
Next week: Explore how keeping email safe can be part of a wider corporate strategy

Webcast  Leaked emails are the IT security mishap that just keeps on giving. From salacious tabloid headlines to lost elections to international security crises, a hacked or misfired email is the ultimate piece of first-hand evidence to light up a scandal, or ruin a reputation.…

Categories: News

UK police use of facial-recognition tech is lawful, no need to question us, cops' lawyer tells Court of Appeal

The Register - Fri, 26/06/2020 - 16:00
Plus: Home Office urges judges to leave lax legal framework as is

South Wales Police and the UK Home Office "fundamentally disagree" that automated facial recognition (AFR) software is as intrusive as collecting fingerprints or DNA, a barrister for the force told the Court of Appeal yesterday.…

Categories: News

When one open-source package riddled with vulns pulls in dozens of others, what's a dev to do?

The Register - Fri, 26/06/2020 - 10:25
Snyk survey puts cross-site scripting top of the list for security holes – but watch out for prototype pollution too

Open-source security specialist Snyk has released a new survey combining data on vulnerabilities in available packages with responses from developers and DevOps teams about how they handle the challenge this poses.…

Categories: News

Talk about the fox guarding the hen house. Comcast to handle DNS-over-HTTPS for Firefox-using subscribers

The Register - Fri, 26/06/2020 - 02:07
Last November: These ISPs know too much! June: God bless the ISPs

Comcast has agreed to be the first home broadband internet provider to handle secure DNS-over-HTTPS queries for Firefox browser users in the US, Mozilla has announced.…

Categories: News

US govt: Julian Assange tried to recruit hacker to steal hush-hush dirt and we should know – the hacker was an informant

The Register - Thu, 25/06/2020 - 23:59
WikiLeaker accused of tapping up LulzSec's Sabu as a source

Prosecutors in the US have upgraded their case against Julian Assange with a second superseding indictment claiming he sought out the services of a notorious hacker who, unbeknownst to the WikiLeaks boss, was secretly working with the Feds.…

Categories: News

Honeypot behind sold-off IP subnet shows Cyberbunker biz hosted all kinds of filth, says SANS Institute

The Register - Thu, 25/06/2020 - 16:52
Botnet C2, denial-of-service, phishing – and that's after filtering

Web traffic to the servers of the notorious Dutch-German Cyberbunker hosting biz was filled with all kinds of badness, including apparent botnet command-and-control and denial-of-service traffic, says SANS Institute.…

Categories: News

There are DDoS attacks, then there's this 809 million packet-per-second tsunami Akamai says it just caught

The Register - Thu, 25/06/2020 - 11:03
Bank on the receiving end of massive 418Gbps traffic barrage

Akamai reckons it blocked what may be the largest distributed denial-of-service attack ever, in terms of packets per second.…

Categories: News

After huffing and puffing for years, US senators unveil law to blow the encryption house down with police backdoors

The Register - Wed, 24/06/2020 - 23:48
Lawmakers will attempt to bend the laws of mathematics to their will

A trio of Republican senators on Tuesday proposed legislation that requires service providers and device makers in America to help the Feds bypass encryption when presented with a court-issued warrant.…

Categories: News

Ransomware crims to sell off 'scandalous' files swiped from Mariah Carey, Nicki Minaj, Puff Daddy's legal eagles

The Register - Wed, 24/06/2020 - 22:18
$600k starting bid, say public extortionists, or $42m to keep schtum

Ransomware criminals claiming to have siphoned confidential docs on Nicki Minaj, Mariah Carey, and Lebron James from an American law firm are threatening to auction off the info.…

Categories: News

Laws on police facial recognition aren't tough enough, UK data watchdog barrister tells Court of Appeal

The Register - Wed, 24/06/2020 - 18:47
Top judge replies: Don't understand what you're on about

A top judge told a barrister for the UK Information Commissioner's Office (ICO) today that his legal arguments against police facial-recognition technology face "a great difficulty" as he wondered whether they were even relevant to the case.…

Categories: News

Former UK Labour deputy leader wants to know how the NHS's contact-tracing app will ensure user privacy

The Register - Wed, 24/06/2020 - 17:15
This is the Apple-Google API one, not the 'world-beating' one

Harriet Harman MP, chair of Britain's Commons Human Rights Committee, has written to UK health secretary Matt Hancock seeking clarity on privacy aspects of the government's latest coronavirus contact-tracing app.…

Categories: News

Maze ransomware gang threatens to publish sensitive stolen data after US aerospace biz sensibly refuses to pay

The Register - Wed, 24/06/2020 - 13:30
Bungling cybercrooks throw toys out of the pram as negotiations shut down

The Maze ransomware gang has threatened to publish information stolen from an American firm that overhauls airliners and installs flight control software upgrades – because its victim refused to pay a demanded ransom.…

Categories: News

Carbon-based vuln hunters will always be better at infosec than AI, insist puny humans

The Register - Wed, 24/06/2020 - 11:00
No intelligent pentesting systems were available to comment on this assertion

Puny humans still think they're superior to AI when it comes to infosec – and a significant number still don't venture into meatspace or get enough sunlight.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News