It's 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either

The Register - Mon, 23/03/2020 - 20:27
Spreading in the wild, no vaccine, people told to distance themselves from dodgy sources... sounds familiar

Hackers are commandeering victims' Windows PCs by exploiting at least one remote-code-execution flaw in the Adobe Type Manager Library included with the Microsoft operating system. No patches are available right now.…

Categories: News

It's time to track people's smartphones to ensure they self-isolate during this global pandemic, says WHO boffin

The Register - Mon, 23/03/2020 - 08:33
Suspected carriers need to stay home – and we should use their phones to monitor them, we're told

Tracking the movements of suspected COVID-19 coronavirus carriers has proved an essential tool in controlling the pandemic, according to Professor Marylouise McLaws.…

Categories: News

No, the head of the World Health Organization has not emailed you – it's a message laced with malware

The Register - Mon, 23/03/2020 - 07:02
On the other hand, these Pwn2Own results are legit

Roundup  It is time for another Reg security summary.…

Categories: News

Bored during lockdown? Why not try out these data-spilling KrØØk Wi-Fi bug exploits against your nearby devices

The Register - Fri, 20/03/2020 - 21:47
It's not like you can snoop on anyone right now anyway, right?

Proof-of-concept exploit code has emerged for last month's data-leaking KrØØk vulnerability present in a billion-plus Wi-Fi-connected devices and computers.…

Categories: News

Online face mask sales scams, 400% uptick of coronavirus phishing reports: Brit cops' workload shifts online along with the nation's

The Register - Fri, 20/03/2020 - 19:02
Criminal scum use pandemic as golden business opportunity

British police are saying coronavirus-related fraud reports have spiked by 400 per cent over the past six weeks as the COVID-19 illness continues its inexorable march through humanity.…

Categories: News

Firefox to burn FTP out of its browser, starting slowly in version 77 due in April

The Register - Fri, 20/03/2020 - 10:15
Already sin-binned it in 2018, will keep it around in extended support until 2021, and is way behind Chrome

Firefox has decided it’s time to burn the browser’s FTP connections.…

Categories: News

What do you not want right now? A bunch of Cisco SD-WAN, Webex vulnerabilities? Here are a bunch of them

The Register - Thu, 19/03/2020 - 21:30
Switchzilla says remote networking gear has a grab-bag of holes

Cisco has issued a series of security updates for its SD-WAN and Webex software, just when they're most needed.…

Categories: News

Russian state-sponsored hackers have been sniffing Middle East defence firms, warns Trend Micro

The Register - Thu, 19/03/2020 - 19:42
Artists variously known as Pawn Storm and APT28 are still at it

The Russian hacking crew known variously as APT28, Fancy Bear and Pawn Storm has been targeting defence companies with Middle Eastern outposts, according to Trend Micro.…

Categories: News

Oh-so-generous ransomware crooks vow to hold back from health organisations during COVID-19 crisis

The Register - Thu, 19/03/2020 - 11:47
Don't take their word for it. Governments need to up their security game, says security firm

Updated  Ransomware operators of DoppelPaymer and Maze malware stated that they will not target medical organisations during the current pandemic.…

Categories: News

Hong Kong makes wearable trackers mandatory for new arrivals, checks in with ‘surprise calls’ too

The Register - Thu, 19/03/2020 - 04:30
Government CIO promises they don’t record location, just change of location

Hong Kong has made it mandatory for all new arrivals to wear an “electronic wristband” that links to a smartphone to provide location-tracking services, so that authorities can be sure they’re observing COVID-19 quarantine requirements. And the city-state insists its privacy commissioner has signed off on the idea because it “does not pose privacy concerns.”…

Categories: News

Forget James Bond's super-gadgets, this chap spied for China using SD card dead drops. Now he's behind bars

The Register - Thu, 19/03/2020 - 01:12
Tour operator used job in America as cover while acting as a data mule for Beijing, stealing secrets from biz

An American citizen will spend the next four or so years behind bars in the US for smuggling corporate secrets out of the states to his spymasters in China.…

Categories: News

Dear Adobe, Trend Micro users: Please vaccinate your software – at least some of these security holes were exploited in the wild

The Register - Wed, 18/03/2020 - 22:06
Genuine Integrity doesn't exactly live up to its name

A little more than a week after forgoing March's Patch Tuesday hullabaloo, Adobe has emitted fixes for dozens of security flaws in its applications.…

Categories: News

Freedom of Information coverup clerk stung for £2k after deleting council audio recording

The Register - Wed, 18/03/2020 - 13:45
ICO notches up first successful FoI prosecution

A town clerk in the English county of Shropshire has been the subject of the first ever successful Freedom of Information prosecution after lying to a member of the public who made an FoI request.…

Categories: News

Small business loans app blamed as 500,000 financial records leak out of ... you guessed it, an open S3 bucket

The Register - Wed, 18/03/2020 - 11:30
Bank info, driver's license copies and more found, report researchers

A now-defunct mobile app for loaning money to small business owners has been pinned down as the source of an exposed archive containing roughly 500,000 personal and business financial records.…

Categories: News

Pervasive digital surveillance of citizens deployed in COVID-19 fight, with rules that send genie back to bottle

The Register - Wed, 18/03/2020 - 06:38
Israel is up for it. Washington, Iran and Thailand may be too. China is there already, natch

Pervasive surveillance through digital technologies is the business model of Facebook and Google. And now governments are considering the web giants' tools to track COVID-19 carriers for the public good.…

Categories: News

Remember cryptojacking from way, way back (2019)? Site infections are down 99% – thanks to death of Coinhive

The Register - Tue, 17/03/2020 - 21:20
Not totally eradicated yet, ads make more dosh

Cryptojacking, the theft of computing power to mine digital currency, has been around at least since 2013 – and has shrunk in use dramatically with the death of Monero-mining service Coinhive.…

Categories: News

Nigerian spammer made 3X average national salary firehosing macro-laden Word docs at world+dog

The Register - Tue, 17/03/2020 - 13:38
And his boss monitored him with a RAT

A most entertaining piece of threat research from Check Point gives a unique insight into the "working" life of a Nigerian email spammer who made thousands of dollars from stolen credit cards alone in recent years.…

Categories: News

Vimeo freezes accounts after malware hunts for logins, coronavirus map app infected with evil code, and more

The Register - Tue, 17/03/2020 - 01:53
Including: COVID-19-hit cruise giant admits it was hacked

Roundup  We hope everyone is staying healthy and safe. It's time for another Reg roundup of security news you may have missed.…

Categories: News

Virtual machines, real problems: VMware fixes bug trio including guest-to-host hole in Workstation, Fusion

The Register - Tue, 17/03/2020 - 00:35
Finally, something that isn't coronavirus related [delete this – ed.]

VMware has released security patches for a trio of bugs in its desktop-class virtualization products.…

Categories: News

US Health and Human Services targeted by DDoS scum at just the time it's needed to be up and running

The Register - Mon, 16/03/2020 - 20:40
Miscreants also hammer Euro websites as well, because why not?

In an impeccable instance of horrible timing, the US government's Department of Health and Human Services (HHS) says it fended off a cyberattack by online scumbags.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News