D-Link, Comba network gear leave passwords open for potentially whole world to see

The Register - Wed, 11/09/2019 - 10:02
Manufacturers seem not to care – some routers still awaiting patches

DSL modems and Wi-Fi routers from D-Link and Comba have been found to be leaving owners' passwords out in the open.…

Categories: News

Required: Massive email fraud bust. Tired: Cops who did the paperwork. Expired: 281 suspected con men's freedom

The Register - Wed, 11/09/2019 - 00:57
Alleged whaling crooks cuffed in global crime crackdown

US prosecutors say 281 suspected criminal hackers around the world have been arrested as part of a massive takedown operation against so-called business email compromise operations. That's the type of caper in which crooks hijack executives' email accounts, or impersonate the staffers, to trick colleagues into wiring funds to fraudsters' accounts.…

Categories: News

It's 2019, and Windows PCs can be pwned via a shortcut file, a webpage, an evil RDP server...

The Register - Tue, 10/09/2019 - 21:54
Microsoft joins Adobe and SAP in cleaning up security bugs, two of which are under active attack

Patch Tuesday  Microsoft, Adobe, and SAP today delivered a load of security updates for this month's Patch Tuesday.…

Categories: News

Rolling in DoH: Chrome 78 to experiment with DNS-over-HTTPS – hot on the heels of Firefox

The Register - Tue, 10/09/2019 - 21:06
Google promises it won't override your choice of DNS provider

Only days after Mozilla said it plans to make DNS-over-HTTPS (DoH) available by default gradually for Firefox users in the US, Google announced its intention to test DoH in Chrome 78, due for beta release in the next two weeks.…

Categories: News

The NetCAT is out of the bag: Intel chipset exploited to sniff SSH passwords as they're typed over the network

The Register - Tue, 10/09/2019 - 18:00
Chipzilla downplays cunning data-snooping side-channel technique

Video  It is possible to discern someone's SSH password as they type it into a terminal over the network, say infosec gurus who have found an interesting side-channel vulnerability in Intel's networking technology.…

Categories: News

Mozilla Firefox to begin slow rollout of DNS-over-HTTPS by default at the end of the month

The Register - Mon, 09/09/2019 - 22:53
To protect query privacy, browser maker will run everything through Cloudflare

On Friday, Mozilla said it plans to implement the DNS-over-HTTPS (DoH) protocol by default in its Firefox browser, with a slow rollout starting in late September.…

Categories: News

Equifax is going to make you work for that 125 bucks it owes each of you: Biz sneaks out Friday night rule change

The Register - Mon, 09/09/2019 - 21:00
Millions likely to get kicked into credit monitoring deal

It’s been a year since hapless credit-monitoring company Equifax admitted hackers gained access to the personal details of some 175 million people on its servers – and it has marked the anniversary with an extra legal hurdle for those seeking compensation.…

Categories: News

That Telegram feature that let you delete your private messages on recipients' phones? It didn't work properly

The Register - Mon, 09/09/2019 - 20:33
Infosec bod bags reward for spotting image privacy bug

VIdeo  Telegram has fixed a bug that broke one of its chat app's key privacy features: the ability to fully delete your sensitive messages on recipients' phones.…

Categories: News

What a bunch of DoSers: Wikipedia says it was walloped by 'bad faith' actors over weekend

The Register - Mon, 09/09/2019 - 15:00
Lights go out across Europe

Wikimedia has fingered a massive distributed-denial-of-service attack for outages at Wikipedia across Europe over the weekend.…

Categories: News

Symantec shares up as private equity suitors sniff consumer tentacle

The Register - Mon, 09/09/2019 - 12:35
$16bn slapped on table by Permira and Advent – reports

Symantec shares have jumped almost 5 per cent following reports that it is close to offloading its consumer business to a pair of private equity investors.…

Categories: News

Apple and Google trade barbs over bugs, digital lothario arrested and Bluekeep gets busy

The Register - Mon, 09/09/2019 - 07:28
Also, XKCD forums hacked and Monster monstered

Roundup  Here's a look back at some of the latest security bits and bobbles.…

Categories: News

Exim marks the spot… of remote code execution: Patch due out today for 'give me root' flaw in mail server

The Register - Fri, 06/09/2019 - 11:00
Install incoming update to avoid having your boxes hijacked

The widely used Exim email server software is due to be patched today to close a critical security flaw that can be exploited to potentially gain root-level access to the machine.…

Categories: News

Massachusetts city tells ransomware scumbags to RYUK off, our IT staff will handle this easily

The Register - Fri, 06/09/2019 - 03:06
Oh, so you can just do that? That's possible? Restoring from clean, good backups after an infection? Who knew?

The City of New Bedford, in Massachusetts, has found a way to deal with ransomware without paying: shoring up defenses, restoring from backups, and rebuilding systems.…

Categories: News

Too bad, so sad, exploit devs: Google patches possibly several million dollars' worth of security flaws in Android

The Register - Fri, 06/09/2019 - 00:43
Except one – a 'your phone is now my phone' bug reported months ago and still not fixed

Google this week emitted the September edition of its monthly Android security updates – and has left at least one known vulnerability unpatched. Also, in case you missed it, the web giant started rolling out Android 10 a few days ago.…

Categories: News

Today's data whoopsie is brought to you by CircleCI: Source safe, but look out for phishers

The Register - Thu, 05/09/2019 - 12:13
SF-based continuous delivery outfit says soz

Software testing and delivery company CircleCI has apologised for exposing user data to the world and its dog.…

Categories: News

Newb admits he ran Satori botnet that turned thousands of hacked devices into a 100Gbps+ DDoS-for-hire cannon

The Register - Thu, 05/09/2019 - 01:47
One moron down, two to go

The script kiddie at the center of the Satori botnet case has pleaded guilty.…

Categories: News

Brave accuses Google of trampling Europe's GDPR with stealthy netizen-stalking adverts

The Register - Wed, 04/09/2019 - 22:13
Our ads? Stomping on people's privacy? Never! Not us! sobs search giant

Brave, the maker of a Chromium-based browser with a focus on privacy, claims advertising giant Google flouts Europe's data protection rules by effectively leaking netizens' web browsing activities to advertisers.…

Categories: News

Let's recap reCAPTCHA gotcha: Our cunning AI can defeat Google's anti-bot tech, say uni boffins

The Register - Wed, 04/09/2019 - 19:56
Machine-learning code solves image puzzles just like us netizens – claim

Video  US-based academics claim they have developed a machine-learning system that can beat Google's bot-detecting reCAPTCHA system.…

Categories: News

Blindly accepting network update texts could have pwned your mobe, say researchers

The Register - Wed, 04/09/2019 - 17:01
Flaws now (mostly) patched

Over-the-air provisioning is the latest attack vector threatening your innocent Android mobe, according to Check Point today.…

Categories: News

Red flag: Home Office inks £45m border tech extension with IBM

The Register - Wed, 04/09/2019 - 12:31
After 15 years, Semaphore DB that flags up persons of interest goes into extra (Brexit) time

The Home Office has inked a £45m 33-month contract extension with IBM for its creaking Semaphore border technology contract.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News