You have to be very on-trend as a cybercrook – hence why coronavirus-themed phishing is this year's must-have look

The Register - Thu, 17/09/2020 - 09:30
F-Secure gives its take on the first half of 2020 in internet scumminess

Coronavirus-themed malicious emails were the standout feature of online naughtiness in the first half of 2020, according to infosec firm F-Secure – though overall volumes of phishing did decrease a touch.…

Categories: News

Fake Zoom alerts and dodgy medical freebies among COVID-cracks detected by Taiwan's CERT

The Register - Thu, 17/09/2020 - 04:32
Phishers claimed to be from 'National Health Commission', which exists in mainland China but not Taiwan

Taiwan's CERT detected cyber-crooks impersonating medical authorities to attack the country's tech industry during the early stages of the COVID pandemic.…

Categories: News

Good: US boasts it collared two in Chinese hacking bust. Bad: They aren't the actual hackers, rest are safe in China

The Register - Wed, 16/09/2020 - 20:41
Ugly: And it's all about video game robberies at this stage

Two people have been arrested in Malaysia as part of America's crackdown on the Chinese government's hackers.…

Categories: News

Where China leads, Iran follows: US warns of 'contract' hackers exploiting Citrix, Pulse Secure and F5 VPNs

The Register - Wed, 16/09/2020 - 19:40
Please just patch your infrastructure, begs US-CISA

Where Chinese hackers exploit, Iranians aren’t far behind. So says the US Cybersecurity and Infrastructure Security Agency, which is warning that malicious persons from Iran are exploiting a slew of vulns in VPN products from Citrix, F5 Networks and Pulse Secure.…

Categories: News

Microsoft open-sources fuzzing tool it uses in-house to keep Windows so very secure

The Register - Wed, 16/09/2020 - 07:33
Erm ... guys ... have you looked at recent patch counts? (We have: you issued 372 this quarter, 54 critical)

Microsoft has open-sourced the fuzzing tool it uses to scour its own code for potential security vulnerabilities.…

Categories: News

Worried about bootkits, rootkits, UEFI nasties? Have you tried turning on Secure Boot, asks the No Sh*! Agency

The Register - Wed, 16/09/2020 - 01:40
And have you tried simply asking hackers to not hack?

The NSA has published online a guide for IT admins to keep systems free of bootkits and rootkits.…

Categories: News

Dunkin' Donuts drops some dough to glaze over lawsuit accusing it of covering up customer account hacks

The Register - Tue, 15/09/2020 - 22:33
No way to sugarcoat this: New York AG eclairs the 2015 data theft matter settled

Dunkin' Donuts today settled a lawsuit in which it was accused of hushing up the fact hackers siphoned its customers' personal information from its systems in 2015.…

Categories: News

£2.5bn sueball claims Google slurps kids' YouTube browsing habits then sells them on

The Register - Tue, 15/09/2020 - 18:20
Video platform is not for under-13s, insists spokesman

A campaign group is suing Google for up to £2.5bn over claims that YouTube breaks EU data protection laws by harvesting information about children under 13 – and is hoping to turn it into a UK class-action-style case.…

Categories: News

Russian hacker selling how-to vid on exploiting unsupported Magento installations to skim credit card details for $5,000

The Register - Tue, 15/09/2020 - 14:29
Nearly 2,000 e-commerce shops pwned over weekend so it's time to migrate

Thousands of e-commerce stores built using Magento 1 have been poisoned with malicious code that steals customers' bank card information as they enter their details to order stuff online.…

Categories: News

Have hackers, cybercrims worked their way into your corporate net while you’ve been working from home?

The Register - Tue, 15/09/2020 - 11:00
Tune in online this month and learn how to keep them at bay

Webcast  Working from home may have turned your life upside down, but for hackers, cyber-criminals and other bad actors, it’s all been business as usual.…

Categories: News

Chinese database detailing 2.4 million influential people, their kids, their addresses, and how to press their buttons revealed

The Register - Tue, 15/09/2020 - 07:27
Compiling using open source intel and hailed as showing extent of China’s surveillance activities

A US academic has revealed the existence of 2.4-million-person database he says is compiled by a Chinese company known to supply intelligence, military, and security agencies. The academic alleges the purpose of the database is enabling overseas influence operations to be conducted against prominent or influential people outside China.…

Categories: News

Infosec big names rally against US voting app maker's bid to outlaw unsanctioned bug hunting via T&Cs

The Register - Tue, 15/09/2020 - 02:08
Probing systems during a live election 'to be treated as hostile unless authorization granted,' Voatz insists

About 70 members of the computer security community on Monday challenged US voting app maker Voatz's effort to dictate the terms under which bug hunters can look for code flaws.…

Categories: News

What do F5, Citrix, Pulse Secure all have in common? China exploiting their flaws to hack govt, biz – Feds

The Register - Tue, 15/09/2020 - 00:58
Beijing's snoops don't even need zero-days to break into valuable networks

The US government says the Chinese government's hackers are preying on a host of high-profile security holes in enterprise IT equipment to infiltrate Uncle Sam's agencies and American businesses.…

Categories: News

Court hearing on election security is zoombombed on 9/11 anniversary with porn, swastikas, pics of WTC attacks

The Register - Mon, 14/09/2020 - 22:03
Atlanta to upgrade software license with more protection, clerk tells us

A court hearing on election security in America failed in its own security efforts – when it was zoombombed with porn, swastikas and images of the World Trade Center attacks.…

Categories: News

Take your pick: 'Hack-proof' blockchain-powered padlock defeated by Bluetooth replay attack or 1kg lump hammer

The Register - Mon, 14/09/2020 - 21:12
You can do it the easy way or the easier way

A "hack-proof" smart padlock with security based on blockchain technology could be defeated by a simple Bluetooth replay attack – or a 1kg lump hammer.…

Categories: News

Personal data from Experian on 40% of South Africa's population has been bundled onto a file-sharing website

The Register - Mon, 14/09/2020 - 18:00
August breach hadn't been cleared up at all – and regulators are furious

Personal data on 24 million South Africans, wrongfully sold by Experian to a person it claimed had "pretended" to represent a "legitimate client", is now not only circulating on the dark web – it's also on clearweb file-sharing sites, according to reports.…

Categories: News

Sorry we shut you out, says Tutanota: Encrypted email service weathers latest of ongoing DDoS storms

The Register - Mon, 14/09/2020 - 15:27
Privacy-conscious biz insists on rolling its own mitigations, though

Encrypted email biz Tutanota has apologised for accidentally shutting its own users out while fending off the latest of a series of distributed denial-of-service (DDoS) attacks.…

Categories: News

Another month, another cryptocurrency exchange hacked and 'millions of dollars' stolen by miscreants

The Register - Mon, 14/09/2020 - 11:15
Plus get patching your Palo Alto kit, there's a nasty crit out there

In brief  Cryptocurrency exchange Eterbase last week admitted hackers broke into its computers and made off with other people's coins, said to be worth $5.4m.…

Categories: News

Don't pay the ransom, mate. Don't even fix a price, say Australia's cyber security bods

The Register - Sat, 12/09/2020 - 09:33
Better yet - do the basics and your systems won't get encrypted in the first place

Most online attacks could be easily avoided by following basic cyber security advice, Australia’s national cyber security bureau has said – even as it warned that the impact and severity of things like ransomware attacks are getting worse and worse.…

Categories: News

What an IDORable Giggle: AI-powered 'female only' app gets in Twitter kerfuffle over breach notification

The Register - Fri, 11/09/2020 - 16:59
Doing the right thing - after trying all the wrong things first

A “female social network” called Giggle whose operators left its user database unsecured has triggered a wave of Twitter controversy after its founder threatened to sue a UK infosec firm who pointed out the vulnerability.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News