Morrisons is to blame for 100k payroll theft and leak, say 9,000 workers

The Register - Fri, 08/11/2019 - 16:00
Supreme Court wraps up legal submissions from supermarket and breach victims

"Cutting to the chase, it's not a case where the office cleaner finds a thumb drive, picks it up and takes the opportunity to make some use of it," barrister Jonathan Barnes told the Supreme Court as he urged judges to dismiss Morrisons' appeal against liability for its 2014 payroll data breach.…

Categories: News

Surveillance kit slinger accused of slapping 'Made in America' on Chinese gear, selling it to the US government

The Register - Fri, 08/11/2019 - 01:57
But sure, it's Huawei that's the big security threat

Staff were cuffed in a police raid on Thursday at the offices of US surveillance equipment vendor Aventura Technologies. The workers are now facing criminal charges for allegedly passing off Chinese-made gear as stuff built in America, and selling it to Uncle Sam and its military.…

Categories: News

What do you get when you allegedly mix Wireshark, a gumshoe child molester, and a court PC? A judge facing hacking charges

The Register - Fri, 08/11/2019 - 00:27
Beak denies wrongdoing in baffling malware probe case

A judge in the US state of Georgia is facing hacking charges after she allegedly hired private investigators to look into what she believed was a spyware infection on her office computer.…

Categories: News

This may shock you but Adobe is shipping insecure software. No, it's not Flash this time. Nope, not Acrobat, either

The Register - Thu, 07/11/2019 - 21:28
Mobile app SDKs sport dodgy crypto defaults, set bad examples – updates available

It has been revealed that Adobe's Experience Platform mobile SDKs, used to create apps that interact with the company's cloud services, until recently contained sample configuration files that created insecure default settings.…

Categories: News

Communication, communication – and politics: Iowa saga of cuffed infosec pros reveals pentest pitfalls

The Register - Thu, 07/11/2019 - 19:35
Tales from the coal face as experts reflect on what can possibly go wrong on the job

Analysis  It has been six weeks since Coalfire's Gary Demercurio and Justin Wynn were arrested in Dallas County, Iowa, while performing a paid-for security penetration test at a courthouse. Despite everyone acknowledging there was no foul play, the pair still face criminal charges. They deny any wrongdoing.…

Categories: News

Morrisons tells top court it's not liable for staffer who nicked payroll data of 100,000 employees

The Register - Thu, 07/11/2019 - 14:00
Supermarket takes appeal to most senior legal eagles

Brit supermarket Morrisons is arguing in the Supreme Court that it shouldn't be held vicariously liable for the actions of a rogue employee who stole and leaked the company's payroll.…

Categories: News

We're almost into the third decade of the 21st century and we're still grading security bugs out of 10 like kids. Why?

The Register - Thu, 07/11/2019 - 08:07
Infosec veteran Marc Rogers on why we need a better system to rate vulnerabilities

Disclosure  The way we rate the severity of computer security vulnerabilities and bugs needs to change if people and businesses want to be better protected from malware and cyber-crime.…

Categories: News

Microsoft crams Office 365 docs into Edge-style sandboxes to thwart malware infections

The Register - Thu, 07/11/2019 - 06:03
Your guide to some of the security enhancements announced this week

Ignite  Amid the flood of news from Microsoft's Ignite conference in Florida this week, Redmond dropped word of several new features and additions to its cloud services aimed at protecting user data.…

Categories: News

Ex-Twitter staff charged with spying for Saudi royals: Duo accused of leaking account records, including those of critics

The Register - Thu, 07/11/2019 - 02:52
One cuffed by Feds this week

Two now-ex Twitter employees have been charged with spying on behalf of Saudi Arabia – after they allegedly leaked internal records for accounts linked to critics of the Saudi royal family, including the assassinated journalist Jamal Khashoggi, while working for the social network.…

Categories: News

Google's joins Gang of Four to guard Play Store apps from malware, and maybe not fail so much

The Register - Wed, 06/11/2019 - 22:37
The App Defense Alliance posse will scrutinize Android app code before release

Google, after more than a decade of dealing with Android malware, has formed an alliance with three security companies to help it defend its mobile platform.…

Categories: News

NSA to Congress: Our spy programs don’t work, aren’t used, or have gone wrong – now can you permanently reauthorize them?

The Register - Wed, 06/11/2019 - 21:26
Senators: Um, no.

The NSA was unable to give a single example of how one of its most controversial spying programs has been useful in the fight against terrorism in a Congressional hearing on Wednesday morning.…

Categories: News

Trend Micro: Our super-duper security software will keep you safe from everyone – except our staff who go rogue

The Register - Wed, 06/11/2019 - 20:10
Insider sold 120,000 customer records to scammers

Trend Micro today revealed one of its staff went rogue and illegally sold the personal information of roughly 120,000 of its customers.…

Categories: News

Controversies aren't Boeing away for aircraft maker amid claims of faulty oxygen systems and wobbling wings

The Register - Wed, 06/11/2019 - 15:57
737 NG and 787 Dreamliner hit with safety flaw allegations

Ailing Boeing has been hit with a double whammy of recent controversies alleging safety flaws with its 737 NG (not the fatally flawed Max) and the 787 Dreamliner.…

Categories: News

Leeds IT bloke pleads guilty to hacking Jet2 CEO's email account

The Register - Wed, 06/11/2019 - 14:07
27-year-old 'fessed up to 8 offences

Exclusive  A man has pleaded guilty to hacking low-cost airline Jet2, including an attempt to compromise the CEO's email account.…

Categories: News

Before you high-five yourselves for setting up that bug bounty, you've got the staff in place to actually deal with security, right?

The Register - Wed, 06/11/2019 - 01:27
Katie Moussouris speaks out on modern-day flaw finding and infosec jobs

Disclosure  Bug-bounty pioneer Katie Moussouris has urged companies to hire the necessary staff to handle vulnerability disclosures before diving headlong into handing out rewards.…

Categories: News

'Peregrine falcon'-style drone swarms could help defend UK against Gatwick copycat attacks

The Register - Tue, 05/11/2019 - 16:03
MoD offshoot names winners who dipped into £2m anti-drone ideas pot o' gold

The British government has funded 18 anti-drone projects as part of its £2m push to stop a repeat of the Gatwick drone fiasco of 2018 – including a friendly drone swarm that will employ "peregrine falcon attack strategies" to down errant unmanned flying things.…

Categories: News

Concerns raised over privacy and security of UK Home Office's £842m biometrics programme

The Register - Tue, 05/11/2019 - 14:07
Plans to aggregate it with other databases should be discussed, says ethics group

Updated  An independent ethical advice group has raised concerns about the UK Home Office's £842m Biometrics programme, which will store millions of people's highly sensitive biometric data, due to go live next year.…

Categories: News

Three UK does it again: Random folk on network website are still seeing others' account data

The Register - Tue, 05/11/2019 - 12:24
Once is an unfortunate cockup. Twice needs stamping on

British telco Three UK has once again let random people viewing its homepage view its customers' account details as if they were logged in, exposing personal and billing data to casual browsing.…

Categories: News

PSA: Turning off silent macros in Office for Mac leaves users wide open to silent macro attacks

The Register - Tue, 05/11/2019 - 06:08
Microsoft seems a bit hazy on what 'disable' actually means

A security hole in Office for Mac can be exploited by miscreants to potentially run malicious code on victims' shiny computers without anyone noticing.…

Categories: News

Ransomware freezes govt IT in Canadian territory of Nunavut, drops citizens right Inuit

The Register - Mon, 04/11/2019 - 22:42
As US picks up its game, scumbags seek new targets

A malware infection has crippled the IT operations in the remote Canadian territory of Nunavut.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News