'This repository is private' – so what's it doing on the public internet, GE Aviation?

The Register - Tue, 09/07/2019 - 17:45
DNS config snafu bares Jenkins instance contents to world+dog

GE Aviation managed to expose a pile of its private keys on a misconfigured Jenkins instance that was exposed to the public internet, according to a security researcher who found it through Shodan.…

Categories: News

Boffins ready to go live with system that will track creatures great and small from space

The Register - Tue, 09/07/2019 - 14:00
From elephants to fish, there's no GDPR in the animal kingdom

Boffins at the Max Planck Institute for Ornithology are finally ready to switch on Icarus – a system that will track the migration of animals by using an antenna installed at the International Space Station (ISS).…

Categories: News

Anyone for unintended Chat Roulette? Zoom installs hidden Mac web server to allow auto-join video conferencing

The Register - Tue, 09/07/2019 - 13:15
'A legitimate solution to a poor user experience'

Zoom Video Communications, whose web conferencing service is used by millions, is under fire for installing a hidden web server on Macs in order to bypass user consent when joining a meeting.…

Categories: News

Two pentesters, one glitch: Firefox browser menaced by ancient file-snaffling bug, er, feature

The Register - Tue, 09/07/2019 - 12:00
Forgive the sins of the fathers: Mozilla to have another go at tackling teenage flaw

Mozilla has been sitting on a new variant of an age-old flaw for almost a year, even with public disclosure happening back in January.…

Categories: News

Meet the Great Duke of... DLL: Microsoft shines light on Astaroth, a devilishly sneaky strain of fileless malware

The Register - Mon, 08/07/2019 - 22:38
DLL or no DLL?

Microsoft has lifted the lid on the inner-workings of a particularly nasty piece of fileless malware that aims to pilfer user data without needing to install software on the victim's machine.…

Categories: News

Dear El Reg, Will Windows 10 break my VPN? I read it on the web so it must be true

The Register - Mon, 08/07/2019 - 20:52
In summary: Nice try, Redmond, but you'll have to try harder to upset folks

Microsoft's latest official Windows 10 update, OS Build 18362.207, from June 27, 2019, can potentially break your VPN. But it probably won't because it's an edge case that can be expected to affect very few people.…

Categories: News

Medway Council reforms eforms to stop blurting out residents' details

The Register - Mon, 08/07/2019 - 10:40
Digital project had gaping holes. On the bright side, here's Craig David all over your *boink*

Medway council in Kent has corked a hole in its website that spat out residents' names, mailing addresses, phone numbers and email addresses after a Reg reader got in touch to complain.…

Categories: News

UK data regulator threatens British Airways with 747-sized fine for massive personal data blurt

The Register - Mon, 08/07/2019 - 09:21
Half a million records lost? £183m GDPR fine lined up

The UK Information Commissioner's Office has warned BA it faces a whopping £183.39m following the theft of million customer records from its website and mobile app servers.…

Categories: News

Fibaro flummoxed, Georgia courts held for ransom, and more

The Register - Sat, 06/07/2019 - 12:01
Plus, Florida Man out of a job for paying off hackers

Between the plentiful beverages and copious amounts of meat, pretty much everyone in the US is hung over from Independence Day in one form or another, so let's jump right into the security news.…

Categories: News

Cisco delivers Patch Tuesday warmup with bundle of 18 bug fixes

The Register - Fri, 05/07/2019 - 20:14
Unified Comms, Jabber among targets for clean-up

Cisco has delivered a bundle of 17 security updates to address 18-CVE-listed vulnerabilities in its networking and communications gear.…

Categories: News

Wide of the net: Football Association of Ireland says player, manager data safe after breach

The Register - Fri, 05/07/2019 - 16:44
It was a game of two halves

The Football Association of Ireland (FAI) has confirmed it suffered a security breach of its payroll systems, which was discovered last month, saying no staff data had been compromised.…

Categories: News

Worried about hackers? Catch a lifeline with this month's Sophos SOS cybersecurity podcasts

The Register - Fri, 05/07/2019 - 07:02
Experts offer their advice on staying safe and secure online

Promo  If worries about cybersecrity threats to your business and private data are keeping you awake at night, soothe your nerves by tuning into the Sophos SOS Security Week series of podcasts from 8-12 July, and find out what you need to know to be better prepared.…

Categories: News

Get rekt: Two years in clink for game-busting DDoS brat DerpTrolling

The Register - Thu, 04/07/2019 - 16:00
It’s all lulz until someone goes to prison

Austin Thompson, aka DerpTrolling, who came to prominence in 2013 by launching Distributed Denial of Service (DDoS) attacks against major video game companies, has been sentenced to 27 months in prison by a federal court.…

Categories: News

Reports of cyber attacks fall, says survey: GDPR? Fewer nasties? More targeted attacks? We just don't know

The Register - Thu, 04/07/2019 - 14:30
'Cyber stuff is still happening and some businesses are taking it more seriously'

UK businesses have reported a significant fall in cyber attacks over the last 12 months.…

Categories: News

US Cyber Command warns that the Outlook is not so good - Iranians hitting email flaw

The Register - Thu, 04/07/2019 - 00:51
Government-backed campaign going after bug that was patched in 2017

An ongoing Iranian government-backed hacking campaign is now trying to exploit a Microsoft Outlook flaw from 2017.…

Categories: News

How do we stop facial recognition from becoming the next Facebook: ubiquitous and useful yet dangerous, impervious and misunderstood?

The Register - Wed, 03/07/2019 - 22:32
We talk to one CEO about why bans aren't the answer but federal regulation is

Facial recognition is having a rough time of it lately. Just six months ago, people were excited about Apple allowing you to open your phone just by looking at it. A year ago, Facebook users joyfully tagged their friends in photos. But then the tech got better, and so did the concerns.…

Categories: News

YouTube mystery ban on hacking videos has content creators puzzled

The Register - Wed, 03/07/2019 - 21:27
Recent policy remains unclear about what's disallowed

Updated  YouTube, under fire since inception for building a business on other people's copyrights and in recent years for its vacillating policies on irredeemable content, recently decided it no longer wants to host instructional hacking videos.…

Categories: News

D-Link must suffer indignity of security audits to settle with the Federal Trade Commission

The Register - Wed, 03/07/2019 - 17:30
No admission of guilt, but plenty of new rules to follow

Taiwanese networking equipment vendor D-Link will have to submit to a decade of product security audits after agreeing to settle a lawsuit brought by the US Federal Trade Commission.…

Categories: News

Russian 'Silence' hacking crew turns up the volume – with $3m-plus cyber-raid on bank's cash machines

The Register - Wed, 03/07/2019 - 12:10
Dutch Bangla falls victim to coordinated ATM scam

A prominent Russian hacker crew is seemingly expanding its reach – having just pulled off a multi-million dollar cyber-heist in Bangladesh, we're told.…

Categories: News

Here's a great idea: Why don't we hardcode the same private key into all our smart home hubs?

The Register - Wed, 03/07/2019 - 08:07
Another day, another appalling Internet of S**t security flaw

Smart home company Zipato hardcoded the same private SSH key into every one of its hubs, leaving its system open to hacking, researchers revealed this week.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News