Digital Ocean dumps Mailchimp after attack leaked customer email addresses

The Register - Tue, 16/08/2022 - 06:31
Somebody went after crypto-centric companies’ outsourced email but the damage was felt in the cloud

Junior cloud Digital Ocean has revealed that some of its clients’ email addresses were exposed to attackers, thanks to an attack on email marketing service Mailchimp.…

Categories: News

It's 2022 and there are still thousands of public systems using password-less VNC

The Register - Tue, 16/08/2022 - 03:36
Let alone the ones with 123456 to login. How sophisticated do attackers really need to be?

Thousands of machines on the public internet can be remotely controlled via VNC without any authentication, a cybersecurity vendor has reminded us this month.…

Categories: News

Oh Deere: Farm hardware jailbroken to run Doom

The Register - Tue, 16/08/2022 - 01:53
Corn-y demo heralded as right-to-repair win

At DEF CON 30 on Saturday, an Australian who goes by the handle Sick Codes showed off a way to fully take control of some John Deere farming machine electronics to run first-person shooter Doom.…

Categories: News

CIA accused of illegally spying on Americans visiting Assange in embassy

The Register - Mon, 15/08/2022 - 20:37
Lawyers, journalists sue super-snoop agency and Spanish security biz

The CIA illegally spied on US citizens while they visited WikiLeaks publisher Julian Assange inside the Ecuadorian embassy in London, a lawsuit filed today has claimed.…

Categories: News

Dutch authorities arrest 29-year-old dev with suspected ties to Tornado Cash

The Register - Mon, 15/08/2022 - 18:31
The arrest comes days after US Treasury levies sanctions against the crypto mixing service

Dutch authorities have arrested a software developer suspected of working with Tornado Cash, a cryptocurrency mixing service that only two days earlier was sanctioned by the US government for allegedly laundering money for ransomware operators and other cybercriminals.…

Categories: News

Indian military ready to put long-range quantum key distribution on the line

The Register - Mon, 15/08/2022 - 07:56
Local startup can make it happen over 150km

India's military has celebrated the nation's Independence Day by announcing it will adopt locally developed quantum key distribution (QKD)technology that can operate across distances of 150km.…

Categories: News

Black Hat and DEF CON visitors differ on physical risk management

The Register - Mon, 15/08/2022 - 05:58
COVID, flood surfing, crowds – what to pick?

Black Hat  As last week's hacker summer camps would down it's clear that attendee numbers are still well down on the pre-COVID days, although things are recovering.…

Categories: News

Elon Musk wrote article for China's internet regulator, hinted at aged care robots

The Register - Mon, 15/08/2022 - 00:45
PLUS Vietnam's massive infosec push; Philippines telco fight; Australia dumps COVID app; and more

Asia in Brief  Elon Musk has written an article for the Cyberspace Administration of China's flagship magazine.…

Categories: News

Ukraine's cyber chief comes to Black Hat in surprise visit

The Register - Sat, 13/08/2022 - 11:00
Tl;DR - the news isn't good

Black Hat In Brief  Victor Zhora, Ukraine's lead cybersecurity official, made an unannounced visit to Black Hat in Las Vegas this week, where he spoke to attendees about the state of cyberwarfare in the country's conflict with Russia. The picture Zhora painted was bleak.…

Categories: News

Let there be ambient light sensing, without fear of data theft

The Register - Sat, 13/08/2022 - 01:24
Six years on web devs finally settle on sensor privacy defenses

Six years after web security and privacy concerns surfaced about ambient light sensors in mobile phones and notebooks, browser boffins have finally implemented defenses.…

Categories: News

Palo Alto bug used for DDoS attacks and there's no fix yet

The Register - Sat, 13/08/2022 - 00:17
There goes the weekend...

A high-severity Palo Alto Networks denial-of-service (DoS) vulnerability has been exploited by miscreants looking to launch DDoS attacks, and several of the affected products won't have a patch until next week.…

Categories: News

Starlink satellite dish cracked on stage at Black Hat

The Register - Fri, 12/08/2022 - 23:40
Once the modchip plans are live, you can, too

Black Hat  A security researcher has shown how to, with physical access at least, fully take over a Starlink satellite terminal using a homemade modchip.…

Categories: News

US reveals 'Target' pic of Conti man with $10m reward offer

The Register - Fri, 12/08/2022 - 20:30
Fashion Police chipping in on the bounty related to costliest strain of ransomware on record

The US government is putting a face on a claimed member of the infamous Conti ransomware group as part of a $10 million reward for information about five of the gang's crew.…

Categories: News

Microsoft trumps Google for 2021-22 bug bounty payouts

The Register - Fri, 12/08/2022 - 19:00
Another $13.7m handed out to researchers, but then again it does have an awful lot of attack surfaces

Microsoft appears to have beat Google on the bug bounty front, with $13.7 million in rewards spread out over 335 researchers.…

Categories: News

Intel ups protection against physical chip attacks in Alder Lake

The Register - Fri, 12/08/2022 - 16:00
Repurposes logic originally used for spotting variations in voltage, timing in older circuits to help performance

Black Hat  Intel has disclosed how it may be able to protect systems against some physical threats by repurposing circuitry originally designed to counter variations in voltage and timing that may occur as silicon circuits age.…

Categories: News

Emergency services call-handling provider: Ransomware forced it to pull servers offline

The Register - Fri, 12/08/2022 - 14:06
Advanced's infrastructure still down and out, recovery to take weeks or more

Advanced, the MSP forced to shut down some of its servers last week after identifying an "issue" with its infrastructure hosting products, has confirmed a ransomware attack and says recovery will be in the order of weeks.…

Categories: News

FAANGs failing on keeping user data safe from bug hunters

The Register - Fri, 12/08/2022 - 01:58
Time to call in the legal team

Black Hat  Dylan Ayrey, a bug hunter and CEO of Truffle Security, discovered a big data company credential dump containing personal information belonging to about 50,000 of its users, and still hasn't fixed it. …

Categories: News

Higher risks and premiums are creating critical gap in cyber insurance

The Register - Fri, 12/08/2022 - 00:03
Most organizations don’t have the financial resources necessary to address ransomware and other cyberattacks, BlackBerry says

Black Hat  Many organizations are increasingly unprepared to deal with the skyrocketing costs of a ransomware attacks, at a time when the number of incidents and the payments demanded by cybercriminals are rising rapidly.…

Categories: News

Security needs to learn from the aviation biz to avoid crashing

The Register - Thu, 11/08/2022 - 23:30
'Until someone has to go to jail for doing it wrong the teeth are not going to be the same'

Black Hat video  The security industry needs to take a leaf from the manual of an industry where smart incident response is literally life and death, if it is to fix systemic problems.…

Categories: News

Russian invasion has dangerously destabilized cyber security norms

The Register - Thu, 11/08/2022 - 22:30
The inside scoop on the Ukrainian IT army, and what could happen next

Black Hat  The hacktivist attacks that have occurred during the ongoing war in Ukraine are setting a dangerous precedent for cyber norms — and infrastructure security, according to journalist and author Kim Zetter.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News