News

Firefox ditches Do Not Track because nobody was listening anyway

The Register - Thu, 12/12/2024 - 08:49
Few websites actually respect the option, says Mozilla

When Firefox 135 is released in February, it'll ship with one less feature: Mozilla plans to remove the Do Not Track toggle from its Privacy and Security settings. …

Categories: News

Citrix goes shopping in Europe and returns with gifts for security-conscious customers

The Register - Thu, 12/12/2024 - 05:02
Acquires two companies that help those on the nice list keep naughty list types at bay

Citrix has gone on a European shopping trip, and come home with its bag of gifts bulging thanks to a pair of major buys: infosec outfits deviceTRUST and Strong Network.…

Categories: News

Blocking Chinese spies from intercepting calls? There ought to be a law

The Register - Wed, 11/12/2024 - 23:03
Sen. Wyden blasts FCC's 'failure' amid Salt Typhoon hacks

US telecoms carriers would be required to implement minimum cyber security standards and ensure their systems are not susceptible to hacks by nation-state attackers – like Salt Typhoon – under legislation proposed by senator Ron Wyden (D-OR).…

Categories: News

Krispy Kreme Doughnut Corporation admits to hole in security

The Register - Wed, 11/12/2024 - 19:00
Belly-busting biz says it's been hit by cowardly custards

Doughnut slinger Krispy Kreme has admitted to an attack that has left many customers unable to order online.…

Categories: News

Three more vulns spotted in Ivanti CSA, all critical, one 10/10

The Register - Wed, 11/12/2024 - 12:04
Patch up, everyone – that admin portal is mighty attractive to your friendly cyberattacker

Ivanti just put out a security advisory warning of three critical vulnerabilities in its Cloud Services Application (CSA), including a perfect 10.…

Categories: News

US names Chinese national it alleges was behind 2020 attack on Sophos firewalls

The Register - Wed, 11/12/2024 - 05:02
Also sanctions his employer – an outfit called Sichuan Silence linked to Ragnarok ransomware

The US Departments of Treasury and Justice have named a Chinese business and one of its employees as the actors behind the 2020 exploit of a zero-day flaw in Sophos firewalls…

Categories: News

Microsoft holds last Patch Tuesday of the year with 72 gifts for admins

The Register - Tue, 10/12/2024 - 20:48
Twas the night before Christmas, and all through the house, patching was done with the click of a mouse

Microsoft hasn't added too much coal to the stocking this Patch Tuesday, with just 72 fixes, only one of which scored more than nine on the CVSS threat ranking scale.…

Categories: News

US military grounds entire Osprey tiltrotor fleet over safety concerns

The Register - Tue, 10/12/2024 - 19:06
Boeing-Bell V-22 can't outfly its checkered past, it seems

The US Navy, Air Force, and Marine Corps have grounded their fleet of Boeing-Bell-made Osprey V-22s on safety grounds.…

Categories: News

AMD secure VM tech undone by DRAM meddling

The Register - Tue, 10/12/2024 - 16:00
Boffins devise BadRAM attack to pilfer secrets from SEV-SNP encrypted memory

Researchers have found that the security mechanism AMD uses to protect virtual machine memory can be bypassed with $10 of hardware – and perhaps not even that.…

Categories: News

Fully patched Cleo products under renewed 'zero-day-ish' mass attack

The Register - Tue, 10/12/2024 - 13:32
Thousands of servers targeted while customers wait for patches

Researchers at security shop Huntress are seeing mass exploitation of a vulnerability affecting three Cleo file management products, even on patched systems.…

Categories: News

Heart surgery device maker's security bypassed, data encrypted and stolen

The Register - Tue, 10/12/2024 - 12:30
Sounds like th-aorta get this sorted quickly

A manufacturer of devices used in heart surgeries says it's dealing with "a cybersecurity incident" that bears all the hallmarks of a ransomware attack.…

Categories: News

Bitfinex heist gets the Netflix treatment after 'cringey couple' sentenced

The Register - Tue, 10/12/2024 - 10:15
Streamer's trademark dramatic style takes on Bitcoin Bonnie and Clyde

A documentary examining the 2016 Bitfinex burglars hits Netflix, bringing the curious case to living rooms for the first time.…

Categories: News

WhatsApp finally fixes View Once flaw that allowed theft of supposedly vanishing pics

The Register - Tue, 10/12/2024 - 07:30
And it only took four months, tut

WhatsApp has fixed a problem with its View Once feature, designed to protect people's privacy with automatically disappearing pictures and videos.…

Categories: News

Police arrest suspect in murder of UnitedHealthcare CEO, with grainy pics the only tech involved

The Register - Tue, 10/12/2024 - 00:58
McDonald's worker called it in, cops swooped, found 'gun, suppressor, manifesto'

Police in Pennsylvania have arrested a man suspected of shooting dead the CEO of insurer UnitedHealthcare in New York City, thanks to a McDonald's employee who recognized the suspect in a burger joint – and largely without help from technology.…

Categories: News

China's Salt Typhoon recorded top American officials' calls, says White House

The Register - Mon, 09/12/2024 - 19:01
No word yet on who was snooped on. Any bets?

Chinese cyberspies recorded "very senior" US political figures' calls, according to White House security boss Anne Neuberger.…

Categories: News

Crooks stole AWS credentials from misconfigured sites then kept them in open S3 bucket

The Register - Mon, 09/12/2024 - 16:15
ShinyHunters-linked heist thought to have been ongoing since March

Exclusive  A massive online heist targeting AWS customers during which digital crooks abused misconfigurations in public websites and stole source code, thousands of credentials, and other secrets remains "ongoing to this day," according to security researchers.…

Categories: News

OpenWrt orders router firmware updates after supply chain attack scare

The Register - Mon, 09/12/2024 - 14:04
A couple of bugs lead to a potentially bad time

OpenWrt users should upgrade their images to the same version to protect themselves from a possible supply chain attack reported to the open source Wi-Fi router project last week.…

Categories: News

Microsoft dangles $10K for hackers to hijack LLM email service

The Register - Mon, 09/12/2024 - 11:05
Outsmart an AI, win a little Christmas cash

Microsoft and friends have challenged AI hackers to break a simulated LLM-integrated email client with a prompt injection attack – and the winning teams will share a $10,000 prize pool.…

Categories: News

Blue Yonder ransomware termites claim credit

The Register - Mon, 09/12/2024 - 03:01
Also: Mystery US firm compromised by Chinese hackers for months; Safe links that aren't; Polish spy boss arrested, and more

Infosec in brief  Still smarting over that grocery disruption caused by a ransomware attack on supply chain SaaS vendor Blue Yonder? Well, now you have someone to point a finger at: the Termite ransomware gang.…

Categories: News

How Chinese insiders are stealing data scooped up by President Xi's national surveillance system

The Register - Sun, 08/12/2024 - 17:00
'It's a double-edged sword,' security researchers tell The Reg

Feature  Chinese tech company employees and government workers are siphoning off user data and selling it online - and even high-ranking Chinese Communist Party officials and FBI-wanted hackers' sensitive information is being peddled by the Middle Kingdom's thriving illegal data ecosystem.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News