Tycoon malware rages through US schools, LG's boot problem, and QNAP admins had better get busy

The Register - Mon, 08/06/2020 - 08:45
Also: Cisco and Apple push out patches

It is time once again for El Reg's weekly security roundup. Here's a look at a few of the more interesting stories making the rounds over the past seven days.…

Categories: News

British Army pulls up its SOC: New regiment to do infosec work even civvies will recognise

The Register - Fri, 05/06/2020 - 20:37
That's Systems Operating Centre to you. Chuffed with that, says Royal Signals brigadier

The British Army has raised a new regiment that will take charge of its in-house security operations centre, a move calculated to make cyber defence a more mainstream part of all things armed and camouflaged.…

Categories: News

Kind of goes without saying, but fix your admin passwords or risk getting borged by this brute-forcing botnet

The Register - Fri, 05/06/2020 - 18:35
Publishing platforms, hosts being targeted by Stealthworker malware

Servers are being targeted with a malware attack that uses its infected hosts to brute-force other machines.…

Categories: News

UK govt publishes contracts granting Amazon, Microsoft, Google and AI firms access to COVID-19 health data

The Register - Fri, 05/06/2020 - 16:36
Questions linger over involvement of biz linked to Dominic Cummings and Vote Leave campaign

UK government has published the contracts it holds with private tech firms and the NHS for the creation of a COVID-19 data store, just days after campaigners fired legal shots over a lack of transparency.…

Categories: News

Signal goes Gaussian to take privacy to the next level: All your faces don't belong to us

The Register - Fri, 05/06/2020 - 12:20
Blur tool brings privacy protection to images, in these troubled times

Amid nationwide protests over the death of George Floyd, secure comms biz Signal has deployed a blur tool in its messaging and calling app to allow users to obscure faces in app-captured snapshots.…

Categories: News

OK Windows 10, we get it: You really do not want us to install this unsigned application. But 7 steps borders on ridiculous

The Register - Fri, 05/06/2020 - 10:29
Utility creator claims OTT security hoops are harmful to indie devs

A developer of a Windows utility has protested that "Microsoft Defender SmartScreen is hurting independent developers" because of the number of warnings and obstacles placed in front of users who download installers that are not signed or sufficiently well known.…

Categories: News

Facebook to save US users from ads bought by foreign state-controlled media

The Register - Fri, 05/06/2020 - 03:56
Leaving more room for false ads bought by local politicians, which it still allows

Facebook will hide ads bought by state-owned media outlets from its US-based users, as part of its plan “to provide an extra layer of protection against various types of foreign influence in the public debate ahead of the November 2020 election in the US.”…

Categories: News

VMware beefs up security chops with Lastline acquisition, reportedly drops 40 per cent of staff

The Register - Thu, 04/06/2020 - 23:51
Security firm's swallowing may leave many staff out in the cold

VMware is acquiring antimalware company Lastline to boost its network security offerings.…

Categories: News

Have I Been Pwned breach report email pwned entire firm's helldesk ticket system

The Register - Thu, 04/06/2020 - 18:45
That's one way of making people check for updates

A hapless IT bod found the Have I Been Pwned service (HIBP) answering its own question in a way he really didn’t want – after a breach report including a SQL string KO’d his company’s helpdesk ticket system.…

Categories: News

Legal complaint lodged with UK data watchdog over claims coronavirus Test and Trace programme flouts GDPR

The Register - Thu, 04/06/2020 - 15:12
'Government is moving too fast, and breaking things as a result'

Open Rights Group has instructed lawyers to lodge a complaint with the UK's data watchdog over the rollout of the Test and Trace system because it says the system breaches the General Data Protection Regulation (GDPR).…

Categories: News

Sophos puts 100 at risk of redundancy as future of Naked Security blog hangs in balance

The Register - Thu, 04/06/2020 - 14:05
Firm denies shutdown of marketing organ but heads may well roll

Exclusive  Sophos has placed 100 staff at risk of redundancy and is said to be shutting down its Naked Security blog, sources have told The Register - although the private equity-owned biz denied this.…

Categories: News

Creeps give away money to harass recipients with abusive transaction descriptions on bank statements

The Register - Thu, 04/06/2020 - 08:26
'Serious threats' and references to family violence as payment descriptors turned into virtual messaging service

Creeps in Australia have given away money in order to harass people with abusive transaction descriptions that appear in online banking records.…

Categories: News

Why updating your PC fleet lowers TCO, bolsters security – and makes life easier for your IT admins

The Register - Thu, 04/06/2020 - 08:00
The Intel vPro platform aims to give businesses what they need to thrive

Sponsored  Every company these days seems to be undergoing some element of digital transformation. A phrase that has taken on a variety of meanings, but all entail more work for the IT department.…

Categories: News

Update Firefox: Mozilla just patched three hijack-me holes and a bunch of other flaws

The Register - Thu, 04/06/2020 - 03:28
Plus: Zoom fixes code-execution security bugs

Mozilla has emitted security updates for Firefox to address eight CVE-listed security flaws, five of them considered to be high-risk vulnerabilities.…

Categories: News

Anatomy of a business email scam: FBI dossier details how fraudster pocketed $500k+ by redirecting payments

The Register - Thu, 04/06/2020 - 00:53
Electrolux, construction biz fooled into handing over money funneled out of the US to South Africa

A fraudster has admitted he tricked two suppliers into paying him more than $500,000 by impersonating staff at a subcontractor and a retail outlet via email.…

Categories: News

$5bn+ sueball bounces into Google's court over claims it continues to track netizens in 'private browsing mode'

The Register - Wed, 03/06/2020 - 18:45
You've not heard this one before but it does sound familiar

Google has been sued for billions of dollars in a proposed class action alleging the adtech company identified and tracked users who adopted its browser's incognito mode to avoid such tracking.…

Categories: News

Defending critical national infrastructure... hmm. Does Zoom count as critical now?

The Register - Wed, 03/06/2020 - 15:30
All the old lines are getting pretty darn blurred, say security experts at Euro online confab

Infosec Europe  Does your IT security model take into account things like pacemakers? According to Dr Victoria Baines, speaking at Infosec Europe, "we also perhaps neglect the idea that critical infrastructure might be inside people" as well as merely carried in their pockets.…

Categories: News

Tor soups-up onion sites with bountiful browser bump: No more tears trying to find the secure sites you want

The Register - Wed, 03/06/2020 - 07:55
Latest Tor Browser iteration makes the dark web a bit more memorable

The Tor Project this week rolled out an update to its browser that attempts to make the anonymity-protecting onion routing scheme more approachable.…

Categories: News

Office supplies biz owned by UK council shrugs off ransomware demand for 102 Bitcoin

The Register - Tue, 02/06/2020 - 18:37
Firm told customers they'd got a new Gmail address

A Brit public sector-owned office supplies company shrugged off a ransomware demand for 102 Bitcoins after a staffer opened a phishing email.…

Categories: News

'Beyond stupid': Linus Torvalds trashes 5.8 Linux kernel patch over opt-in Intel CPU bug mitigation

The Register - Tue, 02/06/2020 - 13:19
AWS engineers given a dressing-down after proposing fix for 'paranoid' tasks

Linus Torvalds has removed a patch in the next release of the Linux kernel intended to provide additional opt-in mitigation of attacks against the L1 data (L1D) CPU cache.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News