News

Cryptography whizz Phil Zimmermann looks back at 30 years of Pretty Good Privacy

The Register - Tue, 08/06/2021 - 18:01
The highs, the lows, the acquisitions, the resignations, and more

Encryption and verification package Pretty Good Privacy (PGP) has celebrated a troubled 30 years of securing secrets and giving cypherpunks an excuse to meet in person, with original developer and security specialist Phil Zimmermann toasting a world where encryption is common but, he warns, still under threat.…

Categories: News

Siloscape malware targets Windows containers, breaks through to the underlying Kubernetes cluster

The Register - Tue, 08/06/2021 - 16:30
Using techniques Microsoft had previously considered 'not a vulnerability'

A reverse engineer has discovered what is claimed to be "the first known malware targeting Windows containers to compromise cloud environments," a sentence to put any system administrator on edge.…

Categories: News

DoS vulns in 3 open-source MQTT message brokers could leave users literally locked out of their homes or offices

The Register - Tue, 08/06/2021 - 14:05
If your IoT kit employs RabbitMQ, EMQ X or VerneMQ, it's time to get patching

Synopsys Cybersecurity Research Centre (CyRC) has warned of easily triggered denial-of-service (DoS) vulnerabilities in three popular open-source Internet of Things message brokers: RabbitMQ, EMQ X, and VerneMQ.…

Categories: News

I think therefore IAM: It's not cool, it's not sexy, but it's one of the most important and difficult areas in modern IT

The Register - Tue, 08/06/2021 - 09:30
When I grow up, I want to be an Identity and Access Management specialist – said no one ever

Feature  A search on LinkedIn's UK job site just now (1 June 2021) returned 5,265 roles for a network manager; 2,204 for a system administrator; 4,964 for a web developer; and 10,776 for a business analyst. None of these are a particular surprise – they're popular, sought-after careers.…

Categories: News

Uncle Sam recovers 63.7 of 75 Bitcoins Colonial Pipeline paid to ransomware crew

The Register - Tue, 08/06/2021 - 04:26
All thanks to FBI that somehow had wallet's private key

The US Department of Justice on Monday said it has recovered 63.7 Bitcoins, right now worth $2.1m and falling, of the 75 or so BTC the Colonial Pipeline operators paid the ransomware miscreants who infected the fuel provider's computers.…

Categories: News

Australian cops, FBI created backdoored chat app, told crims it was secure — then listened to 9,000 users' plots

The Register - Tue, 08/06/2021 - 02:53
Hundreds of arrests already in Oz, details of European and US ops to be revealed soon

The Australian Federal Police (AFP) has revealed it was able to decrypt messages sent on a supposedly secure messaging app that was seeded into the organised crime community and promoted as providing snoop-proof comms.…

Categories: News

FBI drops subpoena to identify readers of USA Today article about shootout with agents

The Register - Tue, 08/06/2021 - 01:56
Feds, facing pushback over constitutional concerns, say they no longer need the data after all

The FBI on Saturday withdrew a subpoena issued to USA Today's parent company Gannett in April to find out who read an online news story published in February about a shootout that led to the deaths of two FBI agents and the wounding of three others.…

Categories: News

Everything Apple announced: Tor-like Safari anonymization. Cloaked iCloud addresses. Cloud CI/CD. And more

The Register - Tue, 08/06/2021 - 01:10
No new hardware though loads of bits and bytes for software makers

WWDC  Apple on Monday opened its 2021 Worldwide Developer Conference by promising a raft of operating system and privacy improvements – including a Tor-like relay system to anonymize Safari connections, and randomized email addresses for online account signups.…

Categories: News

Google, Facebook, Chaos Computer Club join forces to oppose German state spyware

The Register - Mon, 07/06/2021 - 23:49
Plus: FBI boss says ransomware is terrorism 2.0, and more

In brief  Plans by the German government to allow the police to deploy malware on any target's devices, and force the tech world to help them, has run into some opposition, funnily enough.…

Categories: News

US House Rep on cyber committees tweets Gmail password, PIN in Capitol riot lawsuit outrage

The Register - Mon, 07/06/2021 - 21:38
Gonna need a little Mo security over here

US House Rep Mo Brooks (R-AL) seemingly revealed his Gmail password and a PIN in a Sunday rage tweet about a lawsuit regarding the January 6 insurrection attempt.…

Categories: News

Remember Anonymous? It/they might be back, and it/they are angry with Elon Musk

The Register - Mon, 07/06/2021 - 14:45
Has the hacktivist group had enough of Musk's manipulative crypto-Tweets, or has someone just donned the mask to protest their crashed Bitcoin balance?

Entities using the name and iconography of hacktivist collective Anonymous have deemed Elon Musk's recent crypto-tweeting worthy of a re-emergence.…

Categories: News

We're right behind Computer Misuse Act reforms for busting ransomware gangs, says UK infosec industry

The Register - Mon, 07/06/2021 - 12:30
Plus: CyberUp campaign writes to Home Sec

British infosec businessees mostly support beefing up the Computer Misuse Act to directly tackle the ransomware crisis – while reform campaign CyberUp has written to Home Secretary Priti Patel offering “support” for “a renewed, forward looking framework”.…

Categories: News

Military infosec SNAFUs: What WhatsApp and bears in the woods can teach us

The Register - Mon, 07/06/2021 - 09:32
One can’t spell shit without IT, but for God sake it doesn't need to be in your endpoints

Column  Fans of John le Carré’s Tinker Tailor Soldier Spy know how top military secrets are extracted from the enemy. Senior figures are turned in operations run by the most secret brains in the country, bluff and double-bluff mix with incredible feats of bravery, treachery and psychological manipulation.…

Categories: News

Biden expands Chinese tech and military blocklist to 59 companies

The Register - Fri, 04/06/2021 - 20:24
US president calls China’s military-industrial complex 'a threat' and condemns surveillance technology for human rights abuse

US president Joe Biden has issued an executive order to expand the Trump-era ban preventing Chinese tech and defence companies from receiving American investment, upping it from 31 to 59 named entities.…

Categories: News

Good news for pentesters and network admins: US issues ransomware guidance asking biz to skill up security teams

The Register - Fri, 04/06/2021 - 17:45
New approach against malware pushers mirrors how American authorities handle terrorism cases

The White House has issued a communique to business leaders [PDF] urging them to take the threat of ransomware a bit more seriously.…

Categories: News

Android banking malware sharply increased in the first chunk of 2021, reckons ESET

The Register - Fri, 04/06/2021 - 13:34
Claims Russia's FSB was poking around an Eastern European ministry

While enterprises stagger under sustained ransomware attacks, Android users are increasingly being targeted by banking malware, with Slovakian infosec firm ESET reckoning it had seen a 159 per cent increase in such malicious software over the last few months.…

Categories: News

The policy of truth: As ransomware claims rise, what's a cyber insurer to do?

The Register - Fri, 04/06/2021 - 10:41
Never again is what you swore... the time before

If you rely on your insurer to pay off crooks after a successful ransomware attack, you wouldn't be the only one.…

Categories: News

Brit retailer Furniture Village confirms 'cyber-attack' as systems outage rolls into Day 7

The Register - Fri, 04/06/2021 - 09:15
Sofa, not-so-good: Angry customers still can't access systems, phones, and deliveries delayed

Furniture Village – the UK's largest independent furniture retailer with 54 stores nationwide – has been hit by a "cyber-attack", the company confirmed to The Register.…

Categories: News

How to use Google's new dependency mapping tool to find security flaws buried in your projects

The Register - Fri, 04/06/2021 - 03:59
Millions of Rust, JavaScript, Go, Maven repositories scanned and visualized

Google has built an online tool that maps out all the dependencies in millions of open-source software libraries and flags up any unpatched vulnerabilities.…

Categories: News

Supreme Court narrows Computer Fraud and Abuse Act: Misusing access not quite the same as breaking in

The Register - Thu, 03/06/2021 - 21:45
We'll explain everything for you

The US Supreme Court on Thursday limited the scope of the 1986 Computer Fraud and Abuse Act (CFAA) in a ruling that found a former sergeant did not violate the law by misusing his access to a police database.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News