News

Contact-tracer spoofing is already happening – and it's dangerously simple to do

The Register - Tue, 02/06/2020 - 09:29
I'm from the government, and I'm here to help you and your friends

British people will soon begin receiving random phone calls from so-called "contact tracers" warning them about having been in close proximity with potential coronavirus carriers. One of many problems with this scheme is it's dangerously easy to pose as a government contact tracer.…

Categories: News

Had a bad weekend? Probably, if you're a Sectigo customer, after root cert expires and online chaos ensues

The Register - Tue, 02/06/2020 - 07:02
Web sites and services tied to older versions of OpenSSL and GnuTLS have been dropping like flies

On Saturday, at 10:48 UTC, Sectigo's AddTrust legacy root certificate expired, causing a bit of weekend havoc for thousands of websites and services that rely on it for making a secure TLS/SSL connection.…

Categories: News

Get rich quick! Work from home! Earn $100,000 easy – just find a critical flaw in Apple's sign-in system

The Register - Tue, 02/06/2020 - 00:52
Yeah, we know 'just' is doing a lot of hard work, we're being flippant

Security researcher Bhavuk Jain has landed a $100,000 payday after he reported a critical flaw in Apple’s sign-in system that could be exploited to access countless accounts on sites from Dropbox and Spotify to Airbnb.…

Categories: News

REvil ransomware gang publishes 'Elexon staff's passports' after UK electrical middleman shrugs off attack

The Register - Mon, 01/06/2020 - 16:59
Cybercrooks take revenge after planned heist failed

The REvil/Sodinokibi ransomware gang has just published what it claimed were files stolen from UK power grid middleman Elexon.…

Categories: News

UK.gov dangles £400k over makers of IoT Things: Go on, let's see how you'd make a security cert scheme

The Register - Mon, 01/06/2020 - 10:16
And if you win, we'll make it into a kitemark

British companies have been offered access to a £400k pot of cash to design a UK-specific "kitemark" assurance scheme for Internet of Things products.…

Categories: News

The inevitable coronavirus-inspired cyber-attacks are stepping up. Are you ready?

The Register - Mon, 01/06/2020 - 07:00
They’re not very sophisticated, but they’re working: Watch and learn how to fight back

Webcast  You’ve probably had the COVID-19 coronavirus social-engineering scams quietly filtering into, hopefully, your junk folder by now. Featuring anything from bogus medical research with malware-laden URLs to one-to-one approaches offering fake vaccines, it’s not taken very long.…

Categories: News

Cisco hacked: Six backend servers used by customer VIRL-PE deployments compromised via SaltStack

The Register - Sun, 31/05/2020 - 10:32
Plus other news from infosec land this week

Roundup  Six Cisco-operated servers were hacked via SaltStack security vulnerabilities, the networking giant revealed this week.…

Categories: News

Remember when Republicans said Dems hacked voting systems to rig Georgia's election? There were no hacks

The Register - Sat, 30/05/2020 - 00:32
'No evidence of damage to network or computers, no evidence of theft, damage, or loss of data'

On November 4th, 2018, now-Georgia Republican Governor Brian Kemp announced an investigation into his rival Democratic party, accusing the organization of trying to hack the US state's voter registration system.…

Categories: News

Remember when Republicans said Dems hacked voting systems to rig Georgia's election? There were no hacks

The Register - Sat, 30/05/2020 - 00:32
'No evidence of damage to network or computers, no evidence of theft, damage, or loss of data'

On November 4th, 2018, now-Georgia Republican Governor Brian Kemp announced an investigation into his rival Democratic party, accusing the organization of trying to hack the US state's voter registration system.…

Categories: News

Great news. Patch load drops 20% for the first time in 10 years. Bad news: Well, you've heard about coronavirus?

The Register - Fri, 29/05/2020 - 11:45
Fix the crits, sort out the rest later

Over the first quarter of 2020, the number of security bugs disclosed by software makers fell 20 per cent though not for any of the right reasons, it seems.…

Categories: News

Great news. Patch load drops 20% for the first time in 10 years. Bad news: Well, you've heard about coronavirus?

The Register - Fri, 29/05/2020 - 11:45
Fix the crits and backload the rest later

Over the first quarter of 2020, the number of security bugs disclosed by software makers fell 20 per cent though not for any of the right reasons, it seems.…

Categories: News

It's not every day the NSA publicly warns of attacks by Kremlin hackers – so take this critical Exim flaw seriously

The Register - Fri, 29/05/2020 - 07:08
GRU crew actively exploit hole – but you patched it months ago, right?

The NSA has raised the alarm over what it says is Russia's active exploitation of a remote-code execution flaw in Exim for which a patch exists.…

Categories: News

It's not every day the NSA publicly warns of attacks by Kremlin hackers – so take this critical Exim flaw seriously

The Register - Fri, 29/05/2020 - 07:08
Open-source mail servers under active exploitation by GRU crew, make sure you're patched up

The NSA has raised the alarm over what it says is Russia's active exploitation of a remote-code execution flaw in Exim for which a patch exists.…

Categories: News

NTT warns its Singapore cloud was hacked, Japanese customer data compromised

The Register - Fri, 29/05/2020 - 02:36
Early May attack hit 600-plus hosting and cloud customers

Global system integrator NTT has said someone hacked their way into its hosting and cloud services and may have accessed 600-odd customers’ data.…

Categories: News

NTT warns its Singapore cloud was hacked, Japanese customer data compromised

The Register - Fri, 29/05/2020 - 02:36
Early May attack hit 600-plus hosting and cloud customers

Global system integrator NTT has said someone hacked their way into its hosting and cloud services and may have accessed 600-odd customers’ data.…

Categories: News

Got $50k spare? Then you can crack SHA-1 – so OpenSSH is deprecating flawed hashing algo in a 'near-future release'

The Register - Thu, 28/05/2020 - 22:03
The price will only go down

Updated  The maintainers of OpenSSH, the widely used toolkit for connecting securely to servers and devices over networks, have warned that the SHA-1 algorithm will be disabled in a "near-future release".…

Categories: News

Got $50k spare? Then you can crack SHA-1 – so OpenSSH is deprecating flawed hashing algo in a 'near-future release'

The Register - Thu, 28/05/2020 - 22:03
The price will only go down

The maintainers of OpenSSH, widely used for connecting securely to servers and devices over networks, have warned that the SHA-1 algorithm will be disabled in a "near-future release".…

Categories: News

Cybercrooks tend to prefer Google-branded phishing to Microsoft-flavoured lures

The Register - Thu, 28/05/2020 - 19:59
So says Barracuda Networks, anyway

Digital rogues are shunning Microsoft in favour of Google when it comes to launching branded spear-phishing attacks, according to threat intel firm Barracuda Networks.…

Categories: News

Cybercrooks tend to prefer Google-branded phishing to Microsoft-flavoured lures

The Register - Thu, 28/05/2020 - 19:59
So says Barracuda Networks, anyway

Digital rogues are shunning Microsoft in favour of Google when it comes to launching branded spear-phishing attacks, according to threat intel firm Barracuda Networks.…

Categories: News

You, Apple Mac fan. Put down the homemade oat-milk latte, you need to patch a load of security bugs, too

The Register - Thu, 28/05/2020 - 16:45
Patch Thursday is for you, Patch Tuesday is for everyone else

Apple has alerted users about a bunch of security fixes for its software on supported versions of macOS that you ought to install as soon as you can.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News