Deja-woooo: Intel, AMD chips running Windows potentially vulnerable to scary Spectre variant

The Register - Wed, 07/08/2019 - 00:01
SWAPGS can be abused to siphon sensitive secrets from kernel memory, patches already available

Spectre – a family of data-leaking side-channel vulnerabilities arising from speculative execution that was disclosed last year and affects various vendors' chips – has a new sibling that bypasses previous mitigations.…

Categories: News

They say piracy killed the Amiga. Know what else it's killing? Malware sales. Awww, diddums

The Register - Tue, 06/08/2019 - 22:36
Trojan devs give up after seeing hard work ripped off, copied between crooks

BSides LV  Life’s tough as a malware developer. If the cops or Feds don't collar you, your fellow scumbags will screw you over – or perhaps both will happen.…

Categories: News

There's fraud, and then there's backdoor routers, fenced logins, malware, and bribing AT&T staff seven figures to unlock 2m phones

The Register - Tue, 06/08/2019 - 19:28
Pakistani bloke extradited to US, accused of masterminding telco hack caper

AT&T staff were bribed $1m to slip the codes to unlock two million smartphones to a gang operating out of Pakistan, US prosecutors have claimed.…

Categories: News

Add passwords to list of stuff CafePress made hash of storing, says infoseccer. 11m+ who used Facebook 'n' pals to sign in were lucky

The Register - Tue, 06/08/2019 - 18:09
11m other leaked users' p-words hashed with SHA-1

Passwords were among the 23 million customer records siphoned from CafePress by hackers – and the site was using the less secure SHA-1 hashing algorithm to store half of its users' credentials.…

Categories: News

Need to automatically and securely verify a download is legit? You bet rget this new tool

The Register - Tue, 06/08/2019 - 08:04
Wget's? I've had a few.... but then again, it's better to cryptographically check the contents of that executable

Brandon Philips, a member of the technical staff at Red Hat, has created a software tool called rget for Linux, macOS, and Windows, to make it easier to determine whether downloaded files can be trusted.…

Categories: News

It's 2019 – and you can completely pwn a Qualcomm-powered Android over the air

The Register - Tue, 06/08/2019 - 06:56
Grab security patches now from chip designer, Google

Black Hat  It is possible to thoroughly hijack a nearby vulnerable Qualcomm-based Android phone, tablet, or similar gadget, via Wi-Fi, we learned on Monday. This likely affects millions of Android devices.…

Categories: News

PIN the blame on us, says Monzo in mondo security blunder: Bank card codes stored in log files as plain text

The Register - Tue, 06/08/2019 - 06:09
Why bother go for databases when insecure log files appears to be where all the data is at

Trendy online-only Brit bank Monzo is telling hundreds of thousands of its customers to pick a new PIN – after it discovered it was storing their codes as plain-text in log files.…

Categories: News

F-B-Yikes! FBI bod allegedly hid spy camera under desk to snap coworker's upskirt pics

The Register - Tue, 06/08/2019 - 00:15
Of all the places to allegedly try this, the J Edgar Hoover HQ ain't one. In fact, no, no building is good. None of them

An FBI contractor has pleaded not guilty to charges that he installed a camera under a coworker's desk to satisfy his "voyeur" fetish.…

Categories: News

Googlers hate it! This one weird trick lets websites dodge Chrome 76's defenses, detect you're in Incognito mode

The Register - Mon, 05/08/2019 - 21:27
Three key words: File, write, benchmark

A week ago, Google released Chrome 76, which included a change intended to prevent websites from detecting when browser users have activated Incognito mode.…

Categories: News

How to avoid getting burned at Black Hat, destroyed at DEF CON or blindsided by Bsides

The Register - Mon, 05/08/2019 - 20:07
The noob's guide to Hacker Summer Camp in Las Vegas

Black Hat  It's that time of year again and the world's white, grey and the occasional black-hat hackers descends into the fetid hell that is Las Vegas in August for a week of conferences, community conflabs and catching up with old friends.…

Categories: News

The sea is dangerous and no one likes robots, so why not send a drone on rescue missions?

The Register - Mon, 05/08/2019 - 17:38 offers £990k for pilotless pilot

The UK's Maritime and Coastguard Agency (MCA) is coughing up just shy of a million quid to see how drones could help with sea rescue and surveillance operations.…

Categories: News

Class-action sueball flung at Capital One and GitHub over theft of 106 million folks' details

The Register - Mon, 05/08/2019 - 14:35
Data loss is lawyers' gain

Code repository GitHub and credit card flinger Capital One are facing down a potential class action suit in the US accusing them of negligence over the loss of 106 million individuals' personal data.…

Categories: News

We've, um, changed our password policy, says CafePress amid reports of 23m pwned accounts

The Register - Mon, 05/08/2019 - 13:46
Three-quarters of email addys already in breach database

Twee T-shirts 'n' merch purveyor CafePress had 23 million user records swiped – reportedly back in February – and this morning triggered a mass password reset, calling it a change in internal policy.…

Categories: News

It's Black Hat and DEF CON in Vegas this week. And yup, you know what that means. Hotel room searches for guns

The Register - Mon, 05/08/2019 - 10:01
Because it's America, it's 2019, and after more mass shootings, let alone Mandalay Bay, no one's taking chances

Black Hat  If you're heading off the Black Hat and DEF CON security conferences in Las Vegas, USA, this week, be prepared to have your hotel room searched if - for any reason - you shoo maid service away and stop staff from cleaning your room.…

Categories: News

LAPD loses job applicant details, Project Zero pokes holes in iOS, AWS S3 whack-a-mole continues, and more

The Register - Mon, 05/08/2019 - 06:14
Plus, Cisco patches up router pwnage vulnerability

Roundup  Here is a quick roundup of the recent happenings in the world of computer security beyond what we've already reported.…

Categories: News

It's a bird! It's a plane! No, it's two-dozen government surveillance balloons over America

The Register - Fri, 02/08/2019 - 23:11
Back at base, bugs in the software. Flash the message, 'Something's out there'... Floating in the summer sky, 99 Fed balloons go by

Uncle Sam is testing a system that uses high-altitude balloons to conduct surveillance over American soil.…

Categories: News

Phisherman's blues: Bogus Dell support rep extradited from Kenya, admits he conned US colleges out of $900,000

The Register - Fri, 02/08/2019 - 20:42
Scumbag faces up to 20 years in the clink for email fraud

An email phisher found hiding in Kenya is facing up to two decades behind bars in America for scamming thousands of dollars from US universities.…

Categories: News

German privacy probe orders Google to stop listening in on voice recordings for 3 months

The Register - Fri, 02/08/2019 - 17:31
Google bows to power of GDPR

Germany's data protection commissioner in Hamburg has launched an investigation into Google over revelations that contracted workers were listening to recordings made via smart speakers.…

Categories: News

Another rewrite for 737 Max software as cosmic bit-flipping tests glitch out systems – report

The Register - Fri, 02/08/2019 - 16:54
Third time's a charm?

Further details have emerged on the 737 Max flight control software bug discovered at the end of June, with reports suggesting that belated tests by a US regulator found the hitherto unknown bug.…

Categories: News

Convince your users to obey the cybersecurity rules: Tune in live online and find out how

The Register - Fri, 02/08/2019 - 14:00
Our panel is here to help you cut through the thickets of indifference

Webcast  Security professionals like you have a tough job. You can bang on about risks, threats, attack types and other scary stuff, explain the ins and outs of compliance, issue dire warnings about what might happen if your listeners don’t do the right thing – and they remain supremely unperturbed.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News