FireEye sold to McAfee's new owners for $1.2bn as Mandiant split into standalone firm again

The Register - Thu, 03/06/2021 - 13:55
Another big name buyout by STG

FireEye has been sold for $1.2bn to the same American private equity fund that bought McAfee’s enterprise security business, severing it from infosec stablemate Mandiant.…

Categories: News

European Parliament's data adequacy objection: Doubts cast on UK's commitment to data protection

The Register - Thu, 03/06/2021 - 09:30
Plus: Judgement in immigration exemption case makes things worse

Comment  Almost two weeks ago, the European Parliament took the step of objecting to the Commission decisions to grant the UK data adequacy.…

Categories: News

Antivirus that mines Ethereum sounds a bit wrong, right? Norton has started selling it

The Register - Thu, 03/06/2021 - 07:51
Down continues to be the new up

NortonLifeLock, the company that offers the consumer products Broadcom didn’t want when it bought Symantec, has started to offer Ethereum mining as a feature of its Norton 360 security suite.…

Categories: News

Deadline draws near to avoid auto-joining Amazon's mesh network Sidewalk

The Register - Thu, 03/06/2021 - 00:05
'A stalker can abuse it to stalk people better. There are no mitigations mentioned'

Owners of Amazon Echo assistants and Ring doorbells have until June 8 to avoid automatically opting into Sidewalk, the internet giant's mesh network that taps into people's broadband and may prove to be a privacy nightmare.…

Categories: News

Ahem, Huawei, your USB LTE stick has a vuln. I SAID AHEM, Huawei, are you listening?

The Register - Wed, 02/06/2021 - 19:35
Embarrassing flaw in E3372 device finally patched

Huawei has belatedly fixed a mild vulnerability in a USB connectivity dongle spotted by Trustwave after The Register intervened.…

Categories: News

JBS Foods ransomware gang: White House 'engaging directly' with Russia about attack on massive meat producer

The Register - Wed, 02/06/2021 - 16:57
Aussie cops start probe and FBI and USDA lend a hand

Australian police are investigating a ransomware attack at the facilities of JBS Foods — one of the largest producers of meat in the world – as the White House fingers Russia-based cybercriminals.…

Categories: News

UK Special Forces soldiers' personal data was floating around WhatsApp in a leaked Army spreadsheet

The Register - Wed, 02/06/2021 - 15:28
Bizarre promotion practice leads to near-inevitable breach

Exclusive  An astonishing data security blunder saw the personal data of Special Forces soldiers circulating around WhatsApp in a leaked British Army spreadsheet.…

Categories: News

OpenPGP library RNP updates after Thunderbird decrypt-no-recrypt bug squashed

The Register - Wed, 02/06/2021 - 11:44
Not the obvious function, the other obvious function

OpenPGP project RNP has patched its flagship product after Mozilla Thunderbird, a major user, was found to be saving users’ private keys in plain text.…

Categories: News

Feds seize two domains used by SolarWinds intruders for malware spear-phishing op

The Register - Wed, 02/06/2021 - 01:23
Info-stealing scheme, attributed to Russia-affiliated crew, relied on spoof USAID marketing messages

Uncle Sam on Tuesday said it had seized two web domains used to foist malware on victims using spoofed emails from the US Agency for International Development (USAID).…

Categories: News

There's a lesson here for us all: A third of healthcare orgs in Sophos survey 'hit with ransomware in 2020'

The Register - Tue, 01/06/2021 - 19:00
What’s the remedy? Read on…

Promo  The thought of ransomware gripping the corporate systems we manage is enough to give any of us sleepless nights. The thought of a ransomware attack crippling the healthcare infrastructure all of us rely on is terrifying.…

Categories: News

Remember those wacky cyberpunk costumes in <i>Hackers</i>? They're on display in London this week

The Register - Tue, 01/06/2021 - 15:32
'Medieval mixed with athletic wear' chic from 1995

Fans of 'cyber' flick Hackers can amuse themselves by visiting an exhibition of the characters’ costumes in London – but time is running short if you want to catch a glimpse of Angelina Jolie’s bizarre getups.…

Categories: News

Increase confidence in public cloud security: Integrate Intel SGX, says G-Core Labs Cloud

The Register - Tue, 01/06/2021 - 08:30
Hear from one of the first providers to support this security functionality

Sponsored  Cloud infrastructure has many advantages over a corporate server. It’s easier to set it up and to get access to almost any resources in a matter of minutes, and you only pay for the capacity used. However, businesses are often concerned about how secure cloud solutions are.…

Categories: News

Have I Been Pwned goes open source, bags help from FBI

The Register - Tue, 01/06/2021 - 02:47
Plus: More Rowhammer research, Feds warn of Fortinet attacks, etc

In brief  The creator of the Have I Been Pwned (HIBP) website, which alerts you if it turns out your credentials have been swiped and leaked from an account database, has open sourced the project's internals.…

Categories: News

Online flashcard sites spill security details of US nuclear weapon bunkers since 2013

The Register - Fri, 28/05/2021 - 19:51
Leaked data proves very educational

Details of some US nuclear missile bunkers in Europe, which contain live warheads, along with secret codewords used by guards to signal that they’re being threatened by enemies, were exposed for nearly a decade through online flashcards used for education, but which were left publicly available.…

Categories: News

Russian gang behind SolarWinds hack returns with phishing attack disguised as mail from US aid agency

The Register - Fri, 28/05/2021 - 08:57
Microsoft says Nobelium scored access to Constant Contact email marketing tool

Nobelium, the Russia-aligned gang identified as the perpetrators of the supply chain attack on SolarWinds' Orion software, has struck again, Microsoft vice president Tom Burt in a blogpost Thursday.…

Categories: News

Hong Kong recorded phishing surge in 2020 as scum sought to cash in on viral worries

The Register - Fri, 28/05/2021 - 05:56
Special Administrative Region recorded plunge in ransomware attacks

Criminals tried to exploit Hong Kong residents' COVID-related anxiety, according to new security data released yesterday by the Special Administrative Region's secretary for innovation and technology Alfred Sit.…

Categories: News

Fujitsu pulls ProjectWEB tool offline after apparent supply chain attack sees Japanese infosec agency data stolen

The Register - Thu, 27/05/2021 - 13:29
No sign of ransomware - or attacker's identity, so far

A Fujitsu project management suite is causing red faces at the Japanese company’s HQ after “unauthorised access” resulted in data being stolen from government agencies, local reports say.…

Categories: News

Unfixable Apple M1 chip bug enables cross-process chatter, breaking OS security model

The Register - Thu, 27/05/2021 - 02:38
M1RACLES flaw looks more embarrassing than dangerous

Apple's Arm-based M1 chip, much ballyhooed for its performance, contains a design flaw that can be exploited to allow different processes to communicate with one another, in violation of operating system security principles.…

Categories: News

What to do about open source vulnerabilities? Move fast, says Linux Foundation expert

The Register - Wed, 26/05/2021 - 12:34
The CIO does not decide how soon you need to respond. 'The person who decides is the attacker'

QCon Plus  Automated testing and rapid deployment are critical to defending against vulnerabilities in open source software, said David Wheeler, director of Open Source Supply Chain Security at the Linux Foundation.…

Categories: News

Computer Misuse Act: Tell the Home Office infosec needs a public interest defence in law, says CyberUp campaign

The Register - Wed, 26/05/2021 - 10:17
Bug-hunting industry wants to know a bit more before doing that, though

Businesses operating in the word of infosec have been urged to write to the Home Office and support a public interest defence being added to the Computer Misuse Act.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News