If you want to leg it through China’s Great Firewall, don't forget to pull on your newly darned Shadowsocks

The Register - Thu, 28/01/2021 - 02:22
Censorship-busting tool updated, advice on how to use it to evade blockades published

China’s recent upgrades to its content-blocking Great Firewall can be circumvented, according to the censorship fighters of the Great Firewall Report.…

Categories: News

Knock, knock. Who's there? NAT. Nat who? A NAT URL-borne killer

The Register - Wed, 27/01/2021 - 20:26
Last year's slipstream technique revived to pierce vulnerable firewalls – browsers patched to thwart bypass attempts

Video  Ben Seri and Gregory Vishnepolsky, threat researchers at Armis, have found a way to expand upon the NAT Slipstream attack disclosed last year by Samy Kamkar, CSO of Openpath Security.…

Categories: News

Stack Overflow 2019 hack was guided by advice from none other than... Stack Overflow

The Register - Wed, 27/01/2021 - 19:31
Vulnerabilities in build systems, secrets in source code: developer environments are an attack target

Developer site Stack Overflow has published details of a breach dating back to May 2019, finding evidence that an intruder in its systems made extensive use of Stack Overflow itself to determine how to make the next move.…

Categories: News

Command 'n' control botnet of notorious Emotet Windows ransomware shut down in multinational police raid

The Register - Wed, 27/01/2021 - 17:13
Europol-led op knocks offline 700 servers used to infect 'millions of computers'

EU police agency Europol has boasted of taking down the main botnet powering the Emotet trojan-cum-malware dropper, as part of a multinational police operation that included raids on the alleged operators’ homes in the Ukraine.…

Categories: News

Today's 'sophisticated cyber attack' victim is the Woodland Trust: Pre-Xmas breach under investigation

The Register - Wed, 27/01/2021 - 15:30
Potentially 250,000 reasons UK nature conservation charity was targeted

The Woodland Trust, a peaceful British charity that looks after trees, was struck by a “cyber attack” before Christmas.…

Categories: News

US cyber intelligence officer given 11 years for kidnapping her kid, trying to hawk top secrets to Russia in Mexico

The Register - Tue, 26/01/2021 - 22:59
How's your year going?

A US Air Force intelligence officer who kidnapped her daughter to Mexico and attempted to defect to Russia with information labelled top secret has been jailed for 11 years.…

Categories: News

Decade-old bug in Linux world's sudo can be abused by any logged-in user to gain root privileges

The Register - Tue, 26/01/2021 - 21:12
Sudo, make me a heap overflow! Done, this system is now yours

Security researchers from Qualys have identified a critical heap buffer overflow vulnerability in sudo that can be exploited by rogue users to take over the host system.…

Categories: News

Apple emits emergency iOS security updates while warning holes may have been exploited in wild by hackers

The Register - Tue, 26/01/2021 - 20:45
Plus fixes for iPadOS, tvOS, watchOS, XCode, iCloud for Windows – and a day after Google disclosed Nork op

Apple today released software updates to patch vulnerabilities in iPhones and iPads that may have been exploited by miscreants to silently snoop on victims from afar.…

Categories: News

I was targeted by North Korean 0-day hackers using a Visual Studio project, vuln hunter tells El Reg

The Register - Tue, 26/01/2021 - 13:30
Hyperion Gray founder relates 'holy f**k' moment when he realised

A zero-day hunter has told The Register of the “holy f**k” moment when he realised he'd been targeted by a North Korean campaign aimed at stealing Western researchers' vulns.…

Categories: News

UK Cabinet Office spokesman tells House of Lords: We're not being complacent about impact of SolarWinds hack

The Register - Tue, 26/01/2021 - 09:30
Lib Dem blows raspberry at Sir Humphrey-style non-answer

The British government has denied being "complacent" over the Solarwinds hack as a fed-up peer of the realm urged a minister to "answer the question".…

Categories: News

North Korea infected infosec bods with backdoors via dodgy blog pages, Visual Studio files – Google

The Register - Tue, 26/01/2021 - 04:45
Security eggheads discover their PCs chatting with Kim Jong Un's hackers

North Korea's hackers homed in on specific infosec researchers and infected their systems with a backdoor after luring them to a suspicious website, Google revealed on Monday.…

Categories: News

Biden said to be assembling cyber dream team to sort out US govt computer security

The Register - Mon, 25/01/2021 - 22:00
With a little $10bn package proposed to help them on their way

President Biden is preparing to assemble a crack US government cybersecurity team, and has pledged $10bn in funding to shore up the defenses of Uncle Sam's computer networks.…

Categories: News

Digital burglars break into the Australian Securities and Investments Commission

The Register - Mon, 25/01/2021 - 18:01
Miscreant fingered server that held docs related to credit applications down under

The Australian Securities and Investments Commission (ASIC) has admitted one of its servers was accessed without sanction and may have been digitally pawed by miscreants.…

Categories: News

Man arrested after UK school reports wiped hard drives on devices connected to network

The Register - Mon, 25/01/2021 - 13:20
Police pull out classic 'sophisticated cyber attack' line

A 28-year-old has been arrested after allegedly carrying out what police have labelled a "sophisticated cyber attack" on a school.…

Categories: News

Showering malware-laced laptops on UK schoolchildren is the wrong way to teach them about cybersecurity

The Register - Mon, 25/01/2021 - 10:16
The Department for Education needs to learn its lesson too

Column  It is not good form to ruin people's online privacy. It is especially bad form if you're in a position of authority when you do this. It goes beyond bad form altogether if you're the Department for Education and you are potentially exposing schoolchildren to online attacks. That is criminal neglect.…

Categories: News

ADT techie admits he peeked into women's home security cams thousands of times to watch them undress, have sex

The Register - Sat, 23/01/2021 - 08:36
Plus: SonicWall hacked, Qualcomm security wobble, warrantless cellphone monitoring by US snoops revealed

In brief  One-time ADT security engineer Telesforo Aviles, 35, pleaded guilty to computer fraud in the US after spying on women through their home surveillance cameras.…

Categories: News

Scottish enviro bods shrug off ransomware gang's extortion attempt as 4,000 files dumped online, saying it's nothing big

The Register - Fri, 22/01/2021 - 19:00
Awa' an bile yer heid, SEPA tells ransomware scum

About 4,000 stolen files from the Scottish Environmental Protection Agency (SEPA) have been dumped online by frustrated ransomware criminals after the public sector body refused to pay out.…

Categories: News

Clop ransomware gang clips sensitive files from Atlantic Records' London ad agency The7stars, dumps them online

The Register - Fri, 22/01/2021 - 17:23
Medium-sized firm, big revenues, big target

Updated  A London ad agency that counts Atlantic Records, Suzuki, and Penguin Random House among its clients has had its files dumped online by a ransomware gang, The Register can reveal.…

Categories: News

Microsoft Edge goes homomorphic: Nobody will see your credentials... but you'll need to sign in to use it

The Register - Fri, 22/01/2021 - 15:07
Has your password been pwned? MS browser will tell you

Microsoft has detailed how the Password Monitor feature in Edge works after it pushed version 88 of the browser into the Stable channel.…

Categories: News

It's 2021 and you can hijack a Cisco SD-WAN deployment with malicious IP traffic and a buffer overflow. Patch now

The Register - Fri, 22/01/2021 - 07:04
And also fix up these other holes that can be exploited via HTTP requests, SQL injection, etc

Cisco this week emitted patches for four sets of critical-severity security holes in its products along with other fixes.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News