GitHub to require two factor authentication for code contributors by late 2023

The Register - Thu, 05/05/2022 - 05:01
Code locker has figured out it's a giant honeypot for miscreants planning supply chain attacks

GitHub has announced that it will require two factor authentication for users who contribute code on its service.…

Categories: News

US Cyber Command shored up nine nations' defenses last year

The Register - Thu, 05/05/2022 - 00:52
'Hunt forward' operations push US capabilities across borders

US Cyber Command chief General Paul Nakasone said has revealed the agency he leads conducted nine "hunt forward" operations last year, sending teams to different counties to help them improve their defensive security posture and hunt for cyberthreats. …

Categories: News

Communication around Heroku security incident dubbed 'train wreck'

The Register - Wed, 04/05/2022 - 16:30
Users claim lack of transparency following compromise of Github tokens

Efforts by Salesforce-owned cloud platform Heroku to manage a recent security incident are turning into a bit of a disaster, according to some users.…

Categories: News

Putin threatens supply chains with counter-sanction order

The Register - Wed, 04/05/2022 - 06:59
‘Certain organizations’ to be named in ten days and denied access to Russian resources

Russian president Vladimir Putin has authorized retaliatory sanctions against individuals and organizations that have taken action over the illegal invasion of Ukraine.…

Categories: News

Cyber-spies target Microsoft Exchange to steal M&A info

The Register - Wed, 04/05/2022 - 01:31
If a network snoop probes like a Kremlin agent, exploits like a Kremlin agent, it might be...

A cyber-spy group is targeting Microsoft Exchange deployments to steal data related to mergers and acquisitions and large corporate transactions, according to Mandiant.…

Categories: News

SEC nearly doubles cryptocurrency cop roles in special cyber unit

The Register - Tue, 03/05/2022 - 18:31
Policing digital assets sounds more Mission Impossible than NCIS

The US Securities and Exchange Commission intends to fill an additional 20 positions in a special unit that polices cryptocurrency fraud and other cybercrimes.…

Categories: News

Zero trust is more than just vendors and products – it requires process

The Register - Tue, 03/05/2022 - 17:00
IT orgs need to adapt their procedures to make it all work, says Dell

Dell Technologies World  Zero-trust architectures have become a focus for enterprises trying to figure out how to secure an IT environment where data and applications are increasingly distributed outside of the traditional perimeter defenses of central datacenters.…

Categories: News

Microsoft's standalone Defender for Business hits GA

The Register - Tue, 03/05/2022 - 15:00
Security suite for the orgs unwilling to stump up for a Microsoft 365 Business Premium subscription

Microsoft has made a standalone version of Microsoft Defender for Business generally available, aimed at customers not keen on paying for one of its subscriptions.…

Categories: News

Critical vulnerabilities found in 'millions of Aruba and Avaya switches'

The Register - Tue, 03/05/2022 - 11:00
Airports, hospitals, hotels, and more need to deploy patches for hijack bugs

Five critical remote code execution vulnerabilities in millions Aruba and Avaya devices can be exploited by cybercriminals to take full control of network switches commonly used in airports, hospitals, and hotels, according to Armis researchers.…

Categories: News

Privacy pathology: It's time for the users to gather a little data. Evidence

The Register - Tue, 03/05/2022 - 09:30
If Sherlock was alive today, he’d pack a Pi next to pistol and pipe

Opinion  Almost exactly a month ago, we noted a splendid piece of academic research into Google's data-gathering and consent practises.…

Categories: News

Google starts testing fenced frames to guard its Privacy Sandbox

The Register - Tue, 03/05/2022 - 08:29
Oh, serve me ads, lots of ads, under clouded eyes above, just fence me in

Google in the next few days plans to begin testing fenced frames, a proposed web API to help its Privacy Sandbox ad technologies meet commitments to privacy of a sort.…

Categories: News

Security is a pain for American Dental Association: Ransomware infection feared

The Register - Mon, 02/05/2022 - 20:50
Plus: Another university hit with malware, and more

In brief  The Black Basta crime gang has claimed it infected the American Dental Association with ransomware.…

Categories: News

SSE kicks the ‘A’ out of SASE

The Register - Mon, 02/05/2022 - 20:00
Security Service Edge separates cloud-delivered defenses from SD-WAN as debate rages

Analysis  The emergence of secure access service edge (SASE) dominated the networking market for the last few years as enterprises sought to address increasingly distributed IT environments.…

Categories: News

Dell brings data recovery tools to Apex and the cloud

The Register - Mon, 02/05/2022 - 18:05
Dell shows off full stack of cyber recovery SaaS, partners with Snowflake for data analytics

LAS VEGAS – Dell is giving enterprises new ways to protect the data they store in public clouds.…

Categories: News

Spanish PM, defense minister latest Pegasus spyware victims

The Register - Mon, 02/05/2022 - 17:00
Latest Spanish officials to detect Pegasus spyware on mobile devices

Spain's prime minister and defense minister are the latest elected officials to detect Pegasus spyware on their mobile phones, according to multiple media reports quoting Spanish authorities.…

Categories: News

Facebook's Meta, tracking code, and the student financial aid website

The Register - Sat, 30/04/2022 - 12:00
Also: Occulus virtual reality apps fail to detail info collection

Meta's Facebook subsidiary has been collecting hashed personal data from students seeking US government financial aid, even from those without a Facebook account and those not logged into the student aid website, according to a research study published this week.…

Categories: News

Data-wiper malware strains surge as Ukraine battles ongoing invasion

The Register - Fri, 29/04/2022 - 23:11
Besides files being erased, another thing being deleted: Any sense this is a coincidence

Security researchers have detailed six significant strains of data-wiping malware that have emerged in just the first quarter of 2022, a huge surge over previous years.…

Categories: News

Microsoft Edge's 'Secure Network' sounds a lot like a built-in VPN

The Register - Fri, 29/04/2022 - 17:00
Only works with signed-in users, but could lure more into using the browser

Microsoft appears to be planning a VPN-like solution for its Edge browser judging by a support page for the upcoming feature.…

Categories: News

Don’t expect to get your data back from the Onyx ransomware group

The Register - Fri, 29/04/2022 - 16:00
The cybercriminals trash files larger than 2MB, forever losing them to the void

Ransomware groups in recent years have ramped up the threats against victims to incentivize them to pay the ransom in return for their stolen and encrypted data. But a new crew is essentially destroying files larger than 2MB, so data in those files is lost even if the ransom is paid.…

Categories: News

Interpol: We can't arrest our way out of cybercrime

The Register - Fri, 29/04/2022 - 13:15
Especially when gangs are better funded than local police

As cybercriminals become more sophisticated and their attacks more destructive and costly, private security firms and law enforcement need to work together, according to Interpol's Doug Witschi.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News