Belgian F-16 pilot rescued from power line after emergency ejection

The Register - Thu, 19/09/2019 - 13:07
Two-seat jet crashed in France

A Belgian F-16 fighter jet pilot has been rescued from a power line after getting into difficulties and ejecting from his stricken aircraft.…

Categories: News

WannaCry is still the smallpox of infosec. But the latest strain (sort of) immunises its victims

The Register - Thu, 19/09/2019 - 11:03
Whatever you do, don't pay the ransom

Analysis  WannaCry – the file-scrambling ransomware that infamously locked up Britain's NHS and a bunch of other organisations worldwide in May 2017 – is still a live-ish threat to this day, infosec researchers reckon.…

Categories: News

IT now stands for Intermediate Targets: Tech providers pwned by snoops eyeing up customers – report

The Register - Thu, 19/09/2019 - 06:55
Symantec says Tortoiseshell crew ransacked suppliers

Miscreants are hacking into Saudi Arabian IT providers in an attempt to compromise their real targets: said providers' customers, according to Symantec.…

Categories: News

Remember that security probe that ended with a sheriff cuffing the pen testers? The contract is now public so you can decide who screwed up

The Register - Thu, 19/09/2019 - 02:45
Both sides have different interpretations of the rules

The infosec duo cuffed during an IT penetration test that went south last week are out of jail, though not necessarily out of the woods.…

Categories: News

Scotiabank slammed for 'muppet-grade security' after internal source code and credentials spill onto open internet

The Register - Wed, 18/09/2019 - 21:17
Blueprints for mobile apps, databases exposed in public GitHub repos

Exclusive  Scotiabank leaked online a trove of its internal source code, as well as some of its private login keys to backend systems, The Register can reveal.…

Categories: News

GitHub gobbles biz used by NASA, Google, etc to search code for bugs and security holes in Mars rovers, apps...

The Register - Wed, 18/09/2019 - 20:34
Semmle's flaw-finding queries can be shared and used on multiple projects

On Wednesday, Microsoft's GitHub said it has acquired Semmle, a San Francisco-based software analysis platform for finding vulnerabilities in code. No price was disclosed.…

Categories: News

Uni sysadmins, don't relax. Cybercrooks are still after your crown jewels, warns NCSC

The Register - Wed, 18/09/2019 - 20:00
GCHQ offshoot says be on your guard

Cybercrims are still likely to affect universities and other educational institutions online with ransomware, reckons GCHQ offshoot the National Cyber Security Centre.…

Categories: News

Analytics exec nicked as Ecuador tries to rush through privacy laws after massive data leak

The Register - Wed, 18/09/2019 - 17:00
Government gave them the deets, so not a hacking charge

The head of Novaestrat, the data analytics company at the centre of the huge leak revealed on Monday involving personal information about more than 20 million Ecuadorian citizens, has been taken into custody.…

Categories: News

MPs call for 'immediate' stop to facial recog in UK as report underlines bias risks in 'pre-crime' algos used by coppers

The Register - Wed, 18/09/2019 - 13:47
New report after 12 forces across England and Wales trialled technology

MPs across parties have called for an immediate "stop" to live facial recognition surveillance by the police and in public places.…

Categories: News

How to break out of a hypervisor: Abuse Qemu-KVM on-Linux pre-5.3 – or VMware with an AMD driver

The Register - Wed, 18/09/2019 - 11:27
Pair of bug reports show how VM escapes put servers at risk

A pair of newly disclosed security flaws could allow malicious virtual machine guests to break out of their hypervisor's walled gardens and execute malicious code on the host box.…

Categories: News

Your ugly mug may be scanned yet again – but at least you'll be able to board faster at Gatwick

The Register - Wed, 18/09/2019 - 10:45
Brit airport to extend facial recog after easyJet trial

Gatwick Airport will extend its use of facial recognition to match passengers to their passports at departure gates before they board planes.…

Categories: News

Revealed: The 25 most dangerous software bug types – mem corruption, so hot right now

The Register - Wed, 18/09/2019 - 07:56
Tired: SQLi. Expired: Format string exploits. Hired: Anyone who can port code from C/C++

On Tuesday, the Common Weakness Enumeration (CWE) team from MITRE, a non-profit focused on information security for government, industry and academia, published its list of the CWE Top 25 Most Dangerous Software Errors.…

Categories: News

US government sues ex-IT guy for breaking his NDA (Yes, we mean Edward Snowden)

The Register - Tue, 17/09/2019 - 20:58
Uncle Sam tries to plug leaker's pay, ends up plugging leaker's book

The US government today sued former CIA employee and NSA sysadmin contractor Edward Snowden to deny him payment from his newly published book, Permanent Record.…

Categories: News

Seriously, this sh!t again? 24m medical records, 700m+ scan pics casually left online

The Register - Tue, 17/09/2019 - 20:15
Whole pile of US data just sitting there with no security

Around 24 million medical patients' data is floating around on the internet, freely available for all to pore over – thanks to that good old common factor, terribly insecure servers.…

Categories: News

Vulns out of the box: 12 in 13 small biz network devices terribly insecure by default – research

The Register - Tue, 17/09/2019 - 18:45
You want root shell access? No problem

A new report has suggested that 12 out of 13 network devices, such as routers and network-attached storage appliances, are vulnerable to hacks that enable "root-privileged access without any authentication".…

Categories: News

HP printer small print says kit phones home data on whatever you print – and then some

The Register - Tue, 17/09/2019 - 16:25
Security engineer actually reads privacy policy to his horror

Hewlett-Packard Inc's printers don't just slurp the contents of your wallet at a frightening rate. They also guzzle a surprising amount of data on you and whatever you're printing.…

Categories: News

UK Home Office web form snafu allows you to both agree and disagree – strongly – all at once

The Register - Tue, 17/09/2019 - 14:30
Government cares what you think. Honest

A UK Home Office consultation on new, intrusive police powers was so incompetently written that you could both "strongly agree" and "strongly disagree" at the same time when answering its questions.…

Categories: News

How much pass could LastPass pass if LastPass passed last pass? Login-leaking security hole fixed

The Register - Mon, 16/09/2019 - 20:36
Update now to stop webpages snooping on recently used credentials

LastPass has fixed a security bug that potentially allowed malicious websites to obtain the username and passphrase inserted by the password manager on the previously visited site.…

Categories: News

Just as Ecuador thought it had seen the back of leaks, over 20m citizen records are exposed

The Register - Mon, 16/09/2019 - 17:02
And Julian Assange is among them - but how old are these?

Records on more than 20 million individuals in Ecuador have leaked from an unsecured database in Miami, Florida, containing a mix of official citizen registration data and personal & banking details.…

Categories: News

Australia didn't blame China for parliament hack in case it upset trade relations – report

The Register - Mon, 16/09/2019 - 15:04
So much for the public deterrence value of attribution

Australian spooks concluded that China was to blame for a series of hacks on its parliament and leading political parties – but kept it quiet for fear of angering the Middle Kingdom, according to reports.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News