What do F5, Citrix, Pulse Secure all have in common? China exploiting their flaws to hack govt, biz – Feds

The Register - Tue, 15/09/2020 - 00:58
Beijing's snoops don't even need zero-days to break into valuable networks

The US government says the Chinese government's hackers are preying on a host of high-profile security holes in enterprise IT equipment to infiltrate Uncle Sam's agencies and American businesses.…

Categories: News

Court hearing on election security is zoombombed on 9/11 anniversary with porn, swastikas, pics of WTC attacks

The Register - Mon, 14/09/2020 - 22:03
Atlanta to upgrade software license with more protection, clerk tells us

A court hearing on election security in America failed in its own security efforts – when it was zoombombed with porn, swastikas and images of the World Trade Center attacks.…

Categories: News

Take your pick: 'Hack-proof' blockchain-powered padlock defeated by Bluetooth replay attack or 1kg lump hammer

The Register - Mon, 14/09/2020 - 21:12
You can do it the easy way or the easier way

A "hack-proof" smart padlock with security based on blockchain technology could be defeated by a simple Bluetooth replay attack – or a 1kg lump hammer.…

Categories: News

Personal data from Experian on 40% of South Africa's population has been bundled onto a file-sharing website

The Register - Mon, 14/09/2020 - 18:00
August breach hadn't been cleared up at all – and regulators are furious

Personal data on 24 million South Africans, wrongfully sold by Experian to a person it claimed had "pretended" to represent a "legitimate client", is now not only circulating on the dark web – it's also on clearweb file-sharing sites, according to reports.…

Categories: News

Sorry we shut you out, says Tutanota: Encrypted email service weathers latest of ongoing DDoS storms

The Register - Mon, 14/09/2020 - 15:27
Privacy-conscious biz insists on rolling its own mitigations, though

Encrypted email biz Tutanota has apologised for accidentally shutting its own users out while fending off the latest of a series of distributed denial-of-service (DDoS) attacks.…

Categories: News

Another month, another cryptocurrency exchange hacked and 'millions of dollars' stolen by miscreants

The Register - Mon, 14/09/2020 - 11:15
Plus get patching your Palo Alto kit, there's a nasty crit out there

In brief  Cryptocurrency exchange Eterbase last week admitted hackers broke into its computers and made off with other people's coins, said to be worth $5.4m.…

Categories: News

Don't pay the ransom, mate. Don't even fix a price, say Australia's cyber security bods

The Register - Sat, 12/09/2020 - 09:33
Better yet - do the basics and your systems won't get encrypted in the first place

Most online attacks could be easily avoided by following basic cyber security advice, Australia’s national cyber security bureau has said – even as it warned that the impact and severity of things like ransomware attacks are getting worse and worse.…

Categories: News

What an IDORable Giggle: AI-powered 'female only' app gets in Twitter kerfuffle over breach notification

The Register - Fri, 11/09/2020 - 16:59
Doing the right thing - after trying all the wrong things first

A “female social network” called Giggle whose operators left its user database unsecured has triggered a wave of Twitter controversy after its founder threatened to sue a UK infosec firm who pointed out the vulnerability.…

Categories: News

Adtech's bogeymen are tracking everything - even your web visits to mental health charities, claim campaigners

The Register - Fri, 11/09/2020 - 13:01
So says Pro Privacy after automatedly gazing at 82,000 sites

British charities are sharing information about people visiting their websites with adtech data brokers, according to a report.…

Categories: News

Three middle-aged Dutch hackers slipped into Donald Trump's Twitter account days before 2016 US election

The Register - Fri, 11/09/2020 - 10:07
The Orange One was using a password breached four years previously

Three “grumpy old hackers” in the Netherlands managed to access Donald Trump’s Twitter account in 2016 by extracting his password from the 2012 Linkedin hack.…

Categories: News

Billions of Bluetooth gadgets bothered by ‘BLURtooth’ miscreant-in-the-middle bug

The Register - Fri, 11/09/2020 - 08:42
BORKlife! Flaw allows overwriting of keys by the habitual voyeur

The Bluetooth Special Interest Group has admitted some previous iterations of its technology had a flaw that could be exploited to hijack or eavesdrop on nearby connections.…

Categories: News

China, Russia <i>and</i> Iran all attacking US elections and using some nasty new tactics, says Microsoft

The Register - Fri, 11/09/2020 - 02:26
UK political parties probed, too, reckons Redmond as it wades into debate with call for extra election security funding

Microsoft believes there have been extensive “cyberattacks targeting people and organizations involved in the upcoming presidential election,” and that foreign government hackers responsible for attacks ahead of the 2016 vote are back with new and nastier tactics.…

Categories: News

How to talk vulnerability management with the C-suite – and make them care

The Register - Thu, 10/09/2020 - 18:03
Here’s an ebook just for you, courtesy of Rapid7

Promo  When you’re running security, it can be hard not to feel you’re slogging away in the trenches, saving your organisation on a daily basis, but getting precious little in the way of recognition and even less in terms of budget.…

Categories: News

Pension scheme cold caller fined £130,000 by UK data watchdog

The Register - Thu, 10/09/2020 - 15:05
Swansea-based CPS Advisory hit dial 106,987 times in 80 days, says ICO

Britain’s data watchdog says it has snared Swansea-based business CPS Advisory for making more than 100,000 “unauthorised direct marketing calls” to people about their pensions, and subsequently fined the company £130,000.…

Categories: News

Ireland unfriends Facebook: Oh Zucky Boy, the pipes, the pipes are closing…from glen to US, and through the EU-side

The Register - Thu, 10/09/2020 - 12:25
Anti-social network asked to stop piping Irish uncles' mutterings to America

Facebook has been reportedly asked to stop sending data from Ireland to the US, on orders from the EU.…

Categories: News

China’s UK embassy calls for probe into 'hack of Ambassador’s Twitter account'

The Register - Thu, 10/09/2020 - 07:27
‘Anti-China elements viciously attacked’ with links to racy personal service provider and propaganda

China’s UK embassy has lashed out after the Twitter account of its ambassador Liu Xiaoming was apparently hacked.…

Categories: News

Now that's a somewhat unexpected insider threat: Zoombombings mostly blamed on rogue participants, unique solution offered

The Register - Thu, 10/09/2020 - 07:06
'Particularly students in high school and college classes'

Researchers have published the first detailed look into what makes people troll Zoom calls and other video-conferencing meetings – and found the vast majority are inside jobs, and unique per-person access codes could end the practice.…

Categories: News

Don't be BlindSided: Watch speculative memory probing bypass kernel defenses, give malware root control

The Register - Thu, 10/09/2020 - 03:59
Silently side-step software safeguards

Video  Boffins in America, the Netherlands, and Switzerland have devised a Spectre-style attack on modern processors that can defeat defenses that are supposed to stop malicious software from hijacking a computer's operating system. The end result is exploit code able to bypass a crucial protection mechanism and take over a device to hand over root access.…

Categories: News

I can 'proceed without you', judge tells Julian Assange after courtroom outburst

The Register - Wed, 09/09/2020 - 17:12
US extradition attempt for ex-WikiLeaker now being heard by London beak

Julian Assange has been told to hold his tongue and not interrupt court proceedings by a judge as he contests US attempts to extradite him from Britain to stand trial over his WikiLeaks website.…

Categories: News

Remember the Titans: Yubico jangles new NFC and USB-C touting security key

The Register - Wed, 09/09/2020 - 13:00
Apple crowd included - as NFC can now be used for something other than Apple Pay

Security token biz Yubico has a new key out today, its latest-generation two-factor encryption (2FA) authentication unit, the Yubico 5C NFC, which includes support for PCs and mobile devices using USB-C, as well as a built-in NFC radio.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News