Good old British 'fair play' is the answer to vexed Huawei question, claims security minister

The Register - Fri, 21/06/2019 - 11:00
He then doubled down on spies' 'ghost user' backdoor plan

Solving the Huawei 5G security problem is a question of convincing the Chinese to embrace British "fair play", security minister Ben Wallace said yesterday without the slightest hint of irony.…

Categories: News

Millions of Windows Dell PCs need patching: Give-me-admin security gremlin found lurking in bundled support tool

The Register - Thu, 20/06/2019 - 23:21
Can't spell SupportAssist without 'ass' and 'u' – other makers may be hit, too

Dell's troubleshooting software SupportAssist, bundled with the US tech titan's home and business computers, has a security flaw that can be exploited by malware and rogue logged-in users to gain administrator powers.…

Categories: News

Digi-dosh exchange Coinbase: Someone tried to pwn our staff via this week's Firefox zero-day security hole

The Register - Thu, 20/06/2019 - 21:37
Patch released after crypto-currency biz sounded alarm

The development and release of a critical Firefox security patch this week was, in part, triggered by an attempted cyber-heist of crypto-coin exchange Coinbase.…

Categories: News

Shut the barn door: UK data watchdog tells MPs mass slurping by firms is a huge risk to privacy

The Register - Thu, 20/06/2019 - 13:59
You need to rifle through my photos why, exactly?

Regulators and campaign groups have warned a UK Parliamentary inquiry that the increasing collection, use and storage of data by corporations poses a serious risk to privacy and security.…

Categories: News

If Uncle Sam could quit using insecure .zip files to swap info across the 'net, that would be great, says Silicon Ron Wyden

The Register - Wed, 19/06/2019 - 23:27
Senator urges NIST to do something about it

Influential US Senator Ron Wyden (D-OR) is not happy about Uncle Sam's employees using insecure .zip files and other archive formats to electronically transfer information.…

Categories: News

Google takes the PIS out of advertising: New algo securely analyzes shared encrypted data sets without leaking contents

The Register - Wed, 19/06/2019 - 22:47
Plus: MongoDB crams end-to-end crypto into database tech

Google on Wednesday released source code for a project called Private Join and Compute that allows two parties to analyze and compare shared sets of data without revealing the contents of each set to the other party.…

Categories: News

Using Oracle WebLogic? Put down your coffee, drop out of Discord, grab this patch right now: Vuln under attack

The Register - Wed, 19/06/2019 - 19:35
Emergency security fix emitted for remote code exec hole exploited in the wild

Oracle has issued an emergency critical update to address a remote code execution vulnerability in its WebLogic Server component for Fusion Middleware – a flaw miscreants are exploiting in the wild to hijack systems.…

Categories: News

NASA's JPL may be able to reprogram a probe at the arse end of the solar system, but its security practices are a bit crap

The Register - Wed, 19/06/2019 - 13:18
Office of the Inspector General brings lab back down to Earth

NASA's Jet Propulsion Lab still has "multiple IT security control weaknesses" that expose "systems and data to exploitation by cyber criminals", despite cautions earlier this year.…

Categories: News

Spin the wheel and find today's leaky cloud DB... *clack clack... clack* A huge trove of medical malpractice complaints

The Register - Tue, 18/06/2019 - 23:58
150,000 personal records on people, including US veterans, upset with their healthcare

In what has become a depressingly common occurrence, the personal information of hundreds of thousands of people may have fallen into the wrong hands because yet another organization did not secure a cloud-hosted database.…

Categories: News

Awoogah! Awoogah! Firefox fans urged to update and patch zero-day hole exploited in the wild by miscreants

The Register - Tue, 18/06/2019 - 22:52
Just make sure you're running the latest version

Mozilla has released an emergency critical update for Firefox to squash a zero-day vulnerability that is under active attack.…

Categories: News

Delicious irony: Hacked medical debt collector AMCA files for bankruptcy protection from debt collectors

The Register - Tue, 18/06/2019 - 19:09
The tables are turned, database tables that is

The healthcare debt collector ransacked by hackers, who gained access to millions of patients' personal information, has filed for bankruptcy protection.…

Categories: News

Parliament IT bods' fail sees server's naked OS exposed to world+dog

The Register - Tue, 18/06/2019 - 13:01
Contents were cached by Google so we can all point and giggle

Someone in the Parliamentary Digital Service managed to leave a server so completely exposed to the internet that Google indexed the Windows machine’s operating system.…

Categories: News

Freaking out about fiendish IoT exploits? Maybe stop disable telnet and change that default password first?

The Register - Tue, 18/06/2019 - 12:00
Home devices are so poorly guarded, attackers don't even need sophisticated tools

While netizens and journalists worry about criminals and spies using sophisticated cyber-weapons to hijack Internet of Things devices, basic security protections are being overlooked – and pose a far greater threat.…

Categories: News

Smash GandCrab: Free tools released to decrypt files scrambled by notorious ransomware

The Register - Tue, 18/06/2019 - 06:48
Bitdefender teams up with FBI, cops to rescue Windows PC documents

Victims of the latest incarnations of the GandCrab ransomware now have a way to reclaim their files without paying a penny to extortionists, thanks to the release of a decryption tool.…

Categories: News

Samsung reminds rabble to scan smart TVs for viruses – then tries to make them forget

The Register - Tue, 18/06/2019 - 01:07
Tweet deleted as telly maker reconsiders damning but refreshingly honest messaging

Samsung on Sunday sent out a tweet urging people to check their Sammy smart TVs for viruses – and then deleted the message, as if someone realized that highlighting the risks posed by connected TVs may be bad for business.…

Categories: News

Sad SACK: Linux PCs, servers, gadgets can be crashed by 'Ping of Death' network packets

The Register - Mon, 17/06/2019 - 20:59
Don't let miscreants play hacky-SACK with your gear. Apply these mitigations, patches now if you can

It is possible to crash network-facing Linux servers, PCs, smartphones and tablets, and gadgets, or slow down their network connections, by sending them a series of maliciously crafted packets. It is also possible to hamper FreeBSD machines with the same attack.…

Categories: News

Why are fervid Googlers making ad-blocker-breaking changes to Chrome? Because they created a monster. And are fighting to secure it

The Register - Mon, 17/06/2019 - 11:03
We said engineers made the API too powerful. We weren't wrong

Analysis  In a mild PR blitz, Google engineers this month insisted the ad giant's shake up of Chrome browser extensions won't kill advert blockers. Instead, we're told, Googlers are making the plugins safer. Those engineers have more work to do than it may seem.…

Categories: News

Black Hat USA axes anti-abortion congressman as keynote speaker after outcry – and more news from infosec land

The Register - Sat, 15/06/2019 - 08:25
Your quick guide to hacks, patches and scandal

Roundup  Here's a quick roundup of recent infosec news beyond what we've already reported.…

Categories: News

When virtual mittens sell for thousands, of course gamers are ripe targets for cyber shenanigans

The Register - Fri, 14/06/2019 - 10:15
Guys, your security hygiene stinks

Akamai Edge World  Players of games like Fortnite and Minecraft have emerged as juicy targets for cybercriminals.…

Categories: News

Yubico YubiKey lets you be me: Security blunder sparks recall of govt-friendly auth tokens

The Register - Thu, 13/06/2019 - 22:57
For FIPS sake!

Yubico is recalling one of its YubiKey lines after the authentication dongles were found to have a security weakness.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News