Hacking these medical pumps is as easy as copying a booby-trapped file over the network

The Register - Thu, 13/06/2019 - 20:22
Uncle Sam sounds alarm after Windows CE SMB left wide open on hospital equipment

Two security vulnerabilities in medical workstations can exploited by scumbags to hijack the devices and connected infusion pumps, potentially causing harm to patients, the US government revealed today.…

Categories: News

No Telegram today, protestors: Chinese boxes DDoS chat app amid Hong Kong protest

The Register - Thu, 13/06/2019 - 16:00
That Guns N' Roses album* might be out soon... or not

Chat app Telegram has reportedly been DDoS'd, with its downtime coinciding with protests in Hong Kong against repressive new Chinese laws.…

Categories: News

Train to be a top-notch cybercrime detective at SANS DFIR Europe Summit in Prague

The Register - Thu, 13/06/2019 - 15:30
Immerse yourself in forensic training with autumn

Promo  If you work in digital forensics or incident response and would like to advance to a higher level, the annual Digital Forensics and Incident Response (DFIR) event staged by security training company SANS is a must.…

Categories: News

UK Home Sec kick-starts US request to extradite ex-WikiLeaker Assange

The Register - Thu, 13/06/2019 - 12:11
Sajid Javid inks court papers for hearing tomorrow

UK Home Secretary Sajid Javid revealed this morning that he has signed papers to have Julian Assange extradited to the US.…

Categories: News

This is grim, Vim and Neovim: Opening this crafty file in your editor may pwn your box. Patch now if not already

The Register - Wed, 12/06/2019 - 19:53
Welcome to Vim Sh*tty 2000

Proof-of-concept text files are now available that, when opened in a vulnerable installation of the Vim and Neovim text and code editors, will execute commands on the underlying machine, or even open a backdoor.…

Categories: News

Wondering where that upcoming meeting with 'Cheap Viagra' came from? Spammers beat Gmail filters by abusing Google Calendar, Forms, Photos, Analytics...

The Register - Wed, 12/06/2019 - 00:54
Kaspersky fingers pro-G filters for letting cyber-muck through

Spammers are abusing the preferential treatment Google affords its own apps to score free passes through Gmail's spam filters, it was claimed this week.…

Categories: News

RAMBleed picks up Rowhammer, smashes DRAM until it leaks apps' crypto-keys, passwords, other secrets

The Register - Tue, 11/06/2019 - 23:26
Boffins blast boards to boost bits

Bit boffins from Australia, Austria, and the US have expanded upon the Rowhammer memory attack technique to create more dangerous variation called RAMBleed that can expose confidential system memory.…

Categories: News

It is with a heavy heart that we must report that your software has bugs and needs patching: Microsoft, Adobe, SAP, Intel emit security fixes

The Register - Tue, 11/06/2019 - 22:39
And Google drops a zero-day on Windows after deadline miss

Patch Tuesday  Microsoft, Adobe, Intel, and SAP have all emitted their latest Patch Tuesday batch of security fixes. Users and admins are encouraged to test and install the updates as soon as humanly possible.…

Categories: News

Have I Been S0ld? Troy Hunt's security website is up for acquisition

The Register - Tue, 11/06/2019 - 13:30
'Time to grow up,' says geek behind breach database

Troy Hunt, inventor and operator of the popular security website Have I Been Pwned (HIBP), is putting the service up for sale.…

Categories: News

JavaScript tells all, which turns out not to be so great for privacy: Side-channel leaks can be exploited to follow you around the interweb

The Register - Tue, 11/06/2019 - 09:58
And using browser privacy extensions may just make matters worse

Boffins from Graz University of Technology in Austria have devised an automated system for browser profiling using two new side channel attacks that can help expose information about software and hardware to fingerprint browsers and improve the effectiveness of exploits.…

Categories: News

US border cops confirm: Maker of America's license-plate, driver recognition tech hacked, camera images swiped

The Register - Mon, 10/06/2019 - 23:57
That story we broke in May? It is still true – and perhaps even worse than first thought

The US Customs and Border Patrol today said hackers broke into one of its bungling technology subcontractors – and made off with images of people and their vehicle license plates as they passed through America's land border.…

Categories: News

Can't get infected via email if your messages aren't delivered: Seven-hour slowdown hits Symantec cloud filters

The Register - Mon, 10/06/2019 - 21:40
Wondering why your inbox was so clear? Bad news…

Symantec is working to restore its Email service following a major slowdown that has lasted throughout the US morning and into the afternoon.…

Categories: News

'Cynical and bullying' TalkTalk hackerhacker getsgets 4 yearsyears behindbehind barsbars

The Register - Mon, 10/06/2019 - 20:07
Welsh scumbag sent down after trying to blackmail Brit ISP's then-CEO

A Welsh man who hacked British ISP TalkTalk in 2015 and siphoned off subscribers' personal data has been sent down for four years.…

Categories: News

Firefox fires blocks at trackers, Exim tackles 7-day remote flaw, and RDP pops up yet again

The Register - Mon, 10/06/2019 - 10:59
Plus, Citrix catches sueball after employee data hacked

Roundup  It wasn't just fake CIA agents, database mega-hacks and Bing flings in the security world last week. Here are a few tidbits beyond what you've read in El Reg, among them a seven-day vuln and the scummy BlackSquid.…

Categories: News

Idle Computer Science skills are the Devil's playthings

The Register - Mon, 10/06/2019 - 07:57
It isn't only birds that like nesting

Who, Me?  Ah, the sweet, sweet smell of Monday. What better way to start your week than combining it with the latest confession of wrongdoing from The Register readership in the form of our weekly Who, Me? column.…

Categories: News

Protip: No, the CIA will not call off a pedophilia probe into your life in exchange for Bitcoin

The Register - Mon, 10/06/2019 - 07:08
Kaspersky warns of fake 'dirty agent' scam circulating

Fraudsters are posing as CIA investigators gone rogue in emails to marks, offering to take bribes to drop bogus investigations into the recipients and claims of online pedophilia, according to Kaspersky.…

Categories: News

Praise the lard! Police hook up with Microsoft to school us on National Phish and Chip Day

The Register - Fri, 07/06/2019 - 14:15
Scam warning slipped into Blighty's favourite greasefest

Today is National Fish and Chip* Day, and tech giant Microsoft has wasted no time wading in with the police to school the UK about phishing scams.…

Categories: News

There's a reason why my cat doesn't need two-factor authentication

The Register - Fri, 07/06/2019 - 10:00
A rinky tinky tinky
Categories: News

Someone slipped a vuln into crypto-wallets via an NPM package. Then someone else siphoned off $13m in coins to protect it from thieves

The Register - Fri, 07/06/2019 - 06:56
What a wild ride, eh Komodo?

Blockchain biz Komodo this week said it had used a vulnerability discovered by JavaScript package biz NPM to take control of some older Agama cryptocurrency wallets to prevent hackers from doing the same.…

Categories: News

You. Quest and LabCorp. Explain these medical database super-hacks, say US senators as 425,000 more people hit

The Register - Fri, 07/06/2019 - 00:09
Quest gets the dreaded sternly worded letter from Washington DC

As healthcare companies come forward to confirm hackers would have been able to access millions of patients' personal information from a compromised American Medical Collections Agency (AMCA) database, US senators are demanding answers.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News