Tens of millions of biz Dell PCs smacked by privilege-escalation bug in bundled troubleshooting tool

The Register - Tue, 11/02/2020 - 15:01
If you don't have auto-update switched on, time to patch

Dell has copped to a flaw in SupportAssist – a Windows-based troubleshooting program preinstalled on nearly every one of its newer devices running the OS – that allows local hackers to load malicious files with admin privileges.…

Categories: News

Forgotten motherboard driver turns out to be perfect for slipping Windows ransomware past antivirus checks

The Register - Tue, 11/02/2020 - 02:00
Old Gigabyte code lets file-scrambling RobbinHood go undetected

A kernel-level driver for old PC motherboards has been abused by criminals to hijack Windows computers, disable antivirus, and hold files to ransom.…

Categories: News

Game over, LAN, game over! Windows software nasty Emotet spotted spreading via brute-forced Wi-Fi networks

The Register - Mon, 10/02/2020 - 23:06
And shares with guessable passwords

A new variant of the notorious Emotet Windows malware is able to spread wirelessly by brute-forcing Wi-Fi network passwords and scanning for shared drives to infect.…

Categories: News

These truly are the end times for TLS 1.0, 1.1: Firefox hopes to 'eradicate' weak HTTPS standard by blocking it

The Register - Mon, 10/02/2020 - 19:47
Mozilla's browser will, from March, require manual override

Mozilla Firefox will require user intervention to connect to websites using the TLS 1.0 or 1.1 protocol from March 2020 – and plans to eventually block those weak HTTPS connections entirely.…

Categories: News

US govt accuses four Chinese Army soldiers of hacking Equifax and stealing 145 million Americans' data

The Register - Mon, 10/02/2020 - 18:41
It was a state-sponsored attack, declares US Attorney General

The United States has announced criminal charges against four Chinese Army soldiers who, it is claimed, are the hackers who stole 145 million Americans’ personal data from credit scorer Equifax.…

Categories: News

Facebook loses control of its own Twitter account in hacker attack – and more news

The Register - Mon, 10/02/2020 - 06:09
Including: Why was #RootGoat2020 trending on Twitter? It is as silly as you think

Roundup  It's time yet again to recap the latest security happenings.…

Categories: News

Google Chrome to block file downloads – from .exe to .txt – over HTTP by default this year. And we're OK with this

The Register - Fri, 07/02/2020 - 20:44
'I'm sorry, Dave, I'm afraid I can't fetch that document'

Continuing to drop flame retardant on the dumpster fire that is web security, Google on Thursday said it will soon prevent Chrome users from downloading files over insecure, plain old, unencrypted HTTP.…

Categories: News

Uncle Sam tells F-35B allies they'll have to fly the things a lot more if they want to help out around South China Sea

The Register - Fri, 07/02/2020 - 16:24
Plus: Move to Agile is 'high risk' and infosec snafus still not fixed

British F-35Bs deploying to the South China Sea next year may not meet key reliability metrics set by an American government watchdog, its annual report has revealed.…

Categories: News

Day 4 of outage: UK's Manchester police deploy exciting new carbon-based method to record crime

The Register - Fri, 07/02/2020 - 15:27
It may or not involve office stationery

Greater Manchester Police is struggling with a partial outage of a Capita-built computer system used by frontline officers to input information.…

Categories: News

Android owners – you'll want to get these latest security patches, especially for this nasty Bluetooth hijack flaw

The Register - Fri, 07/02/2020 - 06:04
'Pwned with a broadcast' bug among 25 to be patched by Google

Google has posted the February security updates for Android, including for a potentially serious remote code execution flaw in Bluetooth.…

Categories: News

Good: IT admins scrambled to patch 80 per cent of public-facing Citrix boxes to close nightmare hijack hole

The Register - Thu, 06/02/2020 - 21:42
Bad: The other 20 per cent are still wide open. Also bad: Some of those patched machines may have been hacked

Roughly a fifth of the public-facing Citrix devices vulnerable to the CVE-2019-19781 remote-hijacking flaw, aka Shitrix, remain unpatched and open to remote attack.…

Categories: News

Researchers reckon 500k PCs infested with malware after dodgy downloads install even more nasties from Bitbucket

The Register - Thu, 06/02/2020 - 13:45
That 'free' Adobe or Microsoft software isn't all it's cracked up to be, eh?

We don't know who needs to hear this, but don't download cracked commercial software. Researchers claim more than 500,000 PCs have been left wriggling with malware after a cracked app went on to retrieve further nasties from Bitbucket repos.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News