News

To members of Pizza Hut's loyalty scheme: You really knead to stop reusing your passwords

The Register - Thu, 06/06/2019 - 13:02
Hackers cheese free slices after logins from other websites deliver the goods

Pizza Hut has warned members of its loyalty scheme "Hut Rewards" not to re-use passwords after hackers managed to access some customer accounts.…

Categories: News

Worried ransomware will screw your network? You could consider swallowing your pride, opening your wallet

The Register - Thu, 06/06/2019 - 10:20
We know it's controversial – but don't rule out paying the ransom to unscramble your biz files, experts suggest

As ransomware infections continue, conventional wisdom on how to respond to threats is going out the window.…

Categories: News

It's that time again: Android kicks off June's patch parade with fixes for five hijack holes

The Register - Wed, 05/06/2019 - 23:31
Updates are on the way… if you have a Google device, at least

Google has released its June bundle of security vulnerability patches for Android, with fixes for 22 CVE-listed flaws included.…

Categories: News

Crime doesn't pay? Crime doesn't do secure coding, either: Akamai bug-hunters find hijack hole in bank phishing kit

The Register - Wed, 05/06/2019 - 14:00
Absolutely criminal behavior – unrestricted file upload, really?

Exclusive  Phishing kits – used by miscreants to build webpages that steal victims' personal information and money by masquerading as legit websites – harbor vulnerabilities that can be exploited by other miscreants to pilfer freshly stolen data.…

Categories: News

Labs are for nerds, it's simply Kaspersky now – just hold still while we cyber-immunise you

The Register - Wed, 05/06/2019 - 09:45
Inoffensive, nondescript logo screams 'building a safer world'

Logowatch  The strategy boutique opened a pop-up shop on the wild steppe of Kaspersky Lab yesterday as the Russian antivirus developer revealed a daring redesign that involves dropping the word "Lab".…

Categories: News

Bloody awful: Hell-thcare hackers break into databases of 20m medical test biz patients

The Register - Wed, 05/06/2019 - 01:41
Outsourced silos of personal info raided, at least 200,000 payment details swiped

Hackers have raided databases containing millions of medical test lab patients' personal and payment information, making off with at least hundreds of thousands of people's banking details.…

Categories: News

Malware spotted doing unspeakable, filthy things to infected Macs – injecting Bing results into Google searches

The Register - Tue, 04/06/2019 - 19:31
Or so claim these security bods after clocking proxy-installing fake Flash plugin

A devious and baffling new strain of malware intercepts and tampers with internet traffic on infected Apple Macs to inject Bing results into users' Google search results, we're told.…

Categories: News

Strewth: Hackers slurp 19 years of Oz student data in uni's second breach within a year

The Register - Tue, 04/06/2019 - 12:30
Upgraded its systems after attack in early '18, just enough to detect attack in late '18

The Australian National University (ANU) today copped to a fresh breach in which intruders gained access to "significant amounts" of data stretching back 19 years.…

Categories: News

Supra smart TVs aren't so super smart: Hole lets hackers go all Max Headroom on e-tellies

The Register - Tue, 04/06/2019 - 08:03
Video streams can be hijacked by anyone on your Wi-Fi

Owners of Supra Smart Cloud TVs are in danger of getting some unwanted programming: it's possible for miscreants or malware on your Wi-Fi network to switch whatever you're watching for video of their or its choosing.…

Categories: News

Devs slam Microsoft for injecting tech-support scam ads into their Windows Store apps

The Register - Tue, 04/06/2019 - 06:06
Redmond kinda just shrugs after advertising systems sling scareware pop-ups at users

Application makers are crying foul after some of their programs distributed via the Windows Store popped open tech-support scam ads on users' desktops.…

Categories: News

IEEE says it may have gone about things the wrong Huawei, lifts ban after US govt clearance

The Register - Mon, 03/06/2019 - 14:50
Academic outfit U-turns on blacklisting Chinese bogeyman

The US-based Institute of Electrical and Electronics Engineers (IEEE) has lifted its sanctions on Huawei-linked academic reviewers.…

Categories: News

Legacy app whitelist can be abused to bypass latest macOS security features, expert warns

The Register - Mon, 03/06/2019 - 13:10
Three words to ruin an Apple engineer's day: 'Patrick Wardle disclosure'

Malware can bypass protections in macOS Mojave, and potentially access user data as well as the webcam and mic – by exploiting a hole in Apple's legacy app support.…

Categories: News

Pharma-testing biz Eurofins Scientific says it fell victim to 'new version' of malware

The Register - Mon, 03/06/2019 - 12:15
No data nicked in weekend attack but systems and server pulled to contain infection

Bio-analytical testing biz Eurofins Scientific today admitted it was the subject of a ransomware attack at the weekend.…

Categories: News

Nginx will need patches, hotels exposed by their own security tools, Docker containers dinged, and more

The Register - Mon, 03/06/2019 - 07:03
Another week of security mishaps is in the books

Roundup  Here's a quick summary of news in the world of information security beyond everything we've already covered.…

Categories: News

You go that way, we'll go Huawei: China Computer Federation kicks back at IEEE in tit-for-tat spat

The Register - Fri, 31/05/2019 - 12:55
Now they're withdrawing co-operation too

Following disquiet over the IEEE's decision to block Huawei-linked researchers from doing various academic tasks, a Chinese computer research body has reportedly severed ties with the IEEE in retaliation.…

Categories: News

Own goal for Leicester City FC after fan credit card details snatched in merch store breach

The Register - Fri, 31/05/2019 - 12:18
If you've bought a Foxes shirt lately, check your statements

Leicester City Football Club has quietly told people who bought stuff from its website that their financial details have been stolen by hackers – and those details include credit card numbers and CVVs.…

Categories: News

Mozilla returns crypto-signed website packaging spec to sender – yes, it's Google

The Register - Thu, 30/05/2019 - 21:58
Ad giant's site slurping tech complicates web security model, could give more power to search engines and social networks, Firefox maker warns

Mozilla has published a series of objections to web packaging, a content distribution scheme proposed by engineers at Google that the Firefox maker considers harmful to the web in its current form.…

Categories: News

Senator: US govt staff may be sending their smartphone web traffic 'wrapped in a bow' to Russia, China via VPNs

The Register - Thu, 30/05/2019 - 20:49
No policy to stop use of dodgy foreign network providers. You'd hope common sense would prevail, but...

US government workers may be placing America's national security at risk as there is no official policy banning them from running their smartphones' personal and official internet traffic through untrustworthy foreign-hosted VPN services.…

Categories: News

We ain't afraid of no 'ghost user': Infosec world tells GCHQ to GTFO over privacy-busting proposals

The Register - Thu, 30/05/2019 - 13:35
Brit spies' idea would backdoor WhatsApp et al without breaking the crypto

Bruce Schneier, Richard Stallman and a host of western tech companies including Microsoft and WhatsApp are pushing back hard against GCHQ proposals that to add a "ghost user" to encrypted messaging services.…

Categories: News

Chinese software nasty enslaves stadium-load of servers, puts them to work digging up digital dosh in crypto-mines

The Register - Thu, 30/05/2019 - 10:04
Nanshou malware hijacked more than 50,000 MS-SQL boxes with rootkits

More than 50,000 servers around the world have been infected with malware that installs crypto-coin-mining scripts and advanced rootkits, it is claimed.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News