News

'My wife tried to order some clothes tonight. When she logged in, she was in someone else’s account ... Now someone's charged <i>her</i> card'

The Register - Thu, 27/08/2020 - 07:05
Register readers tell of the moment online fashion souk started leaking strangers' details at random

"At the moment some stranger is in her account as they keep adding things to her basket and she keeps taking them out."…

Categories: News

DDoS downs New Zealand stock exchange for third consecutive day

The Register - Thu, 27/08/2020 - 06:28
So much for NZ as the last refuge of civilisation

New Zealand’s stock exchange (NZX) has closed for a third day thanks to a distributed denial-of-service (DDoS) attack.…

Categories: News

Forget your space-age IT security systems. It might just take a $1m bribe and a willing employee to be pwned

The Register - Wed, 26/08/2020 - 21:56
Russian charged with trying to bung staffer cash to infect own bosses' network during DDoS distraction

A Russian citizen is accused of flying to America to bribe a Nevada company employee to infect their bosses' IT network with malware.…

Categories: News

Here's a neat exploit to trick someone into inadvertently emailing their files to you from their Mac, iPhone via Safari

The Register - Wed, 26/08/2020 - 20:21
Speaking purely hypothetically, of course

Pawel Wylecial, a security consultant with Redteam.pl, has published a proof-of-concept exploit for stealing files from iOS and macOS devices via web application code that utilizes the Web Share API.…

Categories: News

Researchers shine light on hackers-for-hire op that hit estate agent with malicious plugin for Autodesk 3ds Max

The Register - Wed, 26/08/2020 - 17:30
Attackers aimed to steal pics, vids, and compressed files

A hacker crew targeted a luxury estate agency involved in multimillion-pound property deals by deploying malicious plugins for 3D design software Autodesk 3ds Max as part of a potential hacks-for-hire operation.…

Categories: News

US election 2020: The disinfo operations have evolved, but so have state governments

The Register - Wed, 26/08/2020 - 14:03
Officials are better prepared for meddling – so attackers have had to rely on mental games

With the United States set to undertake its first Presidential election since the Russian-tinged 2016 race, state governments and social networks are upping their game.…

Categories: News

Impersonating users of 'protest' app Bridgefy was as simple as sniffing Bluetooth handshakes for identifiers

The Register - Tue, 25/08/2020 - 17:27
University of London researchers poked around in 'secure' messaging platform, but didn't like what they found

An instant messaging app whose creators promoted it as secure and end-to-end encrypted was in fact no such thing, according to researchers at Royal Holloway.…

Categories: News

Be very afraid! British Army might scrap battle tanks for keyboard warriors – report

The Register - Tue, 25/08/2020 - 15:25
Before you go all Colonel Blimp, remember it's budget-setting season

The British Army is looking at ditching its tank regiments and spending the money on keyboard warriors instead, according to reports.…

Categories: News

North Korean hackers pwned cryptocurrency sysadmin with GDPR-themed LinkedIn lure, says F-Secure

The Register - Tue, 25/08/2020 - 10:25
Click here to enable your rights... ha, GOTCHA!

Infosec biz F-Secure has uncovered a North Korean phishing campaign that targeted a sysadmin with a fake Linkedin job advert using a General Data Protection Regulation (GDPR) themed lure.…

Categories: News

The Viking Snowden: Denmark spy chief 'relieved of duty' after whistleblower reveals illegal snooping on citizens

The Register - Tue, 25/08/2020 - 08:03
Whereas in America spy chiefs retire on full pensions, hit the chat show circuit

Denmark’s top foreign intelligence chief has been suspended for spying on Danish citizens illegally for up to six years after a whistleblower released a trove of documents to government regulators.…

Categories: News

Canadian shipping company Canpar gets an unwanted delivery – ransomware

The Register - Mon, 24/08/2020 - 11:15
Meanwhile, Gmail finally deals with a 'confused mailman' problem

In brief  It has not been a good week for major Canadian shipping company Canpar Express.…

Categories: News

Bletchley Park Trust can’t crack COVID-caused revenue slump without losing staff

The Register - Mon, 24/08/2020 - 05:57
Plans 35 job losses and even a reduction in IT spend

The Bletchley Park Trust, the host of Britain’s National Museum of Computing and the site of critical feats of wartime code-cracking, has hit financial strife and expects to lay off around a third of its staff.…

Categories: News

Utes gotta be kidding me... University of Utah handed $457K to ransomware creeps

The Register - Fri, 21/08/2020 - 20:28
'After careful consideration' uni decided to pay up using its insurance policy

The University of Utah has admitted to handing over a six-figure pile of cash to scumbags to undo a ransomware infection during which student and staff information was stolen by hackers.…

Categories: News

CREST exam cheat-sheet scandal: New temp chairman at UK infosec body as lawyers and ex-copper get involved

The Register - Fri, 21/08/2020 - 16:10
Plus: Sources showed us some of what was in that Dropbox leak

British infosec accreditation body CREST has appointed an ex-police officer to investigate the NCC Group exam cheat-sheet scandal as its chairman temporarily steps aside.…

Categories: News

Shared memory vulnerability in IBM's Db2 database could let nefarious insiders wreak havoc – so get patching

The Register - Fri, 21/08/2020 - 14:38
Lack of protections around trace facility gives local users read and write access

A bug-hunter has uncovered a vulnerability in IBM's popular enterprise database which, if left unpatched, could allow a local user to access data and kick off a denial-of-service attack.…

Categories: News

Physical locks are less hackable than digital locks, right? Maybe not: Boffins break in with a microphone

The Register - Fri, 21/08/2020 - 10:31
On the other hand, security of cloud-controlled locks 'quite horrifying' say 'cyber-physical' engineers

A computer scientist at the National University of Singapore claims to have demonstrated how recording the sound of a lock turning can be sufficient to make working replica keys.…

Categories: News

Ex-Uber chief security officer charged, accused of concealing a crime by paying hush money to hackers

The Register - Fri, 21/08/2020 - 00:27
Say it ain't Joe?

As Uber's chief security officer, Joe Sullivan broke the law as he bribed hackers with hush money after they stole millions of people's details from company databases, prosecutors say.…

Categories: News

Experian says it recovered and deleted data on 24 million South Africans after giving it to random 'marketing' person

The Register - Thu, 20/08/2020 - 16:20
Credit giant admits to handing over info after 'fraudulent data enquiry'

Credit reference agency Experian has suffered what it somewhat understatedly described as a "data breach" after the firm itself transferred the details of 24 million South Africans to one individual.…

Categories: News

Warehouse management software biz SnapFulfil hit by ransomware: It's not just the big dogs getting KO'd

The Register - Thu, 20/08/2020 - 13:00
I get knocked down, but I get up again... eventually

A UK cloud-based warehouse management software provider was struck by ransomware earlier this week.…

Categories: News

Sloppy string sanitization sabotages system security of millions of Java-powered 3G IoT kit: Patch me if you can

The Register - Thu, 20/08/2020 - 11:02
IBM's X-Force Red X-reveals X-flaw in Thales X-wireless X-module X-thing

A vulnerability in Thales' Cinterion EHS8 M2M module, a Java-powered embedded 3G system used in millions of Internet-of-Things devices for connectivity, was revealed yesterday by IBM's X-Force Red.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News