Thanks for the memories... now pay up or else: Maze ransomware crew claims to have hacked SK hynix, leaks '5% of stolen files'

The Register - Thu, 20/08/2020 - 01:27
More expected to leak unless extortionists are paid off

The Maze hacker gang claims it has infected computer memory maker SK hynix with ransomware and leaked some of the files it stole.…

Categories: News

Floating COVID incubation tank becomes data-leaking ransomware rust bucket

The Register - Wed, 19/08/2020 - 10:28
Carnival admits to intrusion and download of personal data booty

The cruise ship industry is all but shuttered worldwide because the floating hotels are a great way to contract coronavirus. And now the industry's biggest player, Carnival Corporation, has also come down with a case of ransomware.…

Categories: News

Trusting OpenPGP and S/Mime with your email secrets? Depending on your mail client, you might want to rethink that

The Register - Wed, 19/08/2020 - 08:03
Encryption's solid yet that's not the whole story by a long chalk

Boffins testing the security of OpenPGP and S/MIME, two end-to-end encryption schemes for email, recently found multiple vulnerabilities in the way email client software deals with certificates and key exchange mechanisms.…

Categories: News

US senators: WikiLeaks 'likely knew it was assisting Russian intelligence influence effort' in 2016 Dem email leak

The Register - Tue, 18/08/2020 - 22:51
And: 'Putin ordered the Russian effort to hack computer networks' to help Donald Trump win White House race

The 2016 hacking of the Democratic Party's email system – and subsequent leaking of its messages – was personally ordered by Vladimir Putin and aided by Julian Assange, according to the US Senate Select Committee on Intelligence.…

Categories: News

Please stop hard-wiring AWS credentials in your code. Looking at you, uni COVID-19 track-and-test app makers

The Register - Mon, 17/08/2020 - 22:59
In America, student schools you!

Albion College has a plan for students to return safely to campus this fall amid the COVID-19 coronavirus pandemic. It involves being tracked by an app that, at least until a few days ago, appears to have been insecure.…

Categories: News

CREST cancels UK infosec accreditation exams after fresh round of 'cheat sheets' are leaked online

The Register - Mon, 17/08/2020 - 18:10
Oof moment for industry body as tests halted for a month

Exclusive  British infosec accreditation body CREST has suspended all of its accreditation exams after The Register revealed a published cache of files including what appeared to be internal exam sheets as well as docs apparently tied to key industry player NCC Group.…

Categories: News

Reply-All storm sparked by student smut sees school system shut down Google Classroom for up to a week

The Register - Mon, 17/08/2020 - 09:56
Astoundingly naughty students are your new case study on how not to manage personal device access to SaaS

94 Australian public schools will be without email for up to a week after students responded to mistaken use of a mailing list with horrible content, which in turn sparked a Reply-All storm that asked for the circulation of email nasties to stop.…

Categories: News

Feds seize 'largest ever' haul of crypto-dosh from terrorists – including coins from 'fake' pandemic mask web store

The Register - Mon, 17/08/2020 - 07:20
Plus: Someone's gunning for Mac developers

In brief  The US Department of Justice said a combined operation has led to its largest seizure of terrorist-owned cryptocurrency, taking around $2m (£1.5m) from Hamas’s military wing, al-Qaeda, and Islamic State of Iraq and the Levant (ISIS).…

Categories: News

Microsoft Defender casts a jaundiced eye over Citrix, slams services in quarantine on suspicion of being malware

The Register - Fri, 14/08/2020 - 15:26
You say broker, I say trojan, let's call the whole thing off

Those wondering when the Microsoft love-in with Citrix might end will be relieved to learn that Microsoft Defender decided yesterday that Citrix Broker and High Availability Services bore all the hallmarks of a trojan.…

Categories: News

Oracle and Salesforce targeted in €10bn GDPR lawsuit backed by profit-making litigation fund

The Register - Fri, 14/08/2020 - 12:20
Case to be filed in the Netherlands and London

Salesforce and Oracle are to face a GDPR lawsuit in London and the Netherlands that could cost them up to €10bn in fines, a legally aggressive privacy campaign group has claimed to The Register.…

Categories: News

CREST: We are investigating NCC Group certification cheat sheet scandal – and not with NCC personnel

The Register - Fri, 14/08/2020 - 10:51
Infosec cert body looking into it as under-fire firm starts its own probe

Exclusive  British infosec accreditation body CREST has changed some of its exams after cheat sheets containing exam answers and practical walkthroughs were posted on GitHub in a repo that NCC Group confirmed included its own documents.…

Categories: News

Australian government wants power to run cyber-response for businesses under attack

The Register - Fri, 14/08/2020 - 03:55
Ponders giving 'em immunity too for countermeasures up to hacking back.

Australia’s government has proposed giving itself the power to take over private enterprises’ response to cyber-attacks on critical infrastructure.…

Categories: News

This NSA, FBI security advisory has four words you never want to see together: Fancy Bear Linux rootkit

The Register - Fri, 14/08/2020 - 00:48
From Russia, with love

The NSA and FBI are sounding the alarm over a dangerous new strain of Linux malware being employed by Russian government hackers often dubbed the Fancy Bear crew.…

Categories: News

Vivaldi composes sweet ad-blocking symphony for users of browser's Android version

The Register - Thu, 13/08/2020 - 19:02
Oslo outfit ups ante to show off privacy prowess in 3.2

Oslo-based Vivaldi has released an update to its Android browser replete with additional weaponry for the ongoing Tracker and Ad Blocker arms race.…

Categories: News

You weren't hacked because you lacked space-age network defenses. Nor because cyber-gurus picked on you. It's far simpler than that

The Register - Thu, 13/08/2020 - 08:06
Three little words: Patches, passwords, policies

The continued inability of organizations to patch security vulnerabilities in a timely manner, combined with guessable passwords and the spread of automated hacking tools, is making it pretty easy for miscreants, professionals, and thrill-seekers to break into corporate networks.…

Categories: News

Irony, thy name is SANS: 28k records nicked from infosec training org after staffer's email account phished

The Register - Wed, 12/08/2020 - 15:13
Names, email addresses, phone numbers, job titles, company names, country of residence etc. pinched

Updated  Cybersecurity training organisation the SANS Institute suffered the loss of 28,000 items of personally identifiable information (PII) after a staffer's email account was accessed by malicious people.…

Categories: News

If you haven't yet patched this critical hole in SAP NetWeaver Application Server, today is not your day

The Register - Wed, 12/08/2020 - 10:59
Full details of security vuln plus proof-of-concept exploits revealed

We hope you've patched CVE-2020-6262, aka note 2835979, that affects SAP NetWeaver Application Server ABAP, because the folks who found and reported the vulnerability are going public with the details.…

Categories: News

This is node joke. Tor battles to fend off swarm of Bitcoin-stealing evil exit relays making up about 25% of outgoing capacity at its height

The Register - Wed, 12/08/2020 - 07:14
Cash-strapped privacy devs face determined miscreants who keep coming back for more

The Tor Project has confirmed someone, or some group, is in control of a large number of Bitcoin-snaffling exit nodes in its anonymizing network, and it's battling to boot them off.…

Categories: News

Citrix warns of patch-ASAP-grade bugs in its working-from-home products, just as we're all working from home

The Register - Wed, 12/08/2020 - 02:24
Expect Citrix Endpoint Management gear to come under attack soon

With the world+dog releasing patches today, Citrix has another serious security situation it needs users’ help to smother.…

Categories: News

We spent way too long on this Microsoft, Intel, Adobe, SAP, Red Hat Patch Tuesday article. Just click on it, pretend to read it, apply updates

The Register - Wed, 12/08/2020 - 00:02
Please, thanks, good show, cheers, ta

Patch Tuesday  Patch Tuesday used to be Microsoft's day to release patches. Now Adobe, Intel, and SAP are routinely joining the fun – with special guest star Red Hat this month.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News