News

Your cloud security is static – and you’re open to more risk than you realize

The Register - Wed, 21/04/2021 - 08:30
Make your move before the cyber-crims make theirs, says Sysdig

Promo  The cloud has transformed how you manage your infrastructure and software development, enabling continuous integration and deployment, while allowing you to keep your operations running, well, continuously.…

Categories: News

Japan accuses Chinese military of cyber-attacks on its space agency

The Register - Wed, 21/04/2021 - 04:30
200 other companies also targeted, but no data lost

Japan has accused a member of the Chinese Communist Party of conducting cyber-attacks on its space agency and 200 other local entities.…

Categories: News

China broke into govt, defense, finance networks via zero-day in Pulse Secure VPN gateways? No way

The Register - Tue, 20/04/2021 - 23:20
Crucial flaw won't be fixed until next month

Dozens of defense companies, government agencies, and financial organizations in America and abroad appear to have been compromised by China via vulnerabilities in their Pulse Connect Secure VPN appliances – including a zero-day flaw that won't be patched until next month.…

Categories: News

Would be so cool if everyone normalized these pesky data leaks, says data-leaking Facebook in leaked memo

The Register - Tue, 20/04/2021 - 20:51
Blundering mouthpiece sent arrogant line to journalist by accident

Facebook wants you to believe that the scraping of 533 million people’s personal data from its platform, and the dumping of that data online by nefarious people, is something to be “normalised.”…

Categories: News

LinkedIn was vector for 10,000 hostile state recruiting efforts against Brits, warns MI5

The Register - Tue, 20/04/2021 - 16:48
Campaign launched to alert public sector staff that not everyone on the internet is nice

Ten thousand Britons have been targeted on LinkedIn by recruiters for the Chinese and Russian intelligence services, according to an awarenss campaign launched by domestic spy agency MI5 this morning.…

Categories: News

We need to talk about criminal adversaries who want you to eat undercooked onion rings

The Register - Tue, 20/04/2021 - 12:37
Cisco Talos discovers flaws in air fryer, connected chip cooker firm fails to fix

Bad news for lockdown slimmers who've ignored advice about not needing to connect every friggin' appliance in their home to the internet: Talos researchers have sniffed out security flaws allowing attackers to hijack your air fryer.…

Categories: News

Bank of England ponders minting ‘Britcoin’ to sit alongside the Pound

The Register - Tue, 20/04/2021 - 07:56
Taskforce and two forums to consider Central Bank Digital Currency

The Bank of England and HM Treasury have formed a Taskforce to “coordinate the exploration of a potential UK Central Bank Digital Currency (CBDC).”…

Categories: News

Who knew Uncle Sam had strike teams for SolarWinds, Exchange flaws? Well, anyway, they are disbanded

The Register - Mon, 19/04/2021 - 23:28
Lessons learned and mission accomplished, apparently

The US government's response groups for dealing with recent SolarWinds and Microsoft Exchange vulnerabilities have reached the end of the road.…

Categories: News

WordPress core contributor proposes treating Google FLoC as a security vulnerability

The Register - Mon, 19/04/2021 - 21:27
Let's opt every WordPress site out of FLoC. Nice idea, but security update? Really?

A proposal by a WordPress core contributor to treat Google's FLoC ad tech as a security vulnerability, and therefore backport an automatic opt-out to previous WordPress versions, shows the depth of community opposition to the technology.…

Categories: News

Won't somebody please think of the children!!! UK to mount fresh assault on end-to-end encryption in Facebook

The Register - Mon, 19/04/2021 - 19:45
Change the record, nobody's fooled by this now

UK Home Secretary Priti Patel will badmouth Facebook's use of end-to-end encryption on Monday evening as she links the security technology with paedophilia, terrorism, organised crime, and so on.…

Categories: News

Codecov dev tool warns of stolen credentials from compromised script, undiscovered for two months

The Register - Mon, 19/04/2021 - 17:03
Environment variables full of secrets uploaded to attacker server

Codecov, makers of a code coverage tool used by over 29,000 customers, has warned that a compromised script may have stolen credentials over a period of two months, before it was discovered a few weeks ago.…

Categories: News

Sysadmin for FIN7 criminal cracking group gets 10 years in US prison for managing card slurping malware scam

The Register - Mon, 19/04/2021 - 15:15
Plus Pwn2Own faces fire and update Chrome immediately

In Brief  The former systems administrator for the FIN7 card-slurping gang has been sentenced to 10 years in a US prison.…

Categories: News

Brit authorities could legally do an FBI and scrub malware from compromised boxen without your knowledge

The Register - Mon, 19/04/2021 - 10:39
Would move for The Greater Good™ actually be good, though?

Comment  UK authorities could lawfully copy the FBI and forcibly remove web shells from compromised Microsoft Exchange server deployments – but some members of the British infosec industry are remarkably quiet about whether this would be a good thing.…

Categories: News

Pakistan cut off Facebook, Twitter, WhatsApp, and Telegram – for just four hours

The Register - Mon, 19/04/2021 - 06:58
To stop protests by far-right party that wants France’s ambassador expelled

Pakistan shut down several social networks within its borders last Friday but lifted the ban after around four hours.…

Categories: News

Russian infosec firm Positive Technologies trying to stay positive after US sanctions

The Register - Fri, 16/04/2021 - 18:25
Company insists it's a legit operator that's here to help

Positive Technologies has hit back at the US government's "groundless accusations" that it helped the Russian state carry out cyber attacks against the West – by highlighting how "government agencies of different countries" use its products.…

Categories: News

Microsoft received almost 25,000 requests for consumer data from law enforcement over the last six months

The Register - Fri, 16/04/2021 - 15:41
25% were rejected, and it's less than 2013's figure... but be wary of what Redmond does with your information

Microsoft has had a busy six months if its latest biannual digital trust report is anything to go by as law enforcement agencies crept closer to making 25,000 legal requests.…

Categories: News

Watchdog thinks Google tricked Australians into giving up data, sues. Judge semi-agrees

The Register - Fri, 16/04/2021 - 12:30
Google employees called the meeting to discuss AP's data privacy reveal the 'Oh Shit' meeting

Australian federal court sent a message to Big Tech about its willingness to act on privacy violations when it ruled today that Google had "partially" misled consumers about collecting mobile phone personal location data.…

Categories: News

Mobile app security standard for IoT, VPNs proposed by group backed by Big Tech

The Register - Thu, 15/04/2021 - 22:42
ioXt Alliance aims to bring 'transparency and visibility'

On Thursday the ioXt Alliance, an Internet of Things (IoT) security trade group backed by some of the biggest names in the business, introduced a set of baseline standards for mobile apps, in the hope that IoT security may someday be a bit less of a dumpster fire.…

Categories: News

It was Russia wot did it: SolarWinds hack was done by Kremlin's APT29 crew, say UK and US

The Register - Thu, 15/04/2021 - 16:49
And Positive Technologies has been slapped with American sanctions

Breaking  Russia’s infamous APT 29, aka Cozy Bear, was behind the SolarWinds Orion attack, the US and UK governments said today as America slapped sanctions on Russian infosec companies as well as expelling diplomats from that country’s US embassy.…

Categories: News

University of Hertfordshire pulls the plug on, well, everything after cyber attack

The Register - Thu, 15/04/2021 - 16:04
Another UK institution topples at the hands of miscreants

The University of Hertfordshire has fallen victim to a cyber attack that has resulted in the establishment pulling all its systems offline to deal with the situation.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News