Hey, friends. We know it's a crazy time for the economy, but don't forget to enable 2FA for payments by Saturday

The Register - Fri, 13/03/2020 - 16:43
Deadline for multi-factor authentication in UK banking looms

Saturday is the delayed deadline for UK banks and financial institutions to have implemented two-factor authentication for payment transactions.…

Categories: News

Open-source bug bonanza: Vulnerabilities up almost 50 per cent thanks to people actually looking for them

The Register - Fri, 13/03/2020 - 07:05
Can't fix flaws if you don't look for them

The number of vulnerabilities in open source projects surged almost 50 per cent in 2019, according to security biz WhiteSource, which can be seen as good news in the sense that you don't find what you're not looking for.…

Categories: News

Avast pulls plug on insecure JavaScript engine in its security software suite

The Register - Fri, 13/03/2020 - 02:16
Code interpreter ran with admin-level access, not sand-boxed, potentially open to remote-code execution

Avast has disabled a component in its Windows anti-malware suite that posed, ironically enough, a significant security risk.…

Categories: News

Fresh virus misery for Illinois: Public health agency taken down by... web ransomware. Great timing, scumbags

The Register - Thu, 12/03/2020 - 23:57
Not like anyone is looking for medical advice right now

As the world tackles the COVID-19 coronavirus pandemic, ransomware creeps have knocked offline a public health agency's website that served nearly a quarter of a million people in the US.…

Categories: News

Thought you were done after Tuesday's 115-fix day? Not yet: Microsoft emits crisis SMBv3 worm-cure patch

The Register - Thu, 12/03/2020 - 19:49
Anyone able to reach a vulnerable machine can get system-level access, no login needed

Microsoft has released an out-of-band emergency patch for a wormable remote-code execution hole in SMBv3, the Windows network file system protocol.…

Categories: News

US Congress: Spying law is flawed, open to abuse, and lacking in accountability – so let's reauthorize it

The Register - Thu, 12/03/2020 - 18:08
Yep, it's NSA Groundhog Day again

Despite recent revelations that the process by which the FBI and NSA gain approval for spying on US citizens is open to abuse, the US Congress is again planning to reauthorize the USA Freedom Act that gives those measures their legal foundation.…

Categories: News

Russia-backed Turla crew's new malware has discerning taste when screening visitors to poisoned watering holes

The Register - Thu, 12/03/2020 - 10:30
Previously unseen nasty spotted lurking in Armenian government websites

Russia's infamous Turla hacking crew looks to be gearing up for a new offensive, according to researchers with ESET.…

Categories: News

Microsoft nukes 9 million-strong Necurs botnet after unpicking domain name-generating algorithm

The Register - Wed, 11/03/2020 - 21:28
Takedown should (in theory) see spam volumes shrink rapidly

Microsoft has bragged of downing a nine million-strong Russian botnet responsible for vast quantities of email spam.…

Categories: News

Find out how to manage detection and response for better cyber security

The Register - Wed, 11/03/2020 - 17:00
Draw together disparate systems and spread your infosec skills wider with Open Systems

Webcast  While a prevention layer around your network is important, don't forget you need detection and response practices to deal with threats once they’re in your systems – and to mitigate their effects quickly and thoroughly.…

Categories: News

Secret-sharing app Whisper shared secrets like last known location and actual password tokens in exposed database

The Register - Wed, 11/03/2020 - 13:42
900 million records detailing country, interests and more left in full view

Whisper, a mobile app for sharing those thoughts you'd rather not make public, turns out to be better at sharing secrets than keeping them, spilling a whopping 90 metadata fields associated with users in an exposed database.…

Categories: News

The Reg produces exhibit A1: A UK court IT system running Windows XP

The Register - Wed, 11/03/2020 - 09:00
Plus thousands of laptops on unloved Windows OS used by Ministry of Justice, it admits

Exclusive  A critical crown court IT system and thousands of laptops used by the UK's Ministry of Justice run on Microsoft's obsolete and unsupported Windows XP operating system, The Register can reveal.…

Categories: News

Google: You know we said that Chrome tracker contained no personally identifiable info? Forget we ever said that

The Register - Wed, 11/03/2020 - 08:03
Chocolate Factory clarifies its header for monitoring browser field trials following The Register report

Google has stopped claiming that an identifier it uses internally to track experimental features and variations in its Chrome browser contains no personally identifiable information.…

Categories: News

Stuck at home? Need something to keep busy with? Microsoft has 115 ideas – and yes, we mean security fixes

The Register - Wed, 11/03/2020 - 02:33
Hefty Patch Tuesday covers critical Word, Dynamics bugs

Microsoft has emitted more than 100 fixes in its March batch of security updates.…

Categories: News

That LVI CPU hole wasn't the only Intel fix: Dozens of flaws patched to stop chips turning into potatoes

The Register - Wed, 11/03/2020 - 01:01
Monthly batch of updates covers FPGAs, graphics drivers, and more

Intel has posted a fresh crop of firmware updates for security flaws in its chipsets.…

Categories: News

California tech industry gets its first big coronavirus hit: RSA Conference attendee infected, in serious condition

The Register - Tue, 10/03/2020 - 20:36
NASA also struck, more conferences cancelled, WISPA is moving ahead

Updated  The deadly Wuhan coronavirus has reached California’s tech sector with the news that an engineer who attended the RSA Conference in San Francisco last month has now tested positive for COVID-19 – and is in a serious condition.…

Categories: News

You only LVI twice: Meltdown The Sequel strikes Intel chips – and full mitigation against data-meddling flaw will cost you 50%+ of performance

The Register - Tue, 10/03/2020 - 17:00
Chipzilla's silicon will surrender secrets if properly probed

Computer security researchers involved in the discovery of the Meltdown and Spectre vulnerabilities affecting many modern processors have developed a related attack technique called Load Value Injection (LVI).…

Categories: News

Avast's AntiTrack promised to protect your privacy. Instead, it opened you to miscreant-in-the-middle snooping

The Register - Tue, 10/03/2020 - 00:43
HTTPS traffic could be intercepted, manipulated, thanks to sloppy proxy

You'd think HTTPS certificate checking would be a cinch for a computer security toolkit – but no so for Avast's AntiTrack privacy tool.…

Categories: News

AMD, boffins clash over chip data-leak claims: Side-channel holes revealed in decade of processors

The Register - Mon, 09/03/2020 - 21:10
Maybe don't be quite so smug, security researchers warn

AMD processors sold between 2011 to 2019 are vulnerable to two side-channel attacks that can extract kernel data and secrets, according to a new research paper.…

Categories: News

NSO Group fires back at Facebook: You lied to the court claims spyware slinger, and we've got the proof

The Register - Mon, 09/03/2020 - 19:33
Israeli firm says Social Network didn't properly serve legal docs

Facebook has been accused of lying to a US court in its ongoing legal battle against government malware maker NSO Group.…

Categories: News

Months-long trial of alleged CIA Vault 7 exploit leaker ends with hung jury: Ex-sysadmin guilty of contempt, lying to FBI

The Register - Mon, 09/03/2020 - 18:01
Mystery still surrounds saga of top-secret tools spillage

The extraordinary trial of a former CIA sysadmin accusing of leaking top-secret hacking tools to WikiLeaks has ended in a mistrial.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News