News

National Lottery Sentry MBA hacker given nine months in jail after swiping just £5

The Register - Fri, 10/01/2020 - 14:23
'You targeted a large charitable organisation' thundered judge

A Londoner who hacked the National Lottery using Sentry MBA and made off with just £5 will spend up to nine months in prison for his crimes.…

Categories: News

Ding-dong: Cisco delivers your Patch Tuesday warm-up with WebEx, IOS fixes for a few irritating security holes

The Register - Fri, 10/01/2020 - 00:58
The main event is next week

Cisco has released a fresh batch of security updates for its networking and comms gear lines.…

Categories: News

Google scolded for depriving the poor of privacy after Chinese malware bundled on phones for hard-up Americans

The Register - Thu, 09/01/2020 - 21:51
To make matters worse, uninstalling it could cause even more pain

On Wednesday, more than 50 advocacy groups accused Google of exploiting poor people by failing to police misbehaving Android apps on cheap phones.…

Categories: News

Why is a 22GB database containing 56 million US folks' personal details sitting on the open internet using a Chinese IP address? Seriously, why?

The Register - Thu, 09/01/2020 - 20:59
If CheckPeople could take a look at this, that would be great

Exclusive  A database containing the personal details of 56.25m US residents – from names and home addresses to phone numbers and ages – has been found on the public internet, served from a computer with a Chinese IP address, bizarrely enough.…

Categories: News

Dixons fined £500,000 by ICO for crap security that exposed 5.6 million customers' payment cards

The Register - Thu, 09/01/2020 - 18:15
Malware loaded onto more than 5k cash tills but pre-GDPR screw-up means retailer dodged bigger financial bullet

Dixons Retail is facing a £500,000 penalty from the Information Commissioner’s Office (ICO) after a hacker installed malware that infected thousands of point of sale tills and scooped up 5.6 million payment card details.…

Categories: News

Hash snag: Security shamans shame SHA-1 standard, confirm crucial collisions citing circa $45k chip cost

The Register - Wed, 08/01/2020 - 22:21
Unsafe hashing algorithm really is unsafe

SHA-1 stands for Secure Hash Algorithm but version 1, developed in 1995, isn't secure at all. It has been vulnerable in theory since 2004 though it took until 2017 for researchers at CWI Amsterdam and Google to demonstrate a practical if somewhat costly collision attack.…

Categories: News

In a desperate bid to stay relevant in 2020's geopolitical upheaval, N. Korea upgrades its Apple Jeus macOS malware

The Register - Wed, 08/01/2020 - 20:50
Nork cash grab nasty gets stealthier

Malware hunters are sounding the alarm over a new, more effective version of the North Korean "Apple Jeus" macOS software nasty.…

Categories: News

TikTok on the clock, and the hacking won't stop: SMS spoofing vuln let baddies twiddle teens' social media videos

The Register - Wed, 08/01/2020 - 18:01
Uploads, deletions, private-to-public switcharoos, all bad stuff

TikTok, a mobile video app popular with teens, was vulnerable to SMS spoofing attacks that could have led to the extraction of private information, according to infosec researchers.…

Categories: News

What if everyone just said 'Nah' to tracking?

The Register - Wed, 08/01/2020 - 11:00
Privacy is nearly dead, but we're not even close to getting over it

Column  Sitting quietly in the upper corner of my browser's address bar, a counter rises as Disconnect thwarts requests to track me. Visiting well-behaved sites (such as El Reg), those numbers tick up more slowly.…

Categories: News

The Six Million Dollar Scam: London cops probe Travelex cyber-ransacking amid reports of £m ransomware demand, wide-open VPN server holes

The Register - Wed, 08/01/2020 - 06:03
We can rebuild him, we have the backups... er, right?

More than a week after its website and online services were taken offline by malware, foreign currency super-exchange Travelex continues to battle through what has become an increasingly damaging outage that may have unpatched VPN servers at its heart.…

Categories: News

If at first you don't succeed, pry, pry again: Feds once again demand Apple unlock encrypted iPhones in yet another terrorism case

The Register - Wed, 08/01/2020 - 01:34
FBI, open up!

Comment  The FBI has asked Apple to unlock two iPhones belonging to a murderer, potentially reviving a tense battle over encryption and the rights of law enforcement to digital devices.…

Categories: News

That Pulse Secure VPN you're using to protect your data? Better get it patched – or it's going to be ransomware time

The Register - Tue, 07/01/2020 - 22:04
Plug this security bypass... if you can even find the boxes running it

Hackers are taking advantage of unpatched enterprise VPN setups ‒ specifically, a long-known bug in Pulse Secure's code ‒ to spread ransomware and other nasties.…

Categories: News

Yeah, says Google Project Zero, when you think about it, going public with exploit deets immediately after a patch is emitted isn't such a great idea

The Register - Tue, 07/01/2020 - 20:22
The Chocolate Factory's bug hunters revise 90-day disclosure rules

Patting itself on its back for motivating software makers to fix 97.7 per cent of the vulnerabilities it identifies within its 90-day disclosure deadline, Google's bug-hunting unit Project Zero has decided to ease up on those racing to patch their flawed products.…

Categories: News

Accenture pays for CSS injection from Symantec parent Broadcom: Yep, it bought its cybersecurity arm

The Register - Tue, 07/01/2020 - 16:47
Price tag undisclosed but we're guessing it won't have made seller rich

Symantec’s parent Broadcom has offloaded its Cyber Security Services (CSS) operation to Accenture for an undisclosed sum.…

Categories: News

Wheelie bad end to 2019 for Canyon Bicycles as hackers puncture IT systems

The Register - Tue, 07/01/2020 - 13:30
CEO confirms servers, software locked by perps

German cycle-maker Canyon Bicycles GmbG has confirmed it was the victim of a security break-in over the holiday period that has all the hallmarks of a ransomware attack with parts of the infrastructure padlocked by the perpetrators.…

Categories: News

I'm the queen of Gibraltar and will never get a traffic ticket... just two of the things <i>anyone</i> could have written into country's laws thanks to unsanitised SQL input vuln

The Register - Tue, 07/01/2020 - 12:27
Run sqlmap, edit online statutes, gain immunity for life?

Exclusive  A SQL injection vulnerability on the Government of Gibraltar's website paved the way for any old Joe to rewrite official web versions of the British Overseas Territory's laws.…

Categories: News

Here we go again: Software nasties slip into Google Play, exploit make-me-root Android flaw for maximum pwnage

The Register - Tue, 07/01/2020 - 06:53
Apps spotted abusing use-after-free() bug seven months before patch

At least three malicious apps with device-hijacking exploits have made it onto the Google Play Store in recent weeks.…

Categories: News

Cyber-warnings, cyber-speculation over cyber-Iran's cyber-retaliation cyber-plans post-Soleimani assassination

The Register - Mon, 06/01/2020 - 20:48
Experts reckon regional infrastructure is in the cross-hairs

With tensions soaring between America and Iran following the drone strike that killed top Persian general Qassem Soleimani, experts are weighing in on what the US could face should the Mid-East nation fully mobilize its cyber resources.…

Categories: News

GCHQ: A cyber-what-now? Rumours of our probe into London Stock Exchange 'cyberattack' have been greatly exaggerated

The Register - Mon, 06/01/2020 - 16:30
Despite 'people familiar with matter' claiming otherwise to US news

GCHQ and its cyber-defence offshoot NCSC have both denied that they are investigating a cyber-attack on the London Stock Exchange, contrary to reports.…

Categories: News

Tune in this month: What every small-to-medium biz can do to fend off cyber-crooks

The Register - Mon, 06/01/2020 - 10:00
Watch online and find out how to strengthen your arsenal of security measures with F-Secure

Webcast  Miscreants are constantly on the lookout for new ways to get at your data, becoming more dangerous all the time as a result.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News