Three words do you not want to hear regarding a 'secure browser' called SafePay: Remote. Code. Execution

The Register - Wed, 24/06/2020 - 08:51
How Bitdefender's security software was caught napping by ad-block bod

Folks running Bitdefender's Total Security 2020 package should check they have the latest version installed following the disclosure of a remote code execution bug.…

Categories: News

The state of OpenPGP key servers: Kristian, can you renew my certificate? A month later: Kristian? Ten days later: Too late, it’s expired

The Register - Wed, 24/06/2020 - 01:05
Sorry, I was busy, came the reply

There was a time when there was a certain amount of pride in the fact internet engineers all knew one another, that systems critical to the internet’s functioning were run in the back of other facilities, and a single person was often in charge of whole services.…

Categories: News

Here's a headline we never thought we'd write 20 years ago: Microsoft readies antivirus for Linux, Android

The Register - Tue, 23/06/2020 - 23:55
Redmond knows a thing or two about tackling malware – amirite, Windows fans?!

Microsoft has extended its antivirus package for servers – better known the Defender Advanced Threat Protection (ATP) for servers suite – to Linux as a general availability release.…

Categories: News

None shall pass: Yet another layer to protect hapless users, employers from dodgy docs added to Microsoft 365

The Register - Tue, 23/06/2020 - 19:32
Clicking through Protected View is why we can't have nice things, so here's 'Safe Documents'

Feeling a bit uncertain about things? Never fear, kind old Microsoft has made Safe Documents generally available (assuming you're a Microsoft 365 E5 subscriber).…

Categories: News

UK police's face recognition tech breaks human rights laws. Outlaw it, civil rights group urges Court of Appeal

The Register - Tue, 23/06/2020 - 17:30
Appeal starts over Cardiff creepycam deployment

Automated facial recognition (AFR) use by British police forces breaches human rights laws, according to lawyers for a man whose face was scanned by the creepycam tech in Cardiff.…

Categories: News

What did it take for stubborn IBM to fix flaws in its Data Risk Manager security software? Someone dropping zero-days

The Register - Tue, 23/06/2020 - 08:05
The other kind of DRM strikes: Bod baffled after attempt to raise alarm over vulnerabilities is ignored

IBM is under fire for refusing to patch critical vulnerabilities in its Data Risk Manager product until exploit code was publicly disclosed.…

Categories: News

Step on it, I've got the police on my hack: Anon swipes, leaks online 269GB of crime intel docs from cops, Feds

The Register - Mon, 22/06/2020 - 23:52
'BlueLeaks' data lifted after web host biz pwned, we're told

Some 269GB of data stolen from police and the Feds in America has been shared online by miscreants.…

Categories: News

We were already secure enough for mass remote working before COVID-19, boast IT pros

The Register - Mon, 22/06/2020 - 20:00
Three-quarters claim pandemic didn't trigger big changes to corporate security settings

Nearly three-quarters of IT professionals haven't increased their company's security posture during the COVID-19 pandemic – while 90 per cent highlighted remote working as a security risk, according to a survey.…

Categories: News

VMware and Office for Mac need patching, Microsoft can scan your firmware, and Anonymous takes credit for Atlanta police hacks

The Register - Mon, 22/06/2020 - 13:45
Plus: Nigeria-based entrepreneur accused of fraud, and more

Roundup  It was another week of furious firefighting in the security space, including the curious tale of a Forbes "most promising" entrepreneur indicted over alleged phishing attacks, new privacy laws in the US, software flaws and more.…

Categories: News

Hey NYPD, when you're done tear-gassing and running over protesters, can you tell us about your spy gear?

The Register - Fri, 19/06/2020 - 22:55
City council demands snoop gear kit reports, mayor OK with that

New York City Council has overwhelmingly voted to require cops to report their use of surveillance technology.…

Categories: News

Australia's Lion brewery hit by second cyber attack as nation staggers under suspected Chinese digital assault

The Register - Fri, 19/06/2020 - 20:10
Wait and see before pointing the finger, warns threat intel boffin

As Australia reels under sustained cyber attacks following increased Chinese diplomatic hostility, the country's Lion brewery and dairy conglomerate has been hit for the second time.…

Categories: News

At Mozilla VPN stands for Vague Product News: Foundation reveals security product will launch eventually, with temporary pricing, in unspecified places

The Register - Fri, 19/06/2020 - 10:42
But it does have a name. 'Firefox Private Network' is out, ‘Mozilla VPN’ is in.

The Mozilla Foundation has announced it will soon launch its VPN.…

Categories: News

Australian PM says nation under serious state-run cyber attack exploiting Microsoft, Citrix, Telerik UI bugs

The Register - Fri, 19/06/2020 - 02:12
Won't say who the attackers are working for – just don't mention 中国

Australian Prime Minister Scott Morrison has called a snap press conference to reveal that the nation is under cyber-attack by a state-based actor, but the nation’s infosec advice agency says that while the attacker has gained access to some systems it has not conducted “any disruptive or destructive activities within victim environments.”…

Categories: News

Feds cuff Detroit man for allegedly hacking University of Pittsburgh Medical Center

The Register - Fri, 19/06/2020 - 01:50
Data pilfered from PeopleSoft HR database sold to tax fraudsters, it is claimed

US federal authorities said they had arrested Justin Sean Johnson in Detroit, Michigan, on charges associated with the 2014 hacking of a human resources database at the University of Pittsburgh Medical Center and thrown the book at him.…

Categories: News

Nothing fills you with confidence in an IT contractor more than hearing its staff personal records were stolen by ransomware hackers. Right, Cognizant?

The Register - Thu, 18/06/2020 - 23:32
Employees bag commiseration prize of free ID protection

Staff records – from social-security and corporate credit card numbers, to passport and bank account details – were siphoned from Cognizant by hackers who then doused the IT contractor in ransomware.…

Categories: News

'Work pressure' sees Maze ransomware gang demand payoff from wrong company

The Register - Thu, 18/06/2020 - 21:40
New York architects hit instead of Canadian standards agency after crooks get names mixed up

The Maze ransomware gang has screwed up by targeting a New York design and construction firm instead of the Canadian Standards Association it was intending to hit.…

Categories: News

Used Cisco Webex recently? Memory vuln could have let remote attackers snoop on your meetings and files

The Register - Thu, 18/06/2020 - 17:45
Only if they'd already pwned your box, mind. Still: get patching!

Cisco Webex suffered from a vuln that could have allowed an attacker to access any account by simply copy-pasting a unique session token into a browser string.…

Categories: News

Chrome extensions are 'the new rootkit' say researchers linking surveillance campaign to Israeli registrar Galcomm

The Register - Thu, 18/06/2020 - 16:15
Galcomm retorts: 'The report is at least irresponsible, if not worse'

Researchers at Awake Security have published a report on malicious extensions in the Chrome web store, making both specific claims of over 32 million downloads of one malware family, and general claims of weak security in both domain registration and Google's store.…

Categories: News

Ah lovely, here's something you can do with those Raspberry Pis, NUC PCs in the bottom of the drawer: Run Ubuntu Appliances on them

The Register - Thu, 18/06/2020 - 07:05
Choose between five options

Ubuntu has launched its Appliance Portfolio, an initiative designed to enable secure smart devices linked to cloud services. All Ubuntu appliances are "free to download and install" but may include an up-sell to paid-for services.…

Categories: News

The girl with the dragnet tattoo: How a TV news clip, Insta snaps, a glimpse of a tat and a T-shirt sold on Etsy led FBI to alleged cop car arsonist

The Register - Wed, 17/06/2020 - 23:31
Woman tracked down, accused of torching patrol vehicles amid protests

A woman accused of setting fire to two Philadelphia police cars during a May 30 protest was tracked down by her online buying-habits and reviews, a social media sweep, and a poor username choice, the FBI has claimed.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News