AT&T Alien Labs warns of 'zero or low detection' for TeamTNT's latest malware bundle

The Register - Wed, 08/09/2021 - 13:15
Chimaera toolkit found on 'thousands' of Windows, Linux, and container systems worldwide

AT&T's Alien Labs security division has sounded the alarm on a malware campaign from TeamTNT which, it claims, has gone almost entirely undetected by anti-virus systems - and which is turning target devices into cryptocurrency miners.…

Categories: News

Global pandemic was good for business say UK infosec pros – but we're still burning out

The Register - Wed, 08/09/2021 - 12:28
Chartered Institute of Information Security reveals what you're all thinking

The COVID-19 pandemic was good for business, according to British infosec workers – although half of them still say they feel burnt out amid the surge in work.…

Categories: News

Patch now? Why enterprise exploits are still partying like it's 1999

The Register - Wed, 08/09/2021 - 10:13
Am I only dreaming, or is this burning an Eternal Blue?

Some vulnerabilities remain unreported for the longest time. The 12-year-old Dell SupportAssist remote code execution (RCE) flaw – which was finally unearthed earlier this year – would be one example.…

Categories: News

Ransomware attacks are inevitable. Paying the ransom isn’t

The Register - Wed, 08/09/2021 - 08:30
Join security leaders to learn why network, perimeter, and application security aren’t enough

Sponsored  Ransomware attacks have accelerated at a feverish pace in the last year leaving small businesses, large enterprises, and government agencies scrambling to protect the lifeblood of their organizations – their data. So what can you do?…

Categories: News

Miscreants fling booby-trapped Office files at victims, no patch yet, says Microsoft

The Register - Tue, 07/09/2021 - 23:20
ActiveX and MSHTML, the gift that keeps on giving ... to intruders

In an advisory issued on Tuesday, Microsoft said some of its users were targeted by poisoned Office documents that exploit an unpatched flaw to hijack their Windows machines.…

Categories: News

Can WhatsApp moderators really read your encrypted texts? Yes ... if you forward them to the abuse dept

The Register - Tue, 07/09/2021 - 22:13
Where did people think spam and harassment reports were going?

Facebook's WhatsApp states its messages are protected by the Signal encryption protocol. A report published today by investigative non-profit ProPublica contends that WhatsApp communication is less private than users understand or expect.…

Categories: News

UK data watchdog brings cookies to G7 meeting – pop-up consent requests, not the delicious baked treats

The Register - Tue, 07/09/2021 - 13:20
Why are they asking G7 to do their job for them, muses critic

Cookies are on the menu today for the G7 as the UK's Information Commissioner's Office (ICO) proposes to the group of leading global economies that consent pop-ups should be reduced.…

Categories: News

ProtonMail deletes 'we don't log your IP' boast from website after French climate activist reportedly arrested

The Register - Tue, 07/09/2021 - 12:31
Cops can read the SMTP spec too, y'know

Encrypted email service ProtonMail has become embroiled in a minor scandal after responding to a legal request to hand over a user's IP address and details of the devices he used to access his mailbox to Swiss police – resulting in the user's arrest.…

Categories: News

Guntrader breach perp: I don't think it's a crime to dump 111k people's details online in Google Earth format

The Register - Tue, 07/09/2021 - 11:01
Plus: Police aren't treating breaches as terror offence

The person who reformatted the Guntrader hack data as a Google Earth-compatible CSV has said they are prepared to go to prison – while denying their actions amounted to a criminal offence.…

Categories: News

Glasgow firm fined £150k after half a million nuisance calls, spoofing phone number, using false trading names

The Register - Tue, 07/09/2021 - 09:29
DialADeal is no longer operating

A Glasgow-based company is facing a £150,000 penalty handed down by the UK's data watchdog for making more than half a million nuisance calls about bogus green energy deals.…

Categories: News

Jenkins struck by 'Confluenza' as US Cyber Command warns Atlassian flaw 'cannot wait'

The Register - Mon, 06/09/2021 - 14:51
How was your weekend? Got some patching done?

The Jenkins team issued a reminder over the weekend that one should keep one's systems patched as it found itself with a compromised Confluence service.…

Categories: News

When the bits hit the fan: What to do when ransomware strikes

The Register - Mon, 06/09/2021 - 11:01
Don't trust the insurer's techies, take the blame and other practical tips

Feature  When I first became a company chief techie, the finance director patronisingly explained the basic asymmetry of prevention vs cure. Spending money on assets to stop an attack come out of capex, but spending after the disaster would be up to the insurer, with premiums deducted out of opex. Also, prevention costs reduced current bonuses.…

Categories: News

Indonesian President's COVID jab cert leaks – authorities argue that's perfectly reasonable

The Register - Mon, 06/09/2021 - 02:53
It's not as if politicians' birthdays aren't well known, and they get jabbed on live TV

Indonesian authorities have admitted that the COVID-19 vaccination certificate of the nation's President has circulated online and tried to explain that it's an indication of admirable transparency, rather than lamentable security.…

Categories: News

Norwegian student tracks Bluetooth headset wearers by wardriving around Oslo on a bicycle

The Register - Sat, 04/09/2021 - 08:09
Address randomisation not implemented on some, it seems

A Norwegian student who went wardriving around Oslo on a pushbike has discovered that several popular models of Bluetooth headphones don't implement MAC address randomisation – meaning they can be used to track their wearers.…

Categories: News

Apple stalls CSAM auto-scan on devices after 'feedback' from everyone on Earth

The Register - Fri, 03/09/2021 - 21:48
Critics celebrate reconsideration of 'spyPhone' regime

Apple on Friday said it intends to delay the introduction of its plan to commandeer customers' own devices to scan their iCloud-bound photos for illegal child exploitation imagery, a concession to the broad backlash that followed from the initiative.…

Categories: News

Rapid7 says Computer Misuse Act should include 'good faith' infosec research exemption

The Register - Fri, 03/09/2021 - 16:16
Security biz publishes plans for law reforms

Infosec firm Rapid7 has joined the chorus of voices urging reform to the UK's Computer Misuse Act, publishing its detailed proposals intended to change the cobwebby old law for the better.…

Categories: News

New Zealand internet outage blamed on DDoS attack on nation's third largest internet provider

The Register - Fri, 03/09/2021 - 14:13
Here in the UK, Sky broadband users back online

Parts of New Zealand were cut off from the digital world today after a major local ISP was hit by an aggressive DDoS attack.…

Categories: News

Confessions of a ransomware negotiator: Well, somebody's got to talk to the criminals holding data hostage

The Register - Fri, 03/09/2021 - 11:28
We can't deny people are paying up left, right, and centre...

Interview  Many people outside of IT believe computers will do away with jobs, but the current ransomware plague shows that new and more curious kinds of jobs are created at least as fast. So what sort of background sets you up to talk to people holding your data for ransom?…

Categories: News

Spring or autumn, your biggest cyber threat could be in the cloud

The Register - Fri, 03/09/2021 - 00:00
Tune in to SANS Institute's seasoned security experts

Sponsored  The sun never seems to set on the cybercriminal threat, but whether you’re heading into autumn or bursting into spring you can tap into the world’s finest cyber security training, at upcoming SANS Institute events in Asia and Oceania.…

Categories: News

FTC bans 'brazen' stalkerware maker SpyFone, orders data deletion, alerts to victims

The Register - Thu, 02/09/2021 - 22:05
Insecure systems were compromised by miscreant, too, watchdog said

America's trade watchdog today banned stalkerware developer SpyFone and its CEO from the surveillance industry, effectively putting an end to its business.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News