We like transparency and we're a CA, hackers hack all night and we log all day

The Register - Wed, 15/05/2019 - 19:24
Cert authority Sectigo funds Lets Encrypt transparency log

Let’s Encrypt has wheeled out a new certificate transparency log called Oak, which is funded for a year by the certificates arm of Sectigo (formerly known as Comodo).…

Categories: News

Intel ZombieLoad Side-Channel Attack: 10 Takeaways

Kapersky Labs - Wed, 15/05/2019 - 17:48
Here are 10 top takeaways from Intel's most recent class of Spectre-like speculative execution vulnerabilities, disclosed this week.
Categories: News

Billions of Malicious Bot Attacks Take to Cipher-Stunting to Hide

Kapersky Labs - Wed, 15/05/2019 - 15:50
Attackers have been tampering with TLS signatures at a scale never before seen using a technique called cipher-stunting.
Categories: News

Supreme Court says secret UK spy court's judgments can be overruled after all

The Register - Wed, 15/05/2019 - 15:05
It all went a bit Pete Tong for the Peeping Toms

Britain's Supreme Court said today that rulings from a secretive UK spy tribunal can now be appealed against after a legal challenge from pressure group Privacy International.…

Categories: News

MI5 slapped on the wrist for 'serious' surveillance data breach

The Register - Wed, 15/05/2019 - 12:38
Auditors poked around for a week after too many Peeping Toms had a trawl

Home Secretary Sajid Javid has confessed to Parliament that MI5 bungled the security of "certain technology environments used to store and analyse data," including that of ordinary Britons spied on by the agency.…

Categories: News

Microsoft emits free remote-desktop security patches for WinXP to Server 2008 to avoid another WannaCry

The Register - Wed, 15/05/2019 - 02:48
Plus plenty of other fixes from Redmond and Adobe – and special guest star Citrix

Patch Tuesday  It’s that time of the month again, and Microsoft has released a bumper bundle of security fixes for Patch Tuesday, including one for out-of-support operating systems Windows XP and Server 2003.…

Categories: News

Microsoft Patches Zero-Day Bug Under Active Attack

Kapersky Labs - Tue, 14/05/2019 - 21:49
Microsoft Patch Tuesday security bulletin tackles 22 critical vulnerabilities.
Categories: News

Apple Patches Intel Side-Channel Bugs; Updates iOS, macOS and More

Kapersky Labs - Tue, 14/05/2019 - 21:31
A massive update addresses the breadth of the computing giant's product portfolio.
Categories: News

Intel CPUs Impacted By New Class of Spectre-Like Attacks

Kapersky Labs - Tue, 14/05/2019 - 19:01
Intel has disclosed a new class of speculative execution side channel attacks.
Categories: News

Buffer the Intel flayer: Chipzilla, Microsoft, Linux world, etc emit fixes for yet more data-leaking processor flaws

The Register - Tue, 14/05/2019 - 18:00
Intel CPUs dating back a decade are vulnerable to latest cousin of Spectre

Intel on Tuesday plans to release a set of processor microcode fixes, in conjunction with operating system and hypervisor patches from vendors like Microsoft and those distributing Linux and BSD code, to address a novel set of side-channel attacks that allow microarchitecture data sampling (MDS).…

Categories: News

Adobe Addresses Critical Adobe Flash Player, Acrobat Reader Flaws

Kapersky Labs - Tue, 14/05/2019 - 17:18
Adobe has issued patches for 87 vulnerabilities on Patch Tuesday - the bulk of which exist in Adobe's Acrobat and Reader product.
Categories: News

Linux Kernel Flaw Allows Remote Code-Execution

Kapersky Labs - Tue, 14/05/2019 - 16:21
The bug is remotely exploitable without authentication or user interaction.
Categories: News

WhatsApp Zero-Day Exploited in Targeted Spyware Attacks

Kapersky Labs - Tue, 14/05/2019 - 13:58
WhatsApp has patched a vulnerability that allowed attackers to install spyware on victims' phones.
Categories: News

Cynet: An Autonomous Security Platform for Any Size Organization

Kapersky Labs - Tue, 14/05/2019 - 13:00
Cynet  protects the entire internal environment – including hosts, files, users and the network.
Categories: News

Seize the chance to boost your IT security skills: Trio of training events to choose from

The Register - Tue, 14/05/2019 - 10:03
SANS brings three immersive training events to London

Promo  IT security training specialist SANS Institute is bringing three major training events to London this summer and autumn, each offering a bumper programme of intensive courses designed to arm security professionals with the skills they need to defend against data breaches and malicious attacks.…

Categories: News

It's 2019 and a WhatsApp call can hack a phone: Zero-day exploit infects mobes with spyware

The Register - Tue, 14/05/2019 - 02:18
Rap for surveillanceware chaps in chat app voice yap trap flap – now everyone patch

A security flaw in WhatsApp can be, and has been, exploited to inject spyware into victims' smartphones: all a snoop needs to do is make a booby-trapped voice call to a target's number, and they're in. The victim doesn't need to do a thing other than leave their phone on.…

Categories: News

It's 2019 so now security vulnerabilities are branded using emojis: Meet

The Register - Mon, 13/05/2019 - 23:50
It's pronounced Thrangrycat: A means to bury spyware deep inside pwned networking gear

Security weaknesses at the heart of some of Cisco's network routers, switches, and firewalls can be exploited by hackers to hide spyware deep inside compromised equipment.…

Categories: News

Pair of Cisco Bugs, One Unpatched, Affect Millions of Devices

Kapersky Labs - Mon, 13/05/2019 - 23:17
The two high-severity bugs impact a wide array of enterprise, military and government networks.
Categories: News

Twitter Leaks Apple iOS Users’ Location Data to Ad Partner

Kapersky Labs - Mon, 13/05/2019 - 22:02
A Twitter glitch "inadvertently" leaked iOS users' location data to an unnamed partner.
Categories: News

ScarCruft APT Adds Bluetooth Harvester to its Malware Bag of Tricks

Kapersky Labs - Mon, 13/05/2019 - 17:46
In its latest observed campaign, there were also overlaps in victimology with the DarkHotel APT.
Categories: News


Subscribe to Sec Tec Limited aggregator - News