Bus pass or bus ass? Hackers peeved about public transport claim to have reverse engineered ticket app for free rides

The Register - Wed, 04/09/2019 - 10:05
'RSA private keys' baked into Manchester firm's software

A hacker collective has said that it found the private keys for a Manchester bus company's QR code ticketing app embedded in the app itself – and has now released its own ride-buses-for-free code.…

Categories: News

Fancy buying a compact and bijou cardboard box home in a San Francisco alley? This $2.5m Android bounty will get you nearly there

The Register - Wed, 04/09/2019 - 01:22
Bug seller Zerodium boosts payouts for 'droid, slashes iOS prices in half

Bug-broker Zerodium says it will cough up as much as $2.5m in exchange for techniques to silently and remotely hijack Android devices via critical vulnerabilities, signaling a major change in the pricing of security holes.…

Categories: News

Enjoy the holiday weekend America? Well-rested? Good. Supermicro server boards can be remotely hijacked

The Register - Tue, 03/09/2019 - 11:00
Virtual USB hub allows attackers to get into BMCs

Tens of thousands of servers around the world are believed to be hosting a vulnerability that would allow an attacker to remotely commandeer them.…

Categories: News

NATO sharpens its cyber-lances, prepares for war games with virtual jousting tournament

The Register - Tue, 03/09/2019 - 10:00
Hey, ex-Soviet state-backed threat actors, you watching?

Fresh from secretary-general Jens Stoltenberg’s repeated promises to hack back at cyber-attackers, NATO is now preparing to run a large-scale cyber exercise to test its infosec defences.…

Categories: News

Teletext Holidays a) exists and b) left 200k customer call recordings exposed in S3 bucket

The Register - Mon, 02/09/2019 - 17:15
Get your grandparents to book with someone else

Teletext Holidays managed to leave more than 200,000 customer phone call recordings exposed on an unsecured AWS server, according to reports.…

Categories: News

Oh there it is, Facebook shrugs as Free Basics private key found to be signing unrelated apps

The Register - Mon, 02/09/2019 - 14:15
Walled-garden Android platform security easily copied

Facebook has insisted that losing control of the private key used to sign its Facebook Basics app is no biggie despite totally unrelated apps from other vendors, signed with the same key, popping up in unofficial repositories.…

Categories: News

JACK OF ALL TIRADES: Twitter boss loses account to cunning foul-mouthed pranksters

The Register - Sat, 31/08/2019 - 11:01
Plus a Cisco bug, dentists bitten by malware, and France takes down a worm

Roundup  This week ended with a bang, thanks to some Twitter hackers.…

Categories: News

Coin-mining malware jumps from ARM IoT gear to Intel servers

The Register - Sat, 31/08/2019 - 00:22
Cryptocurrency crooks look to siphon cycles from enterprise kit

Exclusive  A coin-mining malware infection previously only seen on ARM IoT devices has made the jump to Intel systems.…

Categories: News

Google security crew sheds light long-running iOS spyware operation

The Register - Fri, 30/08/2019 - 19:39
Project Zero dissects years-long surveillance campaign

Google's Project Zero says more than a dozen iOS flaws that Apple patched back in February had been under attack for years.…

Categories: News

For Foxit's sake: PDF editor biz breached, users' passwords among stolen data

The Register - Fri, 30/08/2019 - 18:00
And they're imposing a 20-character limit on new ones

Users of software house Foxit's free and paid-for products, including its popular PhantomPDF editor, may have fallen victim to a data breach – with stolen data including users' website passwords.…

Categories: News

When you think how infamous NHS-pwning malware's still hitting the unwary, it'll make you WannaCry – Kaspersky

The Register - Fri, 30/08/2019 - 15:03
Ransomware strain was top customer call-out title in 2018

Kaspersky Lab reckons the number one reason its customers call them for emergency help is because of ransomware – with Wannacry still playing a large part in detections picked up by the Russian company.…

Categories: News

Despite billions in spending, your 'military grade' network will still be leaking data

The Register - Fri, 30/08/2019 - 11:10
You can't patch stupid

Despite years of corporate awareness training, warning articles in The Reg and regular bollockings by frustrated IT admins, human error is still behind most personal data leaks, a newly released study says.…

Categories: News

I just love your accent - please, have a new password

The Register - Fri, 30/08/2019 - 08:15
How's that Boris Johnson impression working out for you?

On Call  Welcome to On Call, The Register's weekly dive into the mailbag of woe from those faced with recalcitrant users or, occasionally, an overly helpful operator.…

Categories: News

Google takes a little more responsibility for its Android world, will cough up bounties for mega-popular app bugs

The Register - Thu, 29/08/2019 - 23:14
Payouts extended to anything with more than 100m installs

Google is expanding its Android bug-bounty program to cover not just holes in the web giant's apps but also vulnerabilities in third-party software – as long as they have more than 100 million installs.…

Categories: News

Capital One 'hacker' hit with fresh charges: She burgled 30 other AWS-hosted orgs, Feds claim

The Register - Thu, 29/08/2019 - 21:02
Ex-Amazon techie accused of cyber-looting other storage buckets, mining crypto-coins on hacked servers

The ex-Amazon engineer who allegedly stole 100 million Capital One credit applicants' personal details from AWS cloud buckets has been formally accused of swiping data from 30 other organizations.…

Categories: News

Today's Resident Evil: Ransomware crooks think local, not global, prey on schools, towns, libraries, courts, cities...

The Register - Thu, 29/08/2019 - 00:50
Small governments make up two-thirds of infection victims observed by infosec bods

Ransomware criminals have taken a particular shine to US city and state governments, infecting them with file-scrambling extorionware in hope of quick payouts.…

Categories: News

Are US border cops secretly secreting GPS trackers on vehicles without a warrant? EFF lawyers want to know

The Register - Wed, 28/08/2019 - 22:56
Uncle Sam sued by rights warriors probing claims of silent snooping on suspicious rides

The Electronic Frontier Foundation (EFF) has sued [PDF] the US Department of Homeland Security to find out more about a program where, it is claimed, officers secretly stick GPS trackers on vehicles they are suspicious of as they come through the border.…

Categories: News

Come on, hackers, do your worst ‒ Facebook opens Portal gizmo to Pwn2Own exploit fest

The Register - Wed, 28/08/2019 - 21:37
Thousands of dollars and new kit up for grabs if you can blow a hole in Zuck's video-conf gear

Facebook is opening its Portal videoconferencing hardware to hackers for the first time at the upcoming Pwn2Own Tokyo competition.…

Categories: News

Time to spin the wheel of pwnage! This week, malware can infect your…. Android set-top box!

The Register - Wed, 28/08/2019 - 12:13
IoT botnets move into the home theater market in search of low-hanging fruit

Set-top tuner boxes have become the infection vector in the spread of Internet of Things malware.…

Categories: News

Dixons hits back at McAfee's £30m antivirus sueball: Your AV didn't work on Windows 10S

The Register - Wed, 28/08/2019 - 10:00
And that's why we flirted with your nemesis Symantec, Brit retailer claims

Brit retailer Dixons has lashed back at McAfee's £30m High Court broadside, saying it was entitled to promote rival antivirus (AV) tech from Symantec if McAfee's software wouldn't work on Windows 10S devices.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News