Microsoft Patches Two Win32k Bugs Under Active Attack

Kapersky Labs - Tue, 12/03/2019 - 20:52
Microsoft's March Patch Tuesday updates include 64 fixes, 17 of which are rated critical.
Categories: News

Yelp-for-MAGAs app maker is warned there are holes in its code. Does it A. Just fix the problem, or B. Threaten to call the FBI, too?

The Register - Tue, 12/03/2019 - 20:43
Or C. It's all a libtard plot?

A developer specializing in mobile apps for US conservatives is under fire for threatening to call the Feds on someone who reported security shortcomings in its software.…

Categories: News

ThreatList: Phishing Attacks Doubled in 2018

Kapersky Labs - Tue, 12/03/2019 - 19:48
Scammers used both older, tested-and-true phishing tactics in 2018 - but also newer tricks, such as fresh distribution methods, according to a new report.
Categories: News

Swiss electronic voting system like... wait for it, wait for it... Swiss cheese: Flaw found in public source code audit

The Register - Tue, 12/03/2019 - 19:20
Hey, at least it was discovered, eventually, and fixed – which is the whole point

The Swiss Federal Chancellery (SFC) on Tuesday said security researchers have found an fascinating flaw in the Swiss Post's e-voting system as part of an ongoing penetration test.…

Categories: News

ProtonMail back up in Russia after regime chokes access over 'terrorist activity'

The Register - Tue, 12/03/2019 - 17:40
Service says that's ерунда

ProtonMail is "back to running normally in Russia now" after the country blocked access to the encrypted email service, claiming that students at a sports competition were using it to spread anti-regime propaganda.…

Categories: News

Raiding party! UK's ICO drops in unannounced on couple of dodgy-dialling dirtbag outfits

The Register - Tue, 12/03/2019 - 15:25
Data protection police come a-knocking. 'Put your computers and docs in the facking bag!'

The UK's data protection watchdog today raided two businesses suspected of making millions of nuisance calls.…

Categories: News

Unpatched Windows Bug Allows Attackers to Spoof Security Dialog Boxes

Kapersky Labs - Tue, 12/03/2019 - 15:09
Microsoft won't be patching the bug, but a proof of concept shows the potential for successful malware implantation.
Categories: News

Adobe Patches Critical Photoshop, Digital Edition Flaws

Kapersky Labs - Tue, 12/03/2019 - 14:53
Adobe fixed two arbitrary code execution flaws in its Photoshop and Digital Edition products.
Categories: News

Reg webinar: Tune in for some knowledge on how to become an effective leader in IT security

The Register - Tue, 12/03/2019 - 14:35
The benefits of pragmatism

Promo  With companies of all sizes anxious to protect themselves from the growing danger of cyberattacks, what does it take to reach a leading role in the security field?…

Categories: News

Hey Insiders! DTrace can now run riot in Windows 10, if you really want it to

The Register - Tue, 12/03/2019 - 14:17
Open-source debugger takes to the stage in OS's next release

Windows 10 has been tweaked to let devs enjoy the delights of DTrace while chasing down pesky bugs.…

Categories: News

The Handmaid's Tale or Man-made Fail? Exposed DB of 'BreedReady' women probably not as bad as it sounds

The Register - Mon, 11/03/2019 - 19:43
Dystopian forced pregnancy scenarios likely a figment of Western media biases

An unprotected MongoDB database of 1.8 million women in China has been taken offline after drawing media attention for the inclusion of a data field designating whether the women are "BreedReady."…

Categories: News

Researcher Claims Iranian APT Behind 6TB Data Heist at Citrix

Kapersky Labs - Mon, 11/03/2019 - 19:31
IRIDIUM is an APT that uses proprietary techniques to bypass two-factor authentication for critical applications, according to security firm Resecurity.
Categories: News

Google Patches Critical Bluetooth RCE Bug

Kapersky Labs - Mon, 11/03/2019 - 19:14
In all, Google reported 45 bugs in its March update with 11 ranked critical and 33 rated high.
Categories: News

Forrester: Ransomware Set to Resurge As Firms Pay Off Attacks

Kapersky Labs - Mon, 11/03/2019 - 17:44
In this video, Josh Zelonis, senior analyst at Forrester Research, discusses the next great security threats to enterprises.
Categories: News

NASA's crap infosec could be 'significant threat' to space ops

The Register - Mon, 11/03/2019 - 16:23
Inspectors not happy with stagnant security practices

NASA's Office of the Inspector General has once again concluded the American space agency's tech security practices are "not consistently implemented".…

Categories: News

Hapless engineers leave UK cable landing station gate open, couple of journos waltz right in

The Register - Mon, 11/03/2019 - 15:40
Infosec skills are useful. But so are locked doors

Journalists were able to bimble into a UK cable landing station almost completely unchallenged after security gates were left open and unlocked.…

Categories: News

Facebook Alleges Two Ukrainians Scraped Data From 63K Profiles

Kapersky Labs - Mon, 11/03/2019 - 14:51
Facebook is suing two Ukrainian men who were able to scrape data from 63,000 users' profiles by enticing users to download a malicious browser extension.
Categories: News

Just a reminder: We're still bad at securing industrial controllers

The Register - Mon, 11/03/2019 - 13:30
Moxa boxes caught using plain text passwords and insecure web apps

Bug hunters have discovered yet another set of flaws in industrial control systems used by electric utilities, oil and gas companies, and shipping and transportation providers.…

Categories: News

Freelance devs: Oh, you wanted the app to be secure? The job spec didn't mention that

The Register - Mon, 11/03/2019 - 06:14
Boffins find pros-for-hire no better at writing secure code than compsci beginners

Freelance developers hired to implement password-based security systems do so about as effectively as computer science students, which is to say not very well at all.…

Categories: News

RSA Conference 2019: The Expanding Automation Platform Attack Surface

Kapersky Labs - Sat, 09/03/2019 - 13:00
Hacking into smart homes is becoming increasingly easy and a great way to steal victims' personal information, Trend Micro said at RSA 2019.
Categories: News


Subscribe to Sec Tec Limited aggregator - News