News

Penn State pays DoJ $1.25M to settle cybersecurity compliance case

The Register - Thu, 24/10/2024 - 00:29
Fight On, State? Not this time

Pennsylvania State University has agreed to pay the Justice Department $1.25 million to settle claims of misrepresenting its cybersecurity compliance to the federal government and leaving sensitive data improperly secured. …

Categories: News

Warning! FortiManager critical vulnerability under active attack

The Register - Wed, 23/10/2024 - 23:47
Security shop and CISA urge rapid action

Fortinet has gone public with news of a critical flaw in its software management platform.…

Categories: News

'Satanic' data thief claims to have slipped into 350M Hot Topic shoppers info

The Register - Wed, 23/10/2024 - 21:30
We know where you got your skinny jeans - big deal

A data thief calling themselves Satanic claims to have purloined the records of around 350 million customers of fashion retailer Hot Topic.…

Categories: News

Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch

The Register - Wed, 23/10/2024 - 20:30
Plus, a POC to make it extra easy for attackers

A Microsoft SharePoint bug that can allow an attacker to remotely inject code into vulnerable versions is under active exploitation, according to the US Cybersecurity and Infrastructure Security Agency (CISA).…

Categories: News

Millions of Android and iOS users at risk from hardcoded creds in popular apps

The Register - Wed, 23/10/2024 - 01:31
Azure Blob Storage, AWS, and Twilio keys all up for grabs

An analysis of widely used mobile apps offered on Google Play and the Apple App Store has found hardcoded and unencrypted cloud service credentials, exposing millions of users to major security problems.…

Categories: News

US lawmakers push DoJ to prosecute tax prep firms for leaking taxpayer data to big tech

The Register - Tue, 22/10/2024 - 23:31
TaxSlayer, H&R Block, TaxAct, and Ramsey Solutions accused of sharing info with Meta and Google

A quartet of lawmakers have penned a letter to the Department of Justice asking it to prosecute tax preparation companies for sharing customer data, including tax return information, with Meta and Google.…

Categories: News

TSMC blows whistle on potential sanctions-busting shenanigans from Huawei

The Register - Tue, 22/10/2024 - 18:45
Chip giant tells Uncle Sam someone could be making orders on the sly

TSMC has reportedly tipped off US officials to a potential attempt by Huawei to circumvent export controls and obtain AI chips manufactured by the Taiwanese company.…

Categories: News

VMware fixes critical RCE, make-me-root bugs in vCenter - for the second time

The Register - Tue, 22/10/2024 - 18:02
If the first patches don't work, try, try again

VMware has pushed a second patch for a critical, heap-overflow bug in the vCenter Server that could allow a remote attacker to fully compromise vulnerable systems after the first software update, issued last month, didn't work.…

Categories: News

Tech firms to pay millions in SEC penalties for misleading SolarWinds disclosures

The Register - Tue, 22/10/2024 - 17:31
Unisys, Avaya, Check Point, and Mimecast settled with the agency without admitting or denying wrongdoing

Four high-profile tech companies reached an agreement with the Securities and Exchange Commission to pay millions of dollars in penalties for misleading investors about their exposure to the 2020 SolarWinds hack.…

Categories: News

Akira ransomware is encrypting victims again following pure extortion fling

The Register - Tue, 22/10/2024 - 16:31
Crooks revert to old ways for greater efficiency

Experts believe the Akira ransomware operation is up to its old tricks again, encrypting victims' files after a break from the typical double extortion tactics.…

Categories: News

Pixel perfect Ghostpulse malware loader hides inside PNG image files

The Register - Tue, 22/10/2024 - 06:30
Miscreants combine it with an equally tricky piece of social engineering

The Ghostpulse malware strain now retrieves its main payload via a PNG image file's pixels. This development, security experts say, is "one of the most significant changes" made by the crooks behind it since launching in 2023.…

Categories: News

China’s Spamouflage cranks up trolling of US Senator Rubio as election day looms

The Register - Mon, 21/10/2024 - 23:30
Note to Xi: Marco and Ted Cruz aren't the same person

China's Spamouflage disinformation crew has been targeting US Senator Marco Rubio (R-Florida) with its fake news campaigns over the past couple of months, trolling the Republican lawmaker's official X account and posting negative stories about Rubio on Reddit and Medium.…

Categories: News

Sophos to snatch Secureworks in $859M buyout: Why fight when you can just buy?

The Register - Mon, 21/10/2024 - 22:30
Private equity giant Thoma Bravo adds another trophy to its growing collection

British security biz Sophos has announced a plan to gobble up competitor Secureworks in an $859 million deal that will make Dell happy.…

Categories: News

The billionaire behind Trump's 'unhackable' phone is on a mission to fight Tesla's FSD

The Register - Mon, 21/10/2024 - 20:30
Dan O'Dowd tells El Reg about the OS secrets and ongoing clash with Musk

Interview  This month, presidential hopeful Donald Trump got a tool in his arsenal, some allegedly "unhackable" communications kit, and The Register has talked to the man behind the operating system, who also ran for the US Senate on a campaign to get self-driving Teslas off the road and is on something of a crusade about the matter.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News