Soviet 'Enigma' cipher machine sells for $22k at collapsed museum's exhibits auction

The Register - Wed, 17/02/2021 - 12:44
James Bond? Inspector Gadget? Yup, all here

A Soviet equivalent of Nazi Germany's Enigma cipher machine has sold for more than double its auction asking price – while a secret camera disguised as a pack of cigarettes went for nearly $20,000.…

Categories: News

Palo Alto Networks drops $156m to absorb DevSecOps firm Bridgecrew

The Register - Wed, 17/02/2021 - 11:20
Open-source stuff stays for now, company promises

Palo Alto Networks (PAN) has described its $156m buy of cloudy DevSecOps biz Bridgecrew as a "key bet" at a time when the world has never been more reliant on off-premises computing.…

Categories: News

LastPass to limit fans of free password manager to one device type only – computer or mobile – from next month

The Register - Tue, 16/02/2021 - 23:27
Cough up if you want to use it with your laptop and phone

Password manager LastPass has changed its terms and conditions to limit the free version of its code work on a single device type only per user, seemingly in an effort to force free folks into paying for its service.…

Categories: News

SHAREit app for Android said to share way too much: Billion-download code with holes no one wants to fix

The Register - Tue, 16/02/2021 - 20:25
Trend Micro claims software is full of security flaws that allow data out and malware in

Trend Micro has published a report claiming that data-sharing Android app SHAREit, which has over a billion downloads, contains multiple vulnerabilities after the app's maker ignored advice to fix the flaws.…

Categories: News

France's cyber-agency says Centreon IT management software sabotaged by Russian Sandworm

The Register - Tue, 16/02/2021 - 08:02
Web hosts infiltrated for up to three years in attack that somewhat resembles SolarWinds mess

France’s Agence nationale de la sécurité des systèmes d'information (ANSSI), the nation’s cyber-security agency, has identified a years-long campaign to infiltrate IT monitoring platform Centreon.…

Categories: News

UK watchdog fines two firms £270k for cold-calling 531,000 people who had opted out

The Register - Mon, 15/02/2021 - 15:32
Ah, the old 'liquidate your company' trick. Classic

Another month and two more British companies behind nuisance marketing calls are collectively facing a £270,000 penalty for breaking the law by calling people registered by the Telephone Preference Service (TPS).…

Categories: News

Let's Encrypt completes huge upgrade, can now rip and replace 200 million security certs in 'worst case scenario'

The Register - Mon, 15/02/2021 - 11:41
Plus: SentinelOne picks up Scalyr, fatal flaws in TCP, and a view on Supermicro

In brief  Internet Security Research Group nonprofit Let's Encrypt has massively upgraded its certification hardware and software so that it can delete and reissue all its certs in less than 24 hours.…

Categories: News

Microsoft says it found 1,000-plus developers' fingerprints on the SolarWinds attack

The Register - Mon, 15/02/2021 - 05:57
As FireEye reveals how suspicious second phone signed up for 2FA gave the game away

Microsoft president Brad Smith says the software giant’s analysis of the SolarWinds hack suggests the code behind the crack was the work of a thousand or more developers.…

Categories: News

Supermicro spy chips, the sequel: It really, really happened, and with bad BIOS and more, insists Bloomberg

The Register - Fri, 12/02/2021 - 23:28
Server maker says latest article is 'a mishmash of disparate allegations'

Following up on a disputed 2018 claim in its BusinessWeek publication that tiny spy chips were found on Supermicro server motherboards in 2015, Bloomberg on Friday doubled down by asserting that Supermicro's products were targeted by Chinese operatives for over a decade, that US intelligence officials have been aware of this, and that authorities kept this information quiet while crafting defenses in order to study the attack.…

Categories: News

Footfallcam kerfuffle: Firm apologises, promises to fix product after viral Twitter thread, infoseccer backlash

The Register - Fri, 12/02/2021 - 15:21
Accusations of grey hat infosec consultancy extortion ring drop away after El Reg intervenes

A cautionary tale about the dangers posed by affordable Internet of Things devices turned into a much more sinister story after a company threatened an infosec bod with a police report (since retracted) unless he deleted a Twitter thread highlighting shortcomings in one of its products.…

Categories: News

Apple iOS 14.5 will hide Safari users' IP addresses from Google's Safe Browsing

The Register - Fri, 12/02/2021 - 02:20
Another privacy improvement from Cupertino, just a small one

Apple's forthcoming iOS 14.5 release, currently in beta, will conceal the IP address of Safari web surfers from Google's Safe Browsing service, integrated into Safari to spot fraudulent websites.…

Categories: News

Phishing awareness gone wrong: Facebook tries to seize websites set up for staff security training

The Register - Thu, 11/02/2021 - 20:42
Antisocial network sued by Proofpoint in scrap over domain names

Security biz Proofpoint and its subsidiary Wombat Security Technologies have sued Facebook and its Instagram subsidiary to prevent the seizure of internet domain names used for security testing.…

Categories: News

Creeped-out dev spins up an Ubuntu VM on Azure only to be immediately approached by a Canonical sales rep

The Register - Thu, 11/02/2021 - 14:14
I always feel like somebody's watching me

An Azure customer has expressed outrage after finding himself on the receiving end of an unexpected LinkedIn message from Ubuntu last night.…

Categories: News

Open Source Vulnerabilities database: Nice idea but too many Google-shaped hoops to jump through at present

The Register - Thu, 11/02/2021 - 09:30
Google Cloud Platform account required, API key comes with Ts&Cs

Hands On  Google has big ambitions for its new Open Source Vulnerabilities database, but getting started requires a Google Cloud Platform account and there are other obstacles that may add friction to adoption.…

Categories: News

Miscreant admits he stole, traded victims' nude vids after guessing their passwords, security answers

The Register - Thu, 11/02/2021 - 01:00
Nicholas Faber joins accomplice Michael Fish in admitting he raided university portal for sensitive info

A college graduate has admitted hacking into the email and social media accounts of female students, stealing their nude photos and videos, and trading them with others.…

Categories: News

No joy for Julian Assange as Uncle Sam confirms it will keep pushing for WikiLeaker's extradition to America

The Register - Wed, 10/02/2021 - 23:38
Biden-era Dept of Justice forced to make call after UK judge blocks on mental health grounds

The US Dept of Justice will continue pushing for the extradition of WikiLeaks founder Julian Assange, a spokesperson confirmed on Wednesday.…

Categories: News

8 Brits arrested after probe into SIM-swapping scam targeting US celebs

The Register - Wed, 10/02/2021 - 16:15
National Crime Agency nabbed network that stole money, Bitcoin, personal data

Brit cops have cuffed eight men in England and Scotland amid a probe into SIM-swapping attacks on high-profile US targets – including sports stars, musicians, and "influencers" – that had money and personal data stolen.…

Categories: News

All grown up: Raspberry Pis running Ubuntu added to IoT patching service KernelCare

The Register - Wed, 10/02/2021 - 12:30
No downtime for major updates

CloudLinux has added the Raspberry Pi to its KernelCare patching service, although only if you're running Ubuntu.…

Categories: News

No phish for the likes of you, thank you very much! Google finds email villains are picky about demographics, country

The Register - Wed, 10/02/2021 - 09:30
Soon may the phisherman come to leave our inbox quite undone

Kind old Google has published data on targeted email attacks and dispensed advice to help users separate friend from foe.…

Categories: News

North Korean attacks on crypto exchanges reportedly netted $316m in two years

The Register - Wed, 10/02/2021 - 04:54
United Nations sanctions made silly by sloppy security

North Korean attacks on crypto exchanges reportedly netted $316m United Nations sanctions made silly by sloppy security North Korean cyber-attacks harvested $316m in cryptocurrency across 2019 and 2020, according to a report by Japan’s Nikkei.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News