US treasury whips up sanctions for crypto mixer Tornado Cash

The Register - Tue, 09/08/2022 - 00:00
Being the money launderer for North Korea’s Lazarus Group comes at a price

The US Treasury Department is levying sanctions against Tornado Cash, a notorious cryptocurrency mixer that it says has been used by threat groups like ransomware gang Lazarus to launder stolen digital assets.…

Categories: News

Twilio customer data exposed after its staffers got phished

The Register - Mon, 08/08/2022 - 18:45
Comms giant says several other firms targeted in 'sophisticated attack'

Twilio confirmed a breach of the communication giant's network and accessed "a limited number" of customer accounts after tricking some employees into falling for a phishing attack.…

Categories: News

Microsoft tightens Edge security for less visited websites

The Register - Mon, 08/08/2022 - 18:15
We're pretty sure that doesn't mean it's safe to click on sketchy popups

Microsoft wants to make it safer for Edge users to browse and visit unfamiliar websites by automatically applying stronger security settings.…

Categories: News

Slack leaked hashed passwords from its servers for years

The Register - Mon, 08/08/2022 - 12:45
Users who created shared invitation links for their workspace had login details slip out among encrypted traffic

Did Slack send you a password reset link last week? The company has admitted to accidentally exposing the hashed passwords of workspace users.…

Categories: News

Dark Utilities C2 service draws thousands of cyber criminals

The Register - Mon, 08/08/2022 - 07:31
Nascent platform provides miscreants an easier and cheaper way to launch remote access, DDoS, and other attacks

A platform that makes it easier for cyber criminals to establish command-and-control (C2) servers has already attracted 3,000 users since launching earlier this year, and will likely expand its client list in the coming months.…

Categories: News

DuckDuckGo says Hell, Hell, No to those Microsoft trackers after web revolt

The Register - Sat, 06/08/2022 - 20:41
Plus: That Twitter privacy leak, scammers send Ubers for victims, critical flaw in Cisco gear, and more

In brief  DuckDuckGo has finally mostly cracked down on the third-party Microsoft tracking scripts that got the alternative search engine into hot water earlier this year.…

Categories: News

Hi, I'll be your ransomware negotiator today – but don't tell the crooks that

The Register - Sat, 06/08/2022 - 09:19
What it's like bargaining with criminals ... and advising clients suffering their worst day yet

Interview  The first rule of being a ransomware negotiator is that you don't admit you're a ransomware negotiator — at least not to LockBit or another cybercrime gang. …

Categories: News

Nomad to crypto thieves: Please give us back 90%, keep 10% as a reward. Deal?

The Register - Fri, 05/08/2022 - 20:43
The Feds may see things differently

Cryptocurrency bridge Nomad sent a message to the looters who drained nearly $200 million in tokens from its coffers earlier this week: return at least 90 percent of the ill-gotten gains, keep 10 percent as a bounty for discovering the security flaw, and Nomad will consider this a "white-hat" hack, as opposed to plain old theft, and not take legal action.…

Categories: News

Warning! Critical flaws found in US Emergency Alert System

The Register - Fri, 05/08/2022 - 19:05
DEF CON may be about to blow lid off security hole

The US government is warning of critical vulnerabilities in its Emergency Alert System (EAS) systems that, if exploited, could enable intruders to send fake alerts out over television, radio, and cable networks.…

Categories: News

Critical flaws found in four Cisco SMB router ranges – for the second time this year

The Register - Fri, 05/08/2022 - 07:57
At least Switchzilla thinks they're salvageable, unlike the boxes it ordered binned back in June

Cisco has revealed four of its small business router ranges have critical flaws – for the second time in 2022 alone.…

Categories: News

Bloke robbed of $800,000 in cryptocurrency by fake wallet app wants payback from Google

The Register - Fri, 05/08/2022 - 00:45
I got played via the Play store

Last October, California resident Jacob Pearlman downloaded an Android version of a cryptocurrency wallet app called Phantom from the Google Play app store.…

Categories: News

Taiwanese military reports DDoS in wake of Pelosi visit

The Register - Thu, 04/08/2022 - 13:23
Controversial visit to Taiwan continues to reverberate through cyberspace, the real world, and the semiconductor industry

Taiwan's Ministry of National Defense confirmed it was hit by a DDoS attack on Wednesday in what has been an eventful week for the island nation, US-Sino relations, and semiconductors.…

Categories: News

India scraps data protection law in favor of better law coming … sometime

The Register - Thu, 04/08/2022 - 07:58
Tech giants and digital rights groups didn't like it, but at least it was a law

The government of India has scrapped the Personal Data Protection Bill it's worked on for three years, and announced it will – eventually – unveil a superior bill.…

Categories: News

Student crashes Cloudflare beta party, redirects email, bags a bug bounty

The Register - Thu, 04/08/2022 - 07:31
Simple to exploit, enough to pocket $3,000

A Danish ethical hacker was able to work his way uninvited into a closed Cloudflare beta and found a vulnerability that could have been exploited by a cybercriminal to hijack and steal someone else's email.…

Categories: News

UK Parliament bins its TikTok account over China surveillance fears

The Register - Thu, 04/08/2022 - 06:58
Plan to educate the children turned out to be a 'won't someone think of the children?' moment

The UK's Parliament has ended its presence on TikTok after MPs pointed out the made-in-China social media service probably sends data about its users back to Beijing.…

Categories: News

Solana, Phantom blame Slope after millions in crypto-coins stolen from 8,000 wallets

The Register - Thu, 04/08/2022 - 04:26
SOL holders literally S.O.L.

Millions of dollars worth of Solana cryptocurrency and other tokens were stolen from seemingly thousands of netizens this week by thieves exploiting some kind of security weakness or blunder.…

Categories: News

Microsoft widens enterprise access to its threat intelligence pool

The Register - Wed, 03/08/2022 - 22:31
Organizations can be more proactive in tracking threats, finding holes in their protection

Microsoft says it will give enterprise security operation centers (SOCs) broader access to the massive amount of threat intelligence it collects every day.…

Categories: News

Ex-T-Mobile US store owner phished staff, raked in $25m from unlocking phones

The Register - Wed, 03/08/2022 - 21:17
That's just the tip of the iceberg – and now he faces potentially years in the clink

A now-former T-Mobile US store stole at least 50 employees' work credentials to run a phone unlocking and unblocking service that prosecutors said netted $25 million.…

Categories: News

Sonatype shines light on typosquatting ransomware threat in PyPI

The Register - Wed, 03/08/2022 - 18:15
It's all fun and games until somebody gets their files encrypted

Miscreants making use of typosquatting are being spotted by researchers at Sonatype, emphasizing the need to check that the package is really the one you meant to download.…

Categories: News

You can’t choose when you’ll be hit by ransomware, but you can choose how you prepare

The Register - Wed, 03/08/2022 - 16:46
Without a road to recovery, you’re just going to be roadkill

Sponosred Feature  What sort of disaster would you rather prepare for? Hurricanes are destructive, but you know when one's coming, giving you time to take defensive action. Earthquakes vary in their destructive power, but you never know when they're going to hit, meaning your ability to recover after the impact is critical.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News