News

When classes are online, how do you get out of school? Florida teen cuffed, charged after crashing cyber-lessons

The Register - Fri, 04/09/2020 - 01:06
Eight DDoS attacks targeted networks, virtual classrooms, say officials

A teenager in America has apparently admitted knocking virtual learning classes offline with a string of distributed denial-of-service (DDoS) attacks.…

Categories: News

Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin

The Register - Fri, 04/09/2020 - 00:20
Sites with WP File Manager should update ASAP – exploits in the wild

A critical vulnerability in a popular WordPress plugin called WP File Manager was spotted on Tuesday and was quickly patched by the plugin's developers.…

Categories: News

US court deems NSA bulk phone-call snooping illegal, possibly unconstitutional, and probably pointless anyway

The Register - Thu, 03/09/2020 - 16:02
Snowden, privacy campaigners cheer ruling 7 years in the making

The United States Court of Appeals for the Ninth Circuit has ruled [PDF] that the National Security Agency's phone-call slurping was indeed naughty, seven years after former contractor Edward Snowden blew the whistle on the tawdry affair.…

Categories: News

Homeland Security demands a 911 for reporting security holes in federal networks: 'Vulns in internet systems cause real-world impacts'

The Register - Thu, 03/09/2020 - 01:58
Great – and who will be the first responders?

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday ordered US federal agencies outside the defense and intelligence communities to develop a working vulnerability disclosure policy.…

Categories: News

Things are getting back to normal: Chinese hackers revert to bugging Tibetans after brief Euro campaign

The Register - Wed, 02/09/2020 - 12:30
APT phishing crew had COVID-themed fling with the west during height of pandemic, claim researchers

Malware pathologists have noted a return to "business as usual" as groups associated with Chinese state interests turned their attentions back to Tibetan matters after a European dalliance earlier this year.…

Categories: News

Samsung supremo Lee Jae-yong indicted for fraud over role in 2015 merger deal that made him heir apparent

The Register - Tue, 01/09/2020 - 13:01
Transaction 'disturbed the order of the capital market', claim Seoul prosecutors

South Korea has indicted Samsung Group vice chairman Lee Jae-yong over his role in a 2015 merger that made him heir apparent to the multinational's empire.…

Categories: News

Someone's getting a free trip to the US – well, not quite free. Brit bloke extradited to face $2m+ cyber-scam charges

The Register - Tue, 01/09/2020 - 07:01
That's certainly one way to get around COVID-19 travel restrictions

A British citizen has been extradited to the US to face charges he oversaw a series of business email compromise attacks to steal over $2m from unwary accounts departments and individuals.…

Categories: News

Critical vuln that lets miscreants hijack people's computers via Slack *sucks in air* We'll give you $1,750 for it

The Register - Mon, 31/08/2020 - 22:28
Chat app chaps, Electron security, Microsoft Teams under fire

A critical remote-code-execution vulnerability affecting past versions of the Slack desktop app was disclosed on Friday after the software maker fixed its app.…

Categories: News

Microsoft reprieves SHA-1 deprecation in Edge 85 security baseline

The Register - Mon, 31/08/2020 - 12:01
Wait! What? Aaah ... legacy systems strike again, but won't get another bite

Microsoft has published a new security baseline for Microsoft Edge and one of the new rules is titled “Allow certificates signed using SHA-1 when issued by local trust anchors.”…

Categories: News

Before you head off for the weekend, you have patched your Pulse Secure VPNs, right? Wouldn't want you to be pwned via a phishing link

The Register - Sat, 29/08/2020 - 00:49
Perl clutching time again

Stop us if you've heard this one before: a remote-code execution vulnerability needs patching in Pulse Secure VPNs.…

Categories: News

Southern Water customers could view others' personal data by tweaking URL parameters

The Register - Fri, 28/08/2020 - 12:40
A quick lesson in how not to deploy Sharepoint as a 'my account' file retrieval system

Southern Water - British supplier of the liquid of life - botched its internal Sharepoint implementation so badly that a customer was able to view other people’s account details.…

Categories: News

BeagleBoyz: 2020's hottest country-rap band, or N. Korea hackers stealing millions. Only one way to find out...

The Register - Fri, 28/08/2020 - 02:36
...read the article, of course

North Korean government hackers dubbed the BeagleBoyz are trying to electronically rob banks, the United States warned this week.…

Categories: News

'My wife tried to order some clothes tonight. When she logged in, she was in someone else’s account ... Now someone's charged <i>her</i> card'

The Register - Thu, 27/08/2020 - 07:05
Register readers tell of the moment online fashion souk started leaking strangers' details at random

"At the moment some stranger is in her account as they keep adding things to her basket and she keeps taking them out."…

Categories: News

DDoS downs New Zealand stock exchange for third consecutive day

The Register - Thu, 27/08/2020 - 06:28
So much for NZ as the last refuge of civilisation

New Zealand’s stock exchange (NZX) has closed for a third day thanks to a distributed denial-of-service (DDoS) attack.…

Categories: News

Forget your space-age IT security systems. It might just take a $1m bribe and a willing employee to be pwned

The Register - Wed, 26/08/2020 - 21:56
Russian charged with trying to bung staffer cash to infect own bosses' network during DDoS distraction

A Russian citizen is accused of flying to America to bribe a Nevada company employee to infect their bosses' IT network with malware.…

Categories: News

Here's a neat exploit to trick someone into inadvertently emailing their files to you from their Mac, iPhone via Safari

The Register - Wed, 26/08/2020 - 20:21
Speaking purely hypothetically, of course

Pawel Wylecial, a security consultant with Redteam.pl, has published a proof-of-concept exploit for stealing files from iOS and macOS devices via web application code that utilizes the Web Share API.…

Categories: News

Researchers shine light on hackers-for-hire op that hit estate agent with malicious plugin for Autodesk 3ds Max

The Register - Wed, 26/08/2020 - 17:30
Attackers aimed to steal pics, vids, and compressed files

A hacker crew targeted a luxury estate agency involved in multimillion-pound property deals by deploying malicious plugins for 3D design software Autodesk 3ds Max as part of a potential hacks-for-hire operation.…

Categories: News

US election 2020: The disinfo operations have evolved, but so have state governments

The Register - Wed, 26/08/2020 - 14:03
Officials are better prepared for meddling – so attackers have had to rely on mental games

With the United States set to undertake its first Presidential election since the Russian-tinged 2016 race, state governments and social networks are upping their game.…

Categories: News

Impersonating users of 'protest' app Bridgefy was as simple as sniffing Bluetooth handshakes for identifiers

The Register - Tue, 25/08/2020 - 17:27
University of London researchers poked around in 'secure' messaging platform, but didn't like what they found

An instant messaging app whose creators promoted it as secure and end-to-end encrypted was in fact no such thing, according to researchers at Royal Holloway.…

Categories: News

Be very afraid! British Army might scrap battle tanks for keyboard warriors – report

The Register - Tue, 25/08/2020 - 15:25
Before you go all Colonel Blimp, remember it's budget-setting season

The British Army is looking at ditching its tank regiments and spending the money on keyboard warriors instead, according to reports.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News