News

UK Defence Committee probe into national security threat of Huawei sure to uncover lots of new and original insights

The Register - Mon, 09/03/2020 - 15:53
Are they? Aren't they? Will they? Won't they? Yes, no, kind of, a bit

UK Parliament's Defence Committee is to open an investigation into 5G and Huawei with a special focus on national security concerns.…

Categories: News

Spyware maker NSO runs scared from Facebook over WhatsApp hacking charges, fails to show up in court

The Register - Mon, 09/03/2020 - 11:39
Meanwhile, Broadcom and Symantec have merger woes

Roundup  It's that time again – the week's security news in digestible chunks beyond what we've already covered. Let's get into it.…

Categories: News

UK.gov is not sharing Brits' medical data among different agencies... but it's having a jolly good think about it

The Register - Mon, 09/03/2020 - 11:10
Ministry of Fun under pressure to admit it's going to happen

Who'd be a head of data policy for the British government? You spend all your time talking about data transparency, but it is so hard to be transparent.…

Categories: News

Check Point chap: Small firms don't invest in infosec then hope they won't get hacked. Spoiler alert: They get hacked

The Register - Mon, 09/03/2020 - 10:00
One vendor's security controls aren't enough, says Dan Riley

Interview  "I don't want to have a job any more," said Check Point's Dan Wiley, sitting in a fashionably nondescript London coffee shop. "I don't want to have to do my job. It means that we failed."…

Categories: News

Don't be fooled, experts warn, America's anti-child-abuse EARN IT Act could burn encryption to the ground

The Register - Fri, 06/03/2020 - 22:17
Wait, a proposed law tackling the sexual abuse of kids and they name it... the EARN IT Act? Seriously?

On Thursday, a bipartisan group of US senators introduced legislation with the ostensible purpose of combating child sexual abuse material (CSAM) online – at the apparent cost of encryption.…

Categories: News

FYI: When Virgin Media said it leaked 'limited contact info', it meant p0rno filter requests, IP addresses, IMEIs as well as names, addresses and more

The Register - Fri, 06/03/2020 - 21:03
Infosec biz that found the database spill raises eyebrow at UK ISP's advisory to subscribers

A Virgin Media server left facing the public internet contained more than just 900,000 people's "limited contact information" as the Brit cable giant's CEO put it yesterday.…

Categories: News

UK spy auditor gives state snoops a big pat on the back for job well done – except MI5

The Register - Fri, 06/03/2020 - 19:44
Domestic intel agency's cloud server continues to get them into hot water

The UK's spy agency auditor has given public sector snoopers a clean bill of health – except for domestic surveillance specialists MI5, whose cloud data storage blunder is still under investigation.…

Categories: News

NordVPN quietly plugged vuln where an HTTP POST request without authentication would return detailed customer data

The Register - Fri, 06/03/2020 - 13:21
Fiddle with some numbers and voila

A vulnerability in NordVPN's payments platform allowed anyone to view users' payment information and email addresses, a startling HackerOne entry has revealed.…

Categories: News

More than a billion hopelessly vulnerable Android gizmos in the wild that no longer receive security updates – research

The Register - Fri, 06/03/2020 - 11:30
Consumer mag Which? calls for manufacturers to be open about how long they will support devices

File this one under "well, duh." Consumer mag Which? today published research estimating that over a billion Android devices are vulnerable to hackers and malware as they are not receiving security updates.…

Categories: News

Like a Virgin, hacked for the very first time... UK broadband ISP spills 900,000 punters' records into wrong hands from insecure database

The Register - Thu, 05/03/2020 - 23:59
Contact info and more, perfect for phishing

Virgin Media, one of the UK's biggest ISPs, on Thursday admitted it accidentally spilled 900,000 of its subscribers' personal information onto the internet via a poorly secured database.…

Categories: News

Android users, if you could pause your COVID-19 panic buying for one minute to install these critical security fixes, that would be great

The Register - Thu, 05/03/2020 - 22:35
MediaTek chipset flaw already exploited in the wild

Google has emitted its latest monthly batch of Android security fixes, addressing a total of 70 CVE-listed vulnerabilities.…

Categories: News

Let's Encrypt: OK, maybe nuking three million HTTPS certs at once was a tad ambitious. Let's take time out

The Register - Thu, 05/03/2020 - 20:58
Online security initiative halts hurried purge to accommodate reality

Let's Encrypt has halted its plans to cancel all three million flawed web security certificates – after fearing the super-revocation may effectively break a chunk of the internet for netizens.…

Categories: News

Staffer emails compromised and customer details exposed in T-Mobile US's third data whoopsie in as many years

The Register - Thu, 05/03/2020 - 19:00
And there it is – exactly what telco was fretting over in FY'19 results

US telco giant T-Mobile has suffered an attack that could have spaffed customer information far and wide.…

Categories: News

'Unfixable' boot ROM security flaw in millions of Intel chips could spell 'utter chaos' for DRM, file encryption, etc

The Register - Thu, 05/03/2020 - 14:00
Although exploitation is like shooting a lone fish in a tiny barrel 1,000 miles away

A slit in Intel's security – a tiny window of opportunity – has been discovered, and it's claimed the momentary weakness could be one day exploited to wreak "utter chaos."…

Categories: News

Enable that MF-ing MFA: 1.2 million Azure Active Directory accounts compromised every month, reckons Microsoft

The Register - Thu, 05/03/2020 - 11:30
'Really high number' could be fixed by using multi-factor authentication

Microsoft reckons 0.5 per cent of Azure Active Directory accounts as used by Office 365 are compromised every month.…

Categories: News

Sadly, the web has brought a whole new meaning to the phrase 'nothing is true; everything is permitted'

The Register - Thu, 05/03/2020 - 10:00
Well, isn't this a lovely paranoid bed we've made for ourselves

Column  "Hey there," the message begins. Out of the blue over Skype, someone I hadn't communicated with in nearly a year reaches out.…

Categories: News

Time to limber up in the battle against cybercriminals

The Register - Thu, 05/03/2020 - 07:00
Building a culture of security

Sponsored  Ask anyone in IT what it is that keeps them awake at night and most will probably reply “security”. Drill down into what specifically worries them and you’ll probably discover that it’s not the technology part but, rather, how to get the workforce to take security more seriously.…

Categories: News

Alleged Vault 7 leaker trial finale: Want to know the CIA's password for its top-secret hacking tools? 123ABCdef

The Register - Thu, 05/03/2020 - 00:47
Tales of terrible security, poor compartmentalization, and more, emerge from the Schulte hearings

Analysis  The fate of the man accused of leaking top-secret CIA hacking tools – software that gave the American spy agency access to targets' phones and computer across the world – is now in the hands of a jury. And, friend, do they have their work cut out for them.…

Categories: News

Download this update from mybrowser.microsoft.com. Oh, sorry, that was malware on a hijacked sub-domain. Oops

The Register - Wed, 04/03/2020 - 19:04
Lax DNS leaves door wide open for miscreants to impersonate Windows giant on its own websites

If you saw a link to mybrowser.microsoft.com, would you have trusted it? Downloaded and installed an Edge update from it? How about identityhelp.microsoft.com to change your password?…

Categories: News

If Tesco was breached, your data could be being flogged for just £2.70 – research

The Register - Wed, 04/03/2020 - 16:30
600,000 Clubcards at risk earlier this week, said supermarket

Data stolen from Tesco clubcards could be resold for just £2.70 a pop, reckons a price comparison website that appears to have strayed into the dark web.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News