Marriott's Starwood hotels mega-hack: Half a BILLION guests' deets exposed over 4 years

The Register - Fri, 30/11/2018 - 12:28
One of, but not the worst, in history

US hotel chain Marriott has admitted that a breach of its Starwood subsidiary's guest reservation network has exposed the entire database – all 500 million guest bookings over four years, making this one of the biggest hacks of an individual org ever.…

Categories: News

Q: If Pesky Pepper had a peek at patient papers, at how many patient papers did Pesky Pepper peek? A: 231

The Register - Fri, 30/11/2018 - 10:52
Bored secretary at GP fined for sneaky look at medical records

A bored trainee secretary at a GP practice has been fined for snooping on the health records of colleagues, friends and strangers.…

Categories: News

Support whizz 'fixes' screeching laptop with a single click... by closing 'malware-y' browser tab

The Register - Fri, 30/11/2018 - 07:54
Nope, no new computer for you. Move along

On Call  Welcome once more to On Call, our weekly column where Reg readers share their tales of tech support problems solved.…

Categories: News

Here's another 45,000 reasons to patch Windows systems against old NSA exploits

The Register - Fri, 30/11/2018 - 01:58
It's 2018 and UPnP is still opening up networks - this time to leaked SMB cyber-weapons

Earlier this year, Akamai warned that vulnerabilities in universal plug-and-play (UPnP) had been exploited by scumbags to hijack 65,000 home routers. Now, in follow-up research released his week, it found little has changed.…

Categories: News

GCHQ pushes for 'virtual crocodile clips' on chat apps – the ability to silently slip into private encrypted comms

The Register - Thu, 29/11/2018 - 22:31
Sliding into your DMs unnoticed, literally

Analysis  Britain's surveillance nerve-center GCHQ is trying a different tack in its effort to introduce backdoors into encrypted apps: reasonableness.…

Categories: News

Big Blue shoos Db2 blues before rogue staff turn the screws in hijack ruse (translation: patch your IBM databases)

The Register - Thu, 29/11/2018 - 21:06
Buffer overflow flaw could lead to privilege escalation

IBM is advising folks this week to check if they should update their Db2 database installations following the discovery of a potentially serious security vulnerability.…

Categories: News

Critical Zoom Flaw Lets Hackers Hijack Conference Meetings

Kapersky Labs - Thu, 29/11/2018 - 19:02
Hackers can spoof messages, hijack screen controls and kick others out of meetings.
Categories: News

Cisco Patches Critical Bug in License Management Tool

Kapersky Labs - Thu, 29/11/2018 - 16:11
The vulnerability could allow attacker to execute arbitrary SQL queries.
Categories: News

Healthcare billing biz AccuDoc 'fesses up to breach that blabbed 2.65m people's data

The Register - Thu, 29/11/2018 - 15:00
Names, addresses, social security numbers exposed

Miscreants gained access to US healthcare billing vendor AccuDoc Solutions' database for about a week in September, exposing the data of at least 2.65 million people.…

Categories: News

Hackers Breach Dunkin’ Donuts Accounts in Credential Stuffing Attack

Kapersky Labs - Thu, 29/11/2018 - 14:36
The donut giant first noticed the attack Oct. 31.
Categories: News

GCHQ opens kimono for infosec world to ogle its vuln disclosure process

The Register - Thu, 29/11/2018 - 14:25
Plus: State-backed hacks now need permission from a judge

On the same day that certain types of British state-backed hacking now need a judge-issued warrant to carry out, GCHQ has lifted the veil and given the infosec world a glimpse inside its vuln-hoarding policies.…

Categories: News

Sorry, we haven't ACLU what happened in sealed 'Facebook decryption' case, but let's find out

The Register - Thu, 29/11/2018 - 12:15
American Civil Liberties Union wants to know what govt asked for, and why court refused

The American Civil Liberties Union (ACLU) has filed a motion to find out what went on in a court case in which the US Department of Justice allegedly tried to make Facebook give it unencrypted access to Messenger calls.…

Categories: News

Symantec comes out in swinging in bitter legal battle over security bug audit conspiracy claims

The Register - Thu, 29/11/2018 - 08:03
Profit driving NSS claims of industry boycott, antivirus makers swear

Symantec says the biz that accused it of conspiring with others to avoid independent security audits is "less than honest" and driven by a "thirst for profits."…

Categories: News

Oh my chord! Sennheiser hits bum note with major HTTPS certificate cock-up

The Register - Thu, 29/11/2018 - 01:11
Audiophiles could get played like a fiddle, have their web traffic snooped by son-of-a-pitch scammers

Headphone maker Sennheiser is facing the music after being caught compromising the security of its customers.…

Categories: News

Dell Warns of Attempted Breach on Network

Kapersky Labs - Thu, 29/11/2018 - 00:03
The company said it has reset passwords for all customers.
Categories: News

What the Dell? Customer passwords reset after miscreants break into Big Mike's IT emporium

The Register - Wed, 28/11/2018 - 23:59
Round Rock insists no data actually swiped after intruder spotted on internal network

Dell is resetting all customer passwords on its website after a hacker or hackers unknown infiltrated its internal network.…

Categories: News

Microsoft Warns of Two Apps That Expose Private Keys

Kapersky Labs - Wed, 28/11/2018 - 22:22
The two apps are created by headset software company Sennheiser HeadSetup.
Categories: News

WhamWham, bambam, no thank you, SamSam: Iranians accused by the Feds of orchestrating ransomware outbreak

The Register - Wed, 28/11/2018 - 22:01
Duo raked in $6m in extortion payments after scrambling victims' files, it is claimed

US prosecutors have this week charged two people believed to be behind the notorious SamSam ransomware outbreak.…

Categories: News

ThreatList: Cryptominers Dominate Malware Growth in 2018

Kapersky Labs - Wed, 28/11/2018 - 20:02
The rise of piracy has helped drive the spike in attacks.
Categories: News

FBI Sinkholes $38M Global Ad Fraud Operation

Kapersky Labs - Wed, 28/11/2018 - 17:44
The multi-year campaign used malware and botnets to falsify billions of webpages and "site users."
Categories: News


Subscribe to Sec Tec Limited aggregator - News