North Korean hackers pwned cryptocurrency sysadmin with GDPR-themed LinkedIn lure, says F-Secure

The Register - Tue, 25/08/2020 - 10:25
Click here to enable your rights... ha, GOTCHA!

Infosec biz F-Secure has uncovered a North Korean phishing campaign that targeted a sysadmin with a fake Linkedin job advert using a General Data Protection Regulation (GDPR) themed lure.…

Categories: News

The Viking Snowden: Denmark spy chief 'relieved of duty' after whistleblower reveals illegal snooping on citizens

The Register - Tue, 25/08/2020 - 08:03
Whereas in America spy chiefs retire on full pensions, hit the chat show circuit

Denmark’s top foreign intelligence chief has been suspended for spying on Danish citizens illegally for up to six years after a whistleblower released a trove of documents to government regulators.…

Categories: News

Canadian shipping company Canpar gets an unwanted delivery – ransomware

The Register - Mon, 24/08/2020 - 11:15
Meanwhile, Gmail finally deals with a 'confused mailman' problem

In brief  It has not been a good week for major Canadian shipping company Canpar Express.…

Categories: News

Bletchley Park Trust can’t crack COVID-caused revenue slump without losing staff

The Register - Mon, 24/08/2020 - 05:57
Plans 35 job losses and even a reduction in IT spend

The Bletchley Park Trust, the host of Britain’s National Museum of Computing and the site of critical feats of wartime code-cracking, has hit financial strife and expects to lay off around a third of its staff.…

Categories: News

Utes gotta be kidding me... University of Utah handed $457K to ransomware creeps

The Register - Fri, 21/08/2020 - 20:28
'After careful consideration' uni decided to pay up using its insurance policy

The University of Utah has admitted to handing over a six-figure pile of cash to scumbags to undo a ransomware infection during which student and staff information was stolen by hackers.…

Categories: News

CREST exam cheat-sheet scandal: New temp chairman at UK infosec body as lawyers and ex-copper get involved

The Register - Fri, 21/08/2020 - 16:10
Plus: Sources showed us some of what was in that Dropbox leak

British infosec accreditation body CREST has appointed an ex-police officer to investigate the NCC Group exam cheat-sheet scandal as its chairman temporarily steps aside.…

Categories: News

Shared memory vulnerability in IBM's Db2 database could let nefarious insiders wreak havoc – so get patching

The Register - Fri, 21/08/2020 - 14:38
Lack of protections around trace facility gives local users read and write access

A bug-hunter has uncovered a vulnerability in IBM's popular enterprise database which, if left unpatched, could allow a local user to access data and kick off a denial-of-service attack.…

Categories: News

Physical locks are less hackable than digital locks, right? Maybe not: Boffins break in with a microphone

The Register - Fri, 21/08/2020 - 10:31
On the other hand, security of cloud-controlled locks 'quite horrifying' say 'cyber-physical' engineers

A computer scientist at the National University of Singapore claims to have demonstrated how recording the sound of a lock turning can be sufficient to make working replica keys.…

Categories: News

Ex-Uber chief security officer charged, accused of concealing a crime by paying hush money to hackers

The Register - Fri, 21/08/2020 - 00:27
Say it ain't Joe?

As Uber's chief security officer, Joe Sullivan broke the law as he bribed hackers with hush money after they stole millions of people's details from company databases, prosecutors say.…

Categories: News

Experian says it recovered and deleted data on 24 million South Africans after giving it to random 'marketing' person

The Register - Thu, 20/08/2020 - 16:20
Credit giant admits to handing over info after 'fraudulent data enquiry'

Credit reference agency Experian has suffered what it somewhat understatedly described as a "data breach" after the firm itself transferred the details of 24 million South Africans to one individual.…

Categories: News

Warehouse management software biz SnapFulfil hit by ransomware: It's not just the big dogs getting KO'd

The Register - Thu, 20/08/2020 - 13:00
I get knocked down, but I get up again... eventually

A UK cloud-based warehouse management software provider was struck by ransomware earlier this week.…

Categories: News

Sloppy string sanitization sabotages system security of millions of Java-powered 3G IoT kit: Patch me if you can

The Register - Thu, 20/08/2020 - 11:02
IBM's X-Force Red X-reveals X-flaw in Thales X-wireless X-module X-thing

A vulnerability in Thales' Cinterion EHS8 M2M module, a Java-powered embedded 3G system used in millions of Internet-of-Things devices for connectivity, was revealed yesterday by IBM's X-Force Red.…

Categories: News

Thanks for the memories... now pay up or else: Maze ransomware crew claims to have hacked SK hynix, leaks '5% of stolen files'

The Register - Thu, 20/08/2020 - 01:27
More expected to leak unless extortionists are paid off

The Maze hacker gang claims it has infected computer memory maker SK hynix with ransomware and leaked some of the files it stole.…

Categories: News

Floating COVID incubation tank becomes data-leaking ransomware rust bucket

The Register - Wed, 19/08/2020 - 10:28
Carnival admits to intrusion and download of personal data booty

The cruise ship industry is all but shuttered worldwide because the floating hotels are a great way to contract coronavirus. And now the industry's biggest player, Carnival Corporation, has also come down with a case of ransomware.…

Categories: News

Trusting OpenPGP and S/Mime with your email secrets? Depending on your mail client, you might want to rethink that

The Register - Wed, 19/08/2020 - 08:03
Encryption's solid yet that's not the whole story by a long chalk

Boffins testing the security of OpenPGP and S/MIME, two end-to-end encryption schemes for email, recently found multiple vulnerabilities in the way email client software deals with certificates and key exchange mechanisms.…

Categories: News

US senators: WikiLeaks 'likely knew it was assisting Russian intelligence influence effort' in 2016 Dem email leak

The Register - Tue, 18/08/2020 - 22:51
And: 'Putin ordered the Russian effort to hack computer networks' to help Donald Trump win White House race

The 2016 hacking of the Democratic Party's email system – and subsequent leaking of its messages – was personally ordered by Vladimir Putin and aided by Julian Assange, according to the US Senate Select Committee on Intelligence.…

Categories: News

Please stop hard-wiring AWS credentials in your code. Looking at you, uni COVID-19 track-and-test app makers

The Register - Mon, 17/08/2020 - 22:59
In America, student schools you!

Albion College has a plan for students to return safely to campus this fall amid the COVID-19 coronavirus pandemic. It involves being tracked by an app that, at least until a few days ago, appears to have been insecure.…

Categories: News

CREST cancels UK infosec accreditation exams after fresh round of 'cheat sheets' are leaked online

The Register - Mon, 17/08/2020 - 18:10
Oof moment for industry body as tests halted for a month

Exclusive  British infosec accreditation body CREST has suspended all of its accreditation exams after The Register revealed a published cache of files including what appeared to be internal exam sheets as well as docs apparently tied to key industry player NCC Group.…

Categories: News

Reply-All storm sparked by student smut sees school system shut down Google Classroom for up to a week

The Register - Mon, 17/08/2020 - 09:56
Astoundingly naughty students are your new case study on how not to manage personal device access to SaaS

94 Australian public schools will be without email for up to a week after students responded to mistaken use of a mailing list with horrible content, which in turn sparked a Reply-All storm that asked for the circulation of email nasties to stop.…

Categories: News

Feds seize 'largest ever' haul of crypto-dosh from terrorists – including coins from 'fake' pandemic mask web store

The Register - Mon, 17/08/2020 - 07:20
Plus: Someone's gunning for Mac developers

In brief  The US Department of Justice said a combined operation has led to its largest seizure of terrorist-owned cryptocurrency, taking around $2m (£1.5m) from Hamas’s military wing, al-Qaeda, and Islamic State of Iraq and the Levant (ISIS).…

Categories: News


Subscribe to Sec Tec Limited aggregator - News