No, GitHub's source code wasn't hacked and posted on GitHub, says GitHub CEO

The Register - Thu, 05/11/2020 - 07:57
Nat Friedman says site will make it harder to impersonate unsigned commits

GitHub’s CEO has denied that the site’s source code was posted to GitHub.…

Categories: News

Proofpoint survey: IT security leaders worry about and are ill-prepared to defeat cyber-attacks

The Register - Thu, 05/11/2020 - 07:30
Remote workers are now the perimeter

Sponsored  IT security leaders say they are ill-prepared for a cyber attack and believe that human error and a lack of security awareness are major risk factors for their organisations, according to a series of reports and surveys from cybersecurity vendor Proofpoint. But there are some marked variations in both the rates and the types of cyber attack between the regions surveyed.…

Categories: News sounds pretty important, right? Wrong: USA says it’s an Iranian fake news front

The Register - Thu, 05/11/2020 - 06:57
So it’s been seized, along with a bunch of other sites, with Cloudflare accounts providing critical evidence

On US presidential election day, November 3rd, the Nation’s Federal Bureau of Investigation acted to seize 27 domains it says Iran used to conduct disinformation campaigns.…

Categories: News

Revamped DLL side-load attack hits Myanmar

The Register - Thu, 05/11/2020 - 02:02
Sophos reckons Chinese gangs are behind attack it's charmingly chosen to name ‘KillSomeOne’

Security vendor Sophos has suggested Chinese purveyors of advanced persistent threats (APTs) are behind a recent wave of attacks on non-governmental organisations and other commercial entities in Myanmar.…

Categories: News

Feds throw book at eBay execs who deny they had anything to do with cyberstalking of site's critics

The Register - Wed, 04/11/2020 - 22:47
James Baugh, David Harville hit with several new counts

Two senior eBay executives who have refused to join their colleagues and plead guilty to charges of cyberstalking have been hit with a string of fresh charges.…

Categories: News

If you're an update laggard, buck up: Chrome zero-days are being exploited in the wild

The Register - Wed, 04/11/2020 - 20:15
Desktop and Android versions both at risk

Patch Google Chrome with the latest updates – if you don't, you're vulnerable to a zero-day that is actively being exploited, the US Cybersecurity and Infrastructure Security Agency (CISA) has warned.…

Categories: News

Was that November's Patch Tuesday? Already? Oh, no, it's just Adobe issuing 14 emergency security fixes

The Register - Wed, 04/11/2020 - 06:28
Critical Acrobat, Reader flaws evidently couldn't wait until next week

Adobe on Tuesday published updated versions of its Acrobat and Reader software to fix fourteen flaws, four of which have been designated "critical." These updates should be installed as soon as possible to close off their vulnerabilities.…

Categories: News

Automation software slinger SaltStack warns of stop-watching-the-election-and-patch-now bugs

The Register - Wed, 04/11/2020 - 02:45
Fixes look to have landed in GitHub well ahead of disclosure

SaltStack has officially revealed three bugs in its code – two of them seemingly critical – and told users: “We strongly recommend that you prioritize this update.” But the biz appears to have known about the bugs for months and quietly patched them over the summer.…

Categories: News

The death of the email attack 'campaign'

The Register - Tue, 03/11/2020 - 19:00
So long and (no) thanks for all the phish

Sponsored  By the time we hit 50, most of us start slowing down. Not so for email. As the technology hits its half-century next year, it's speeding up. Malicious emails are more ubiquitous than ever, and experts are seeing a worrying trend: Phishing campaigns are becoming faster, and smarter.…

Categories: News

None of our apps (except those 3) could secretly slurp Facebook user details, devs rage to High Court of England and Wales

The Register - Tue, 03/11/2020 - 17:20
Small Brit firm pushes back against Zuckerborg sueball

Mobile app developers accused by Facebook of deploying “malicious” SDKs to scrape users’ data from the social network have hit back, telling London’s High Court that nearly all their apps were “not capable” of harvesting data from Facebook itself.…

Categories: News

How's this for the ultimate gaming achievement? Half-Life 2's Gnome Chompski is going to space – in real life

The Register - Tue, 03/11/2020 - 16:28
Drag racing in orbit with Rocket Lab

Rocket Lab is planning a 30-satellite launch via its 16th Electron launch from New Zealand. The payload will include a statue of Gnome Chompski*, presumably in an attempt to unlock hitherto unknown Half-Life achievements.…

Categories: News

Oracle patches severe flaw in WebLogic Server that could be exploited 'without the need for a username and password'

The Register - Tue, 03/11/2020 - 14:12
D'oh! If only they'd seen bug before issuing those 402 other fixes

Oracle has released an emergency patch after a security vulnerability was revealed in its WebLogic middleware last week.…

Categories: News

Protecting the NHS: NCSC fended off lots of meddling aimed at UK health orgs while ransomware ramped up

The Register - Tue, 03/11/2020 - 12:28
But annual report doesn't mention China once

The National Cyber Security Centre fended off more than 700 cyber attacks directed against the British state over the last year, of which about a quarter were COVID-19 related.…

Categories: News

I'll give you my passwords if you investigate police corruption, accused missile systems leaker told cops

The Register - Tue, 03/11/2020 - 10:15
Ex-BAE Systems bod's letter read to Old Bailey

A former BAE Systems engineer accused of failing to hand over his device passwords to Merseyside Police vowed not to give them up until a watchdog investigated his allegations that police workers had perverted the course of justice, the Old Bailey heard.…

Categories: News

CERT/CC: 'Sensational' bug names spark fear, hype – so we'll give flaws our own labels... like Suggestive Bunny

The Register - Tue, 03/11/2020 - 06:02
Officials go with randomly selected words with unintentionally hilarious results. Filthy Python, anyone?

Many memorable events get named, whether they're hurricanes, political events, or security incidents like the Morris Worm, which surfaced 32 years ago yesterday.…

Categories: News

Russian jailed for eight years in the US for writing code that sifted botnet logs for web banking creds for fraudsters

The Register - Mon, 02/11/2020 - 23:58
Harvested usernames, passwords used to drain victims' coffers

A Russian programmer has been sentenced to eight years behind bars in America for his part in a massive cybercriminal network that hacked into and drained victims' bank accounts.…

Categories: News

Are you protected from the latest threats to Industrial Control Systems?

The Register - Mon, 02/11/2020 - 23:00
SANS Institute opens up ICS Asia Pacific Summit to all

Promo  2020 has been a year of incredible uncertainty and upheaval, which for security professionals inevitably means threats have multiplied right across the enterprise.…

Categories: News

Google's home security package flies the Nest, Chocolate Factory pledges software support – for now

The Register - Mon, 02/11/2020 - 13:15
Plus: Immigration lawyers for Mountain View breached, SonarQube hack worse than thought, and more

In brief  Bad news for those who have bought into the Nest Secure home surveillance system – Google has surprised many by halting further deployments.…

Categories: News

You can't spell 'electronics' without 'elect': The time for online democracy has come

The Register - Mon, 02/11/2020 - 11:00
Software, security, distributed systems, process-based engineering... e-voting might not be such a bad idea

Column  E-voting over the internet is by common consent a bad idea.…

Categories: News

Google reCAPTCHA service under the microscope: Questions raised over privacy promises, cookie use

The Register - Mon, 02/11/2020 - 08:15
Web giant insists anti-bot service isn't used for personalized ads – but cookie claims don't quite add up

Analysis  Six years ago, Google revised its reCAPTCHA service, designed to filter out bots, scrapers, and other automated web browsing, and allow humans through to websites.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News