Microsoft Patch Tuesday gaffe leads netizens to 'Microosft' typo-squatting domain

The Register - Tue, 09/02/2021 - 22:02
That aside, enjoy the light load of 56 vulns in Windows and other code

Patch Tuesday  For its February Patch Day, Microsoft released security advisories covering 56 CVE-assigned vulnerabilities, 11 of them rated critical.…

Categories: News

Just 2020 things: Miscreants hit remote desktops 700% harder as world's IT teams try to support locked-down staff

The Register - Tue, 09/02/2021 - 14:26
Bar the doors lest you get targeted

Online criminals have increasingly targeted Remote Desktop Protocol connections over the past year, according to infosec biz ESET.…

Categories: News

CD Projekt Red 'EPICALLY pwned': <i>Cyberpunk 2077</i> dev publishes ransom note after company systems encrypted

The Register - Tue, 09/02/2021 - 12:28
Hackers threaten to release source and docs, but games giant isn't playing ball

CD Projekt Red, the Polish developer of Cyberpunk 2077 and The Witcher 3, has disclosed a major security incident in which several company systems were encrypted and confidential data stolen.…

Categories: News

Ignore that ransomware demand and restore from backup – well... if only it were that easy

The Register - Tue, 09/02/2021 - 07:30
Do you really think your safe copies aren’t top of the cyber-cims' hit list?

Webcast  Ransomware is one of the most insidious forms of cyber-attack, not least because it presents you with a range of highly unpleasant options.…

Categories: News

‘Quad’ nations sign up for meta think-tank to advance ‘Techno-Democratic Statecraft’

The Register - Tue, 09/02/2021 - 05:01
As China bristles, USA, Japan, India, and Australia create forum to explore the intersection of tech and regional security

Universities and think tanks from Australia, the USA, Japan, and India have come together in a new group that together hopes to advance discussions on the intersection of information technology, regional security, and internet freedom.…

Categories: News

Someone tried to poison a Florida city by hijacking its water treatment plant via TeamViewer, says sheriff

The Register - Tue, 09/02/2021 - 00:18
Attempt to flood supply with sodium hydroxide thwarted, safeguards would have kicked in anyway, we're told

The sheriff of a small city in Florida warned on Monday that hackers had tried to poison its water.…

Categories: News

Barcode scan app amassed millions of downloads before weird update starting popping open webpages...

The Register - Mon, 08/02/2021 - 21:14
Android software kicked out of Google Play Store, may still be active on many handhelds

Barcode Scanner, a popular Android app, slipped undesirable code into an update in early December, an update that had the potential to reach more than 10m devices though actual distribution is believed to be far less.…

Categories: News

EncroChat hack case: RAM, bam... what? Data in transit is data at rest, rules UK Court of Appeal

The Register - Mon, 08/02/2021 - 16:34
That's the Snoopers' Charter in action for you

British prosecutors can make use of evidence gathered by the French and Dutch police from encrypted messaging service Encrochat’s servers thanks to a legal interpretation of whether RAM counts as data storage, the Court of Appeal has ruled.…

Categories: News

Hacked by SolarWinds backdoor masterminds, Mimecast now lays off staff after profit surge

The Register - Sun, 07/02/2021 - 10:04
Plus: British Mensa in data leak blunder, DARPA are Star Wars fans, Sonicwall patch out, and more

In brief  Email security biz Mimecast not only fell victim to the SolarWinds hackers, leading to its own customers being attacked, it is also trimming its workforce amid healthy profits.…

Categories: News

SitePoint hacked: Hashed, salted passwords pinched from web dev learning site via GitHub tool pwnage

The Register - Fri, 05/02/2021 - 19:05
If you started off there, best change your reused credentials

SitePoint, an Australian learn-to-code publishing website, has been compromised while promoting the book Hacking for Dummies on its homepage.…

Categories: News

New VS Code release hits stable channel for everyone who's not on Apple Silicon after last-minute bug found

The Register - Fri, 05/02/2021 - 16:03
Electron 11, source control tweaks, plus general spit and polish

Microsoft has pushed out another update to dev favourite Visual Studio Code, but opted to hold off on the Apple Silicon version after a last-minute bug reared its head.…

Categories: News

That Chrome zero-day bug affects Edge, Vivaldi, and other Chromium-tinged browsers

The Register - Fri, 05/02/2021 - 15:07
Install your updates pronto, folks – it's an active exploit

If you use Google Chrome or a Chromium-based browser such as Microsoft Edge, update it immediately and/or check it for updates over the coming days – there is a zero-day exploit being actively exploited in the older version of Chrome that will also affect other vendors' browsers.…

Categories: News

The Linux box that runs the exec carpark gate is down! A chance for PostgreSQL Man to show his quality

The Register - Fri, 05/02/2021 - 07:55
They still laid him off, though

On Call  This week's episode of On Call, as ever, comes with a warning: Be careful moving that beige box, for you may not realise what it does.…

Categories: News

Cisco reveals critical bug in small biz VPN routers when half the world is stuck working at home

The Register - Fri, 05/02/2021 - 07:05
And we all know how good small business are at patching... NOT

Cisco has addressed a clutch of critical vulnerabilities in its small business and VPN routers that can be exploited by an unauthenticated, remote attacker to execute arbitrary code as the root user. All the attacker needs to do is send a maliciously crafted HTTP request to the web-based management interface.…

Categories: News

Vote machine biz Smartmatic sues Fox News and Trump chums for $2.7bn over bogus claims of rigged 2020 election

The Register - Fri, 05/02/2021 - 02:41
Turns out words have consequences

Electronic voting machine maker Smartmatic has sued Fox News, three of its hosts, and two of Donald Trump’s loyalists – Rudy Giuliani and Sidney Powell – for an eye-popping $2.7bn in defamation damages over the false claims it stole the 2020 presidential election for Joe Biden.…

Categories: News

How do you fix a problem like open-source security? Google has an idea tho constraints may not go down well

The Register - Thu, 04/02/2021 - 19:32
'Try telling leaders of libpng, libjpeg-turbo, openssl, ffmpeg etc they can't make "unilateral" changes to their own projects'

Google has proposed a framework for discussing and addressing open-source security based on factors like verified identity, code review, and trusted builds, but its approach may be at odds with open-source culture.…

Categories: News

Is there a widening gulf between you and your remote workers? Yes – and it’s security shaped

The Register - Thu, 04/02/2021 - 07:30
Tune in online this month and learn how to mind the security gap

Webcast  It’s been almost a year since large parts of the workforce beat a hasty retreat from their offices, and began a mass experiment in working from home, often courtesy of Microsoft 365.…

Categories: News

Nespresso smart cards hacked to provide infinite coffee after someone wasn't too perky about security

The Register - Thu, 04/02/2021 - 06:40
Older commercial machines rely on insecure Mifare Classic payments

Some commercial Nespresso machines in Europe that incorporate a smart card payment system can be manipulated to add unlimited funds to purchase coffee, thanks to reliance on technology that's been known to be insecure for more than a decade.…

Categories: News

Myanmar’s new military government bans Facebook

The Register - Thu, 04/02/2021 - 00:24
Oh look, Cloudflare spots a sudden surge in use of other messaging apps

The new self-appointed military government of Myanmar has temporarily banned Facebook.…

Categories: News

More patches for SolarWinds Orion after researchers find flaw allowing low-priv users to execute code, among others

The Register - Wed, 03/02/2021 - 21:25
Probably not used by last year's US government-busting attackers, though

As if that supply chain attack wasn't bad enough, SolarWinds has had to patch its Orion software again after eagle-eyed researchers discovered fresh vulnerabilities – including one that can be exploited to achieve remote code execution.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News