News

Sorry script kiddies, hacktivism isn't cool anymore: No one cares about stuff that's easy-peasy to defend against

The Register - Wed, 21/08/2019 - 15:00
So much for Beto O'Rourke's cow-related capers

The youthful doings of US presidential wannabe Beto O'Rourke are in sharp decline, according to threat intel biz Recorded Future, which reckons folk have fallen out of love with hacktivism.…

Categories: News

Stuff like sophisticated government spyware is scary and all – but don't forget, a single .wmv file can pwn you via VLC

The Register - Wed, 21/08/2019 - 09:57
Keep your media player, like other apps, up to date: 13 security flaws fixed

VideoLAN has issued an update to address a baker's dozen of CVE-listed security vulnerabilities in its widely used VLC player software.…

Categories: News

30+ countries, 160,000 emails, $4.2m in cyber-heists… maybe it's time for the Silence hacker crew to change its name

The Register - Wed, 21/08/2019 - 06:00
Russian bank-hacking ring continues its global expansion

The rapidly growing hacking crew dubbed Silence, has – in less than three years – gone from ransacking small regional banks in Eastern Europe to stealing millions from some of the largest international banks.…

Categories: News

No REST for the wicked: Ruby gem hacked to siphon passwords, secrets from web devs

The Register - Tue, 20/08/2019 - 22:21
Developer account cracked due to credential reuse, source tampered with and released to hundreds of programmers

An old version of a Ruby software package called rest-client that was modified and released about a week ago has been removed from the Ruby Gems repository – because it was found to be deliberately leaking victims' credentials to a remote server.…

Categories: News

Huawei goes all <i>Art of War</i> on us: Switches on 'battle mode' and vows to 'dominate the world'

The Register - Tue, 20/08/2019 - 16:30
You listening, Trump?

An internal memo to Huawei staff sent by boss Ren Zhengfei is long on military metaphors and warns that the company needs to go into "battle mode" to counter trade barriers put up by the United States.…

Categories: News

Breaker, breaker. Apple's iOS 12.4 update breaks jailbreak break, un-breaks the break. 10-4

The Register - Tue, 20/08/2019 - 02:58
File under: 'Breaking' news

iPhone hackers have discovered Apple's most recent iOS update, 12.4, released in July, accidentally reopened a code-execution vulnerability that was previously patched – a vulnerability that can be abused to jail-break iThings.…

Categories: News

The Pwn Star State: Nearly two dozen Texas towns targeted by tiresome ransomware

The Register - Tue, 20/08/2019 - 01:02
Officials suspect a coordinated extortion campaign

Twenty-three towns in Texas have been targeted with ransomware in what appears to be a coordinated attack.…

Categories: News

Dear Planet Earth: Patch Webmin now – zero-day exploit emerges for potential hijack hole in server control panel

The Register - Mon, 19/08/2019 - 21:28
Flawed code traced to home build system, vulnerability can be attacked in certain configs

The maintainers of Webmin – an open-source application for system administration tasks on Unix-flavored systems – have released Webmin version 1.930 and the related Usermin version 1.780 to patch a vulnerability that can be exploited to achieve remote code execution in certain configurations.…

Categories: News

Teen TalkTalk hacker ordered to pay £400k after hijacking popular Instagram account

The Register - Mon, 19/08/2019 - 14:03
Sanitised browser history sparked another investigation

One of the crew who hacked TalkTalk has been ordered to hand over £400,000 after seizing control of a high-profile Instagram account following a hack on Aussie telco Telstra.…

Categories: News

KNOB turns up the heat on Bluetooth encryption, hotels leak guest info, city hands $1m to crook, and much, much more

The Register - Mon, 19/08/2019 - 11:08
Spec design flaw stiffs security of gizmos

Roundup  Let's run through all the bits and bytes of security news beyond what we've already covered. Also, don't forget our articles from this year's Black Hat, DEF CON, and BSides Las Vegas conferences in the American desert.…

Categories: News

iFrame clickjacking countermeasures appear in Chrome source code. And it only took *checks calendar* three years

The Register - Mon, 19/08/2019 - 10:04
After inaction, technical changes promise better fraud defense

Three years ago, Google software engineer Ali Juma proposed that Chrome should be modified to ignore recently moved iframe elements on web pages as a defense against clickjacking.…

Categories: News

Subcontractor's track record under spotlight as London Mayoral e-counting costs spiral

The Register - Mon, 19/08/2019 - 09:11
Bill approaching £9m compared to £4.1m for the system in 2016

Concerns have been raised over a key supplier of an e-counting system for the London Mayoral elections in 2020.…

Categories: News

Chrome add-on warns netizens when they use a leaked password. Sometimes, they even bother to change it

The Register - Fri, 16/08/2019 - 21:57
Alerted to exposed credentials, users do something about it roughly a quarter of the time

Between February and March this year, after Google released a Chrome extension called Password Checkup to check whether people's username and password combinations had been stolen and leaked from website databases, computer scientists at the biz and Stanford University gathered anonymous telemetry from 670,000 people who installed the add-on.…

Categories: News

NSA asks Congress to permanently reauthorize spying program that was so shambolic, the snoops had shut it down

The Register - Fri, 16/08/2019 - 21:09
You never know, we might figure out how not to screw up in future

Analysis  In the clearest possible sign that the US intelligence services live within their own political bubble, the director of national intelligence has asked Congress to reauthorize a spying program that the NSA itself decided to shut down after it repeatedly – and illegally – gathered the call records of millions of innocent Americans.…

Categories: News

Top tip: Don't upload your confidential biz files to free malware-scanning websites – everything is public

The Register - Fri, 16/08/2019 - 19:45
Sandbox services are bursting with sensitive info from unwitting companies

Companies are inadvertently leaving confidential files on the internet for anyone to download – after uploading the documents to malware-scanning websites that make everything public.…

Categories: News

And you thought the cops were bad... Civil rights group warns of facial recog 'epidemic' across UK private sites

The Register - Fri, 16/08/2019 - 16:30
Shopping centres, museums and conference centres among all found to be using tech

Facial recognition is being extensively deployed on privately owned sites across the UK, according to an investigation by civil liberties group Big Brother Watch.…

Categories: News

Police costs for Gatwick drone fiasco double to nearly £900k – and still no one's been charged

The Register - Fri, 16/08/2019 - 09:03
Omnishambles just keeps on rolling and you're paying for it

Sussex Police's probe of the infamous London Gatwick airport drone fiasco of Christmas 2018 has doubled in cost to nearly £900,000 – and the bungling force still hasn't arrested the person or persons responsible.…

Categories: News

Security? We've heard of it! But why be a party pooper when there's printing to be done

The Register - Fri, 16/08/2019 - 08:04
The boss that went rogue and cocked a snook at the corporate policy he wrote

On Call  With the gateway to the weekend upon us, it is time to crack open the On Call files once again to enjoy a tale from one of those brave engineers at the front line of the tech world.…

Categories: News

Bomb-hoaxing DoSer who targeted police in revenge was caught after Twitter taunts

The Register - Thu, 15/08/2019 - 13:23
Mostly the public adversely affected

A young man who DoSed two British police forces' websites has been sentenced to 16 months in a young offenders' institution.…

Categories: News

How dodgy browser plugins, web scripts can silently rewrite that URL you were about to hit – and throw you into an internet wormhole

The Register - Thu, 15/08/2019 - 08:08
Clickjacking code found on sites with 43 million daily visits total

Analysis  Clickjacking, which came to the attention of security types more than a decade ago, continues to thrive, despite defenses deployed since then by browser makers.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News