If you haven't updated your ThroughTek DVR since 2018 do so now, warns Mandiant as critical vuln surfaces

The Register - Tue, 17/08/2021 - 16:02
Callooh! Kalay! Outdated SDK component poses threat, says intel firm

A critical vulnerability affecting tens of millions of digital video recorders powering baby monitors and CCTV systems across the world has been uncovered by Mandiant, which claims the vuln allows for unauthorised viewing of live camera footage.…

Categories: News

The cloud changes the game for cybersecurity incident response – here’s how to master the new rules

The Register - Tue, 17/08/2021 - 15:00
The next chapter in digital forensics: Long live cloud forensics

Promo  On the face of it, the cloud fundamentally changes how security teams investigate and remediate incidents.…

Categories: News

British defence supplier Ultra Electronics to be sold for £2.6bn to US-controlled firm

The Register - Tue, 17/08/2021 - 13:25 shrugs at calls for national security intervention

British defence tech specialist Ultra Electronics has been bought for £2.6bn by a US private equity firm, through a wholly owned UK subsidiary that was itself once a proud standalone business.…

Categories: News

Blackbaud – firm that paid off crooks after 2020 ransomware attack – fails to get California privacy law claim dropped

The Register - Tue, 17/08/2021 - 12:34
Suit could net $750 a pop under GDPR-ish rule for complainants who allege info 'unencrypted'

A judge in South Carolina has struck out a number of claims in a consolidated class-action suit alleging cloud CRM provider Blackbaud didn't do enough to prevent a 2020 ransomware attack, but allegations under California's Consumer Privacy Act (CCPA) will move forward.…

Categories: News

Pakistan's tax office services go dark after migration project goes awry

The Register - Tue, 17/08/2021 - 04:00
Local reports suggest Microsoft Hyper-V crack was the cause, as rumours swirl of data leak

Pakistan's Federal Board of Revenue – the nation's tax office – has experienced a lengthy outage after a migration project went bad, perhaps as the result of a cyber-attack.…

Categories: News

Remote code execution flaws lurk in countless routers, IoT gear, cameras using Realtek Wi-Fi module SDKs

The Register - Mon, 16/08/2021 - 21:11
Devices from 60+ manufacturers affected, says infosec outfit

Taiwanese chip designer Realtek has warned of four vulnerabilities in three SDKs accompanying its Wi-Fi modules, which are used in almost 200 products made by more than five dozen vendors.…

Categories: News

T-Mobile US probes claims of 100m stolen customer records up for sale on dark web

The Register - Mon, 16/08/2021 - 20:22
Plus: Signal expands auto-deleting messages, SIM-swap thief pleads guilty, and more

In brief  T-Mobile US is investigating claims that highly sensitive personal data of 100 million customers has been stolen and peddled via the dark web.…

Categories: News

Dallas cops lost 8TB of criminal case data during bungled migration, says the DA... four months later

The Register - Mon, 16/08/2021 - 14:19
Murder trial affected last week

A bungled data migration of a network drive caused the deletion of 22 terabytes of information from a US police force's systems – including case files in a murder trial, according to local reports.…

Categories: News

Apple's iPhone computer vision has the potential to preserve privacy but also break it completely

The Register - Mon, 16/08/2021 - 10:27
Cupertino can see things you people wouldn't believe

Opinion  For a company built around helping people communicate, Apple sure has problems talking to folk. It pole-vaulted itself feet first into the minefield of Child Sexual Abuse Material (CSAM), saying that it was going to be checking everybody's images whether they liked it or not.…

Categories: News

I was offered $500k as a thank-you bounty for pilfering $600m from Poly Network, says crypto-thief

The Register - Sat, 14/08/2021 - 11:03
Blockchain exchange biz says it's working to have all the purloined assets returned

The mysterious miscreant who exploited a software vulnerability in Poly Network to drain $600m in crypto-assets, claims the Chinese blockchain company offered them $500,000 as a reward for discovering the weakness.…

Categories: News

Fancy joining the SAS's secret hacker squad in Hereford as an electronics engineer for £33k?

The Register - Fri, 13/08/2021 - 16:26
Hey MoD, nice to hear from you. What? Not secret any more, you say?

A job ad blunder by the UK's Ministry of Defence has accidentally revealed the existence of a secret SAS mobile hacker squad.…

Categories: News

Before I agree to let your app track me everywhere, I want something 'special' in return (winks)…

The Register - Fri, 13/08/2021 - 12:35
Help me, officer, I’m lost! 'No problem, sir, you’re right in front of me'

Something for the Weekend, Sir?  "This website is requesting permission to access your location. Yes/No?" Absolutely not. My personal details are sacred!…

Categories: News

United Nations calls for moratorium on sale of surveillance tech like NSO Group's Pegasus

The Register - Fri, 13/08/2021 - 08:58
Suggests the world to sort out a ban to preserve human rights, issues sternly worded 'Please Explain' to Israel

The United Nations has called for a moratorium on the sale of "life threatening" surveillance technology and singled out the NSO Group and Israel for criticism.…

Categories: News

Re-volting: AMD Secure Encrypted Virtualization undone by electrical attack

The Register - Fri, 13/08/2021 - 08:35
Fault injection technique presents risk in cloud environments from rogue admins

AMD's Secure Encrypted Virtualization (SEV) scheme is not as secure as its name suggests.…

Categories: News

China stops networked vehicle data going offshore under new infosec rules

The Register - Fri, 13/08/2021 - 07:58
Hands-off driving detectors required, over-the-air updates to be strictly regulated

China has drafted new rules required of its autonomous and networked vehicle builders.…

Categories: News

FISMA's a fizzer, says Cisco, and calls on Congress to get cyber security policy right – pronto

The Register - Fri, 13/08/2021 - 07:16
Organizational structure, piecemeal approach and hiring practices all need to change, says Borg security bigwig

A senior Chief Information Security Officer (CISO) advisor at Cisco has penned a commentary on the state of US cybersecurity frameworks, criticizing current government infosec and advocating for more autonomy for CISOs and a better understanding of the task at hand from those creating policies.…

Categories: News

Huawei stole our tech and created a 'backdoor' to spy on Pakistan, claims IT biz

The Register - Fri, 13/08/2021 - 02:54
Allegations of purloined trade secrets, unfair competition, national security threats, and more packed into lawsuit

A California-based IT consultancy has sued Huawei and its subsidiary in Pakistan alleging the Chinese telecom firm stole its trade secrets and failed to honor a contract to develop technology for Pakistani authorities.…

Categories: News

GitHub picks Friday 13th to kill off password-based Git authentication

The Register - Fri, 13/08/2021 - 00:20
Plus: eBPF Foundation emerges, Exchange severs probed for ProxyShell holes, and more

In brief  If your Git operations start failing on Friday, August 13 with GitHub, it may well be because you're still using password authentication – and you need to change that.…

Categories: News

US govt scores a point against Assange in run-up to extradition appeal showdown

The Register - Thu, 12/08/2021 - 21:31
Judge wrong to prevent Uncle Sam from challenging psychiatrist's suicide risk report, says High Court

Analysis  Julian Assange has lost a legal scrap in court, this time over the US government's attempt to expand its grounds for extraditing him from England to stand trial in America.…

Categories: News

Think your backups will protect you against ransomware? They’re top of the target list

The Register - Thu, 12/08/2021 - 18:30
Zoom in on zero trust by tuning in and finding out

Webcast  Being hit by ransomware is gut wrenching enough, but it’ll be ten times worse if it coincides with the realization that your data protection systems just aren’t up the job anymore.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News