Rotherwood Healthcare AWS bucket security fail left elderly patients' DNR choices freely readable online

The Register - Wed, 26/02/2020 - 12:12
Plus birth certificates, job interview data and more

A leak of 10,000 records at a Leicestershire care home provider exposed elderly patients' wishes not to be resuscitated, detailed care plans and precisely how much councils paid for individual patients' care.…

Categories: News

Mind the gap: Google patches holes in Chrome – exploit already out there for one of them after duo spot code fix

The Register - Tue, 25/02/2020 - 21:22
Pair engineer malicious code from public source tweak before official binary releases

Google has updated Chrome for Linux, Mac, and Windows to address three security vulnerabilities – and exploit code for one of them is already public, so get patching.…

Categories: News

Apple tries to have VirnetX VPN patent ruling overturned again, US Supremes say no... again

The Register - Tue, 25/02/2020 - 15:03
Still not the last word for VirnetX after 10-year fight

The United States Supreme Court has kicked out Apple's attempt to overturn a judgement in one of the cases in its 10-year patent fight with VirnetX.…

Categories: News

Password killer FIDO2 comes bounding into Azure Active Directory hybrid environments

The Register - Tue, 25/02/2020 - 13:36
A preview of muddy paws all over your on-prem resources, or a passwordless future?

Hybrid environments can now join the preview party for FIDO2 support in Azure Active Directory.…

Categories: News

Microsoft uses its expertise in malware to help with fileless attack detection on Linux

The Register - Tue, 25/02/2020 - 12:30
Aw, how generous

Hey, Linux fans! Microsoft has got your back over fileless threats. Assuming you've bought into the whole Azure Security Center thing.…

Categories: News

Samsung cops to data breach after unsolicited '1/1' Find my Mobile push notification

The Register - Mon, 24/02/2020 - 13:20
Tight-lipped chaebol still won't talk about the dodgy app, though

Samsung has admitted that what it calls a "small number" of users could indeed read other people's personal data following last week's unexplained Find my Mobile notification.…

Categories: News

Google rolls out Titan keys to Europe, Japan. Plus: Group Policy bug is a feature, not a flaw, says Microsoft

The Register - Mon, 24/02/2020 - 06:08
And Adobe in remote-code execution patch non-shocker

Roundup  It's once again time for a security news summary. Let's get to it.…

Categories: News

Duped into running bogus virus scans at Office Depot? Dry your eyes with a small check from $35m settlement

The Register - Fri, 21/02/2020 - 20:36
Treat yourself to a meal out or a case of bevvies... or an appetizer in SF or NYC

Victims of dodgy IT support from Office Depot will start receiving compensation checks, a US consumer watchdog said Thursday.…

Categories: News

'Don't tell anyone but I have a secret.' There, that's my security sorted

The Register - Fri, 21/02/2020 - 10:00
The inevitable return of Norbert Spankmonkey

Something for the Weekend, Sir?  Where's my free promo tat? Fellow convention attendees have no such problem being showered with promotional gifts from all sides as they totter up and down the rows of booths.…

Categories: News

Google exiles 600 apps from Play Store for 'disruptive advertising' amid push to clean up Android souk's image

The Register - Fri, 21/02/2020 - 00:36
Purge is the latest in a series of similar store scourings

On Thursday Google confirmed it has removed nearly 600 Android apps from the Google Play Store and banned them from its ad services for violating its policies on disruptive advertising and interstitials.…

Categories: News

Apple drops a bomb on long-life HTTPS certificates: Safari to snub new security certs valid for more than 13 months

The Register - Thu, 20/02/2020 - 23:20
Keep your crypto to less than 398 days after September 1 and you're all good

Safari will, later this year, no longer accept new HTTPS certificates that expire more than 13 months from their creation date.…

Categories: News

Stuffing nonsense: Persistent cyberpunks are pummelling banks' public APIs, warns Akamai

The Register - Thu, 20/02/2020 - 22:56
Security biz clocked 55 million malicious login attempts on a client

Financial services firms' public APIs are becoming the target du jour for internet ne'er-do-wells, reckons Akamai, which also said that one of its customers was firehosed with 55 million malicious login attempts last summer.…

Categories: News

RSA Conference loses one more abbreviated tech giant after AT&T disconnects over Wuhan coronavirus fears

The Register - Thu, 20/02/2020 - 20:52
Alternative headline: Killer bio-nasty linked to former alien vault and cyber-hacker gathering

RSA  Yet another big brand has pulled out of RSA Conference, due to take place next week, amid the ongoing novel coronavirus panic.…

Categories: News

We know what you did last summer: MGM's hotel spinoff lost 10.7m guest records and now they're on hacker forums

The Register - Thu, 20/02/2020 - 18:31
What happens in Vegas... gets leaked on the internet

Casino and hotel chain MGM Resorts lost almost 10.7 million guest records last summer, including the data of Jack Dorsey and Justin Bieber, which was duly posted to hacker forums.…

Categories: News

GRU won't believe it: UK and US call out Russia for cyber-attacks on Georgia last year

The Register - Thu, 20/02/2020 - 15:06
It's APT28 again! Public attribution names and shames state-backed crew

The same Russian state hackers who unleashed NotPetya on the world's computers were behind destructive cyberattacks on Georgia during 2019, the governments of Britain and the US have said – echoing a similar attribution a decade ago.…

Categories: News

Keen to check for 'abnormal' user behaviours? Microsoft talks insider risk, AWS imports and compliance at infosec shindig RSA

The Register - Thu, 20/02/2020 - 14:35
Before you remove the mote from thy hacker's eye, remove the beam from the eyes of your, er, Teams

RSA  As IBM's crew cancels their hotel rooms, Microsoft's infosec staffers are still set to attend the decades-old RSA conference and pulled the covers off a raft of security releases and previews for the event today.…

Categories: News

Samsung will be Putin dreaded Kremlin-approved shovelware on its phones, claims Russia

The Register - Thu, 20/02/2020 - 10:03
Now Ru?

The Russian government, via mouthpiece RIA Novosti, has claimed Korean tech giant Samsung will comply with a controversial Russian law passed in November that forces smartphones and computers to come pre-installed with domestic-made shovelware.…

Categories: News

Oi, Cisco! Who left the 'high privilege' login for Smart Software Manager just sitting out in the open?

The Register - Wed, 19/02/2020 - 23:41
Critical fix for static login headlines latest patch rollout

Cisco has released fixes to address 17 vulnerabilities across its networking and unified communications lines.…

Categories: News

Assange lawyer: Trump offered WikiLeaker a pardon in exchange for denying Russia hacked Democrats' email

The Register - Wed, 19/02/2020 - 20:58
America wanted a cover-up of Kremlin ties to DNC intrusion, court told

Julian Assange was offered a pardon by the White House only if he publicly said Russia did not hack the Democratic National Committee, according to the WikiLeaks supremo's lawyer.…

Categories: News

When the air gap is the space between the ears: A natural gas plant let ransomware spread from office IT to ops

The Register - Wed, 19/02/2020 - 19:35
Mystery facility hit by 'commodity' infection thought to be Ryuk

America's Homeland Security this week disclosed it recently responded to a ransomware infection at an unnamed natural gas plant.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News