SANS Announces 13th Holiday Hack Challenge and 2nd KringleCon infosec conference

The Register - Fri, 06/12/2019 - 06:00
Sign up, tune in, expand your knowledge, and compete in hacking contests

Promo  On December 9, SANS will launch its second annual KringleCon virtual conference followed shortly thereafter by its 13th Holiday Hack Challenge.…

Categories: News

Tricky VPN-busting bug lurks in iOS, Android, Linux distros, macOS, FreeBSD, OpenBSD, say university eggheads

The Register - Fri, 06/12/2019 - 05:01
OpenVPN, WireGuard, IKEv2/IPSec also vulnerable to unmasking flaw, we're told

A bug in the way Unix-flavored systems handle TCP connections could put VPN users at risk of having their encrypted traffic hijacked, it is claimed.…

Categories: News

VCs find exciting new way to blow $1m: Wire it directly to hackers after getting spoofed

The Register - Thu, 05/12/2019 - 23:05
Who needs an elevator pitch when you have man-in-the-middle attack?

A group of hackers used a compromised email account to steal a start-up's $1m venture capital payment.…

Categories: News

If there's somethin' stored in a secure enclave, who ya gonna call? Membuster!

The Register - Thu, 05/12/2019 - 22:22
Boffins ride the memory bus past Intel's SGX to your data

Computer scientists from UC Berkeley, Texas A&M, and semiconductor biz SK Hynix have found a way to defeat secure enclave protections by observing memory requests from a CPU to off-chip DRAM through the memory bus.…

Categories: News

Scammy and spammy harassers are chasing veteran pros off crypto-collab platform Keybase

The Register - Thu, 05/12/2019 - 18:20
What happens when you throw your lot in with crypto-coin types

Collaboration site Keybase, once touted for its encrypted meetup channels and robust developer features, is struggling to ward off an epidemic of harassment and spam brought about by its shift toward cryptocurrency.…

Categories: News

Feds slap $5m bounty on 'Evil Corp' Russian duo accused of running ZeuS, Dridex banking trojans

The Register - Thu, 05/12/2019 - 16:49
Account-draining malware masterminds charged but remain in motherland

US prosecutors have slapped a $5m bounty on the heads of two Russian nationals they claim are part of the malware gang behind the banking trojans ZeuS and Dridex.…

Categories: News

How to fool infosec wonks into pinning a cyber attack on China, Russia, Iran, whomever

The Register - Thu, 05/12/2019 - 15:44
Learning points, not an instruction manual

Black Hat 2019  Faking digital evidence during a cyber attack – planting a false flag – is simple if you know how, as noted infosec veteran Jake Williams told London's Black Hat conference.…

Categories: News

Oil be damned: Iran-based crooks flinging malware at Middle Eastern energy plants again – research

The Register - Thu, 05/12/2019 - 12:07
ZeroCleare wipes up where Shamoon left off

An Iran-based hacking crew long known to target energy facilities in neighboring Middle Eastern countries is believed to be launching new attacks.…

Categories: News

Atlassian scrambles to fix zero-day security hole accidentally disclosed on Twitter

The Register - Thu, 05/12/2019 - 00:55
Exposed private cert key may also be an issue for IBM Aspera

Twitter security celeb SwiftOnSecurity on Tuesday inadvertently disclosed a zero-day vulnerability affecting enterprise software biz Atlassian, a flaw that may be echoed in IBM's Aspera software.…

Categories: News

Lazarus group goes back to the Apple orchard with new macOS trojan

The Register - Thu, 05/12/2019 - 00:28
In-memory malware a first for suspected Nork hacking crew

The Lazarus group, which has been named as one of North Korea's state-sponsored hacking teams, has been found to be using new tactics to infect macOS machines.…

Categories: News

Mozilla locks nosy Avast, AVG extensions out of Firefox store amid row over web privacy

The Register - Wed, 04/12/2019 - 09:58
Add-ons accused of slurping every URL netizens visit

The Firefox extensions built by Avast have been pulled from the open-source browser's online add-on store over privacy fears.…

Categories: News

AWS has new tool for those leaky S3 buckets so, yeah, you might need to reconfigure a few things

The Register - Tue, 03/12/2019 - 12:44
Security a popular topic at Las Vegas event

re:Invent  At its re:Invent event under way in Las Vegas, Amazon Web Services (AWS) dropped the veil on a new tool to help customers to avoid spewing data stored on its S3 (Simple Storage) service to world+dog.…

Categories: News

UK parcel-tosser Yodel plugs tracking app's random yaps about where on map to snap up strangers' tat

The Register - Tue, 03/12/2019 - 10:02
Shipped from expensive shop X? In the shed, you say? Researcher spots badness

Parcel wrangler Yodel has corked up a security hole in which random user data leaked to people using its Android app.…

Categories: News

FBI confirms: FaceApp image-slurper poses a possible 'intelligence threat' from Russia

The Register - Tue, 03/12/2019 - 00:34
Feds tell Congress that Russian apps are a real security risk

Users who fire up FaceApp for fun might be unknowingly putting national security at risk, according to the US Feds.…

Categories: News

Welcome back from the holiday, Americans! Here's who leaked data while you were away

The Register - Mon, 02/12/2019 - 22:29
TrueDialog, Mixcloud, Magento Marketplace expose accounts

Thanksgiving is an ideal time to either hack (IT admins need holidays too) or to drop news of hacks (because no one's reading much news) so here's your roundup of the weekend's shenanigans.…

Categories: News

Europol wipes out 30,000+ piracy sites, three suspects cuffed to walk the legal plank

The Register - Mon, 02/12/2019 - 20:13
Aw man, I was still downl...err.. great work everyone!

Europol says its latest piracy takedown netted three arrests and more than 30,000 website takedowns.…

Categories: News

Judge to interview Assange over claims Spanish security firm snooped on him during Ecuador embassy stint

The Register - Mon, 02/12/2019 - 15:21
Video link request from September finally granted

Julian Assange will be interviewed via video link by a judge investigating claims that a Spanish company orchestrated a spying operation against him while he resided in the Ecuadorian embassy.…

Categories: News

Challenge yourself and level up your IT security skills at this SANS London training event

The Register - Mon, 02/12/2019 - 06:02
Arm yourself with the latest cybersecurity know-how

Promo  As more and more organisations move to new technologies, data thieves constantly try to find ingenious new ways of penetrating even the most well-protected systems.…

Categories: News

The blame game: When hackers steal your data, is it a corporate failure – or the attackers' fault?

The Register - Mon, 02/12/2019 - 06:00
Or a mix of both?

Sponsored  Organisations are attacked every day: cybercriminals gain a foothold within the corporate network, and data is stolen and operations disrupted. The target of an attack could be your employer, a customer, a social media platform, or an intermediary responsible for secure access control, or financial record holding.…

Categories: News

Google caught a Russian state hacker crew uploading badness to the Play Store

The Register - Thu, 28/11/2019 - 13:41
Adtech firm also sent 12k phishing warnings to users of its services

Google has said it fired off 12,000 warnings to unlucky users of its GMail, Drive and YouTube services telling them that they’re being phished by state-backed hackers.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News