This Windows malware uses PowerShell to inject malicious extension into Chrome

The Register - Fri, 27/05/2022 - 12:26
And that's a bit odd, says Red Canary

A strain of Windows uses PowerShell to add a malicious extension to a victim's Chrome browser for nefarious purposes. A macOS variant exists that uses Bash to achieve the same and also targets Safari.…

Categories: News

Let's play everyone's favorite game: REvil? Or Not REvil?

The Register - Fri, 27/05/2022 - 08:33
Another day, another DDoS attack that tries to scare the victim into paying up with mention of dreaded gang

Akamai has spoken of a distributed denial of service (DDoS) assault against one of its customers during which the attackers astonishingly claimed to be associated with REvil, the notorious ransomware-as-a-service gang.…

Categories: News

China offering ten nations help to run their cyber-defenses and networks

The Register - Fri, 27/05/2022 - 04:33
Sure, they’re small Pacific nations, but they’re in very strategic locations

China has begun talking to ten nations in the South Pacific with an offer to help them improve their network infrastructure, cyber security, digital forensics and other capabilities – all with the help of Chinese tech vendors.…

Categories: News

How to reprogram Apple AirTags, play custom sounds

The Register - Fri, 27/05/2022 - 01:52
Voltage glitch here, glitch there, now you can fiddle with location disc's firmware

At the Workshop on Offensive Technologies 2022 (WOOT) on Thursday, security researchers demonstrated how to meddle with AirTags, Apple's coin-sized tracking devices.…

Categories: News

Ransomware encrypts files, demands three good deeds to restore data

The Register - Fri, 27/05/2022 - 00:20
Shut up and take ... poor kids to KFC?

In what is either a creepy, weird spin on Robin Hood or something from a Black Mirror episode, we're told a ransomware gang is encrypting data and then forcing each victim to perform three good deeds before they can download a decryption tool.…

Categories: News

Cheers ransomware hits VMware ESXi systems

The Register - Thu, 26/05/2022 - 22:10
Now we can say extortionware has jumped the shark

Another ransomware strain is targeting VMware ESXi servers, which have been the focus of extortionists and other miscreants in recent months.…

Categories: News

Campaigners warn of legal challenge against Privacy Shield enhancements

The Register - Thu, 26/05/2022 - 15:00
Schrems III on the cards unless negotiators protect better oversight of US data access requests

European privacy campaigner Max Schrems is warning that enhancements to the EU-US Privacy Shield data-sharing arrangements might face a legal challenge if negotiators don't take a new approach.…

Categories: News

Verizon: Ransomware sees biggest jump in five years

The Register - Thu, 26/05/2022 - 11:04
We're only here for DBIRs

The cybersecurity landscape continues to expand and evolve rapidly, fueled in large part by the cat-and-mouse game between miscreants trying to get into corporate IT environments and those hired by enterprises and security vendors to keep them out.…

Categories: News

Suspected phishing email crime boss cuffed in Nigeria

The Register - Thu, 26/05/2022 - 08:25
Interpol, cops swoop with intel from cybersecurity bods

Interpol and cops in Africa have arrested a Nigerian man suspected of running a multi-continent cybercrime ring that specialized in phishing emails targeting businesses.…

Categories: News

Ex-spymaster and fellow Brexiteers' emails leaked by suspected Russian op

The Register - Thu, 26/05/2022 - 07:27
A 'Very English Coop (sic) d'Etat'

Emails between leading pro-Brexit figures in the UK have seemingly been stolen and leaked online by what could be a Kremlin cyberespionage team.…

Categories: News

Ransomware grounds some flights at Indian budget airline SpiceJet

The Register - Thu, 26/05/2022 - 05:54
Incident comes a week after 'SAP glitch' kept some planes on the taxiway

Indian budget airline SpiceJet on Wednesday attributed delayed flights to a ransomware attack.…

Categories: News

Millions of people's info stolen from MGM Resorts dumped on Telegram for free

The Register - Thu, 26/05/2022 - 00:44
Meanwhile, Twitter coughs up $150m after using account security contact details for advertising

Miscreants have dumped on Telegram more than 142 million customer records stolen from MGM Resorts, exposing names, postal and email addresses, phone numbers, and dates of birth for any would-be identity thief.…

Categories: News

In record year for vulnerabilities, Microsoft actually had fewer

The Register - Wed, 25/05/2022 - 17:11
Occasional gaping hole and overprivileged users still blight the Beast of Redmond

Despite a record number of publicly disclosed security flaws in 2021, Microsoft managed to improve its stats, according to research from BeyondTrust.…

Categories: News

Vehicle owner data exposed in GM credential-stuffing attack

The Register - Wed, 25/05/2022 - 16:41
Car maker says miscreants used stolen logins to break into folks' accounts

Automaker General Motors has confirmed the credential stuffing attack it suffered last month exposed customers' names, personal email addresses, and destination data, as well as usernames and phone numbers for family members tied to customer accounts.…

Categories: News

Beijing needs the ability to 'destroy' Starlink, say Chinese researchers

The Register - Wed, 25/05/2022 - 12:01
Paper authors warn Elon Musk's 2,400 machines could be used offensively

A researcher from the Beijing Institute of Tracking and Telecommunications advocated for Chinese military capability to take out Starlink satellites on the grounds of national security in a peer-reviewed domestic journal.…

Categories: News

Quad nations pledge deeper collaboration on infosec, data-sharing, and more

The Register - Wed, 25/05/2022 - 08:57
But think tank says its past attempts at working together haven't gone well

Leaders of the Quad alliance – Australia, India, Japan, and the USA – met on Tuesday and revealed initiatives to strengthen collaboration on emerging technologies and cybersecurity, with an unspoken subtext of neutralizing China.…

Categories: News

About half of popular websites tested found vulnerable to account pre-hijacking

The Register - Wed, 25/05/2022 - 08:28
In detail: Ocean's Eleven-grade ruse in which victims' profiles are rigged from the start

Two security researchers have identified five related techniques for hijacking internet accounts by preparing them to be commandeered in advance.…

Categories: News

Indian stock markets given ten day deadline to file infosec report, secure board signoff

The Register - Wed, 25/05/2022 - 07:53
Another rush job for busy Indian IT shops

Indian IT shops have been handed another extraordinarily short deadline within which to perform significant infosec work.…

Categories: News

Predator spyware sold with Chrome, Android zero-day exploits to monitor targets

The Register - Wed, 25/05/2022 - 00:58
Or so says Google after tracking 30+ vendors peddling surveillance malware

Spyware vendor Cytrox sold zero-day exploits to government-backed snoops who used them to deploy the firm's Predator spyware in at least three campaigns in 2021, according to Google's Threat Analysis Group (TAG).…

Categories: News

Patch now: Zoom chat messages can infect PCs, Macs, phones with malware

The Register - Tue, 24/05/2022 - 22:33
Google Project Zero blows lid off bug involving that old chestnut: XML parsing

Zoom has fixed a security flaw in its video-conferencing software that a miscreant could exploit with chat messages to potentially execute malicious code on a victim's device.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News