News

So you can't find enough cyber-security experts to join the team. Time to dial a managed security service provider?

The Register - Fri, 09/08/2019 - 21:36
The benefits of outsourcing your IT's infosec – and what to look for. Here's our gentle guide for you

Backgrounder  Managed security services are – by revenue – the fastest expanding field of cyber security, according to IDC, which reckons they should grow at a compound annual growth rate of 14.2 per cent to 2022. Gartner says managed and subscription-based security services will account for half of all cyber-security spending by 2020.…

Categories: News

Who will save us from deepfakes? Other AIs? Humans? What about vastly hyperintelligent pandimensional beings?

The Register - Fri, 09/08/2019 - 12:04
Maybe Douglas Adams was right about mice

Black Hat  Deepfakes, the AI-generated talking heads that can say whatever their creator wants them to, are getting harder to detect. But boffins have enlisted an unlikely ally in the quest for truth – mice.…

Categories: News

Talk about unintended consequences: GDPR is an identity thief's dream ticket to Europeans' data

The Register - Fri, 09/08/2019 - 09:15
Revenge plan morphs into data leak discovery

Black Hat  When Europe introduced the General Data Protection Regulation (GDPR) it was supposed to be a major step forward in data safety, but sloppy implementation and a little social engineering can make it heaven for identity thieves.…

Categories: News

You can easily secure America's e-voting systems tomorrow. Use paper – Bruce Schneier

The Register - Fri, 09/08/2019 - 02:24
As it emerges non-internet-connected election systems are actually connected to the internet

Black Hat  While various high-tech solutions to secure electronic voting systems are being touted this week to election officials across the United States, according to infosec guru Bruce Schneier there is only one tried-and-tested approach that should be considered: pen and paper.…

Categories: News

Pwn an iPhone to bank $1m, Check Point gripes about WhatsApp privacy again, Broadcom eats Symantec enterprise biz

The Register - Fri, 09/08/2019 - 01:30
Apple expands bug bounties, and more from Vegas this week

Black Hat  Here's a quick summary of some important infosec happenings from inside and outside the Black Hat USA conference in Las Vegas on Thursday.…

Categories: News

How powerful are Russian hackers? One new law could transform global crime operations

The Register - Thu, 08/08/2019 - 14:00
Moscow's 'sovereign internet' effort means new rules for the bad guys too

Black Hat  The introduction of Russia's Sovereign Internet rules is having an impact on the way criminal hackers around the world do business.…

Categories: News

Transport for London Oyster system pulled offline after miscreants enter customers' accounts

The Register - Thu, 08/08/2019 - 12:38
Public sector bods blame users recycling logins

Exclusive  Transport for London's online Oyster travel smartcard system has been accessed by miscreants using customer credentials, The Reg can reveal, as the transport authority keeps the website offline for a second day.…

Categories: News

WTF is Boeing on? Not just customer databases lying around on the web. 787 jetliner code, too, security bugs and all

The Register - Thu, 08/08/2019 - 07:56
Fears of cyber-hijackings? That's plane crazy, says Dreamliner maker

Black Hat  A Black Hat presentation on how to potentially hijack a 787 – by exploiting bugs found in internal code left lying around on a public-facing server – was last night slammed as "irresponsible and misleading" by Boeing.…

Categories: News

FBI, NSA to hackers: Let us be blunt. Weed need your help. We'll hire you even if you've smoked a little pot in the past

The Register - Thu, 08/08/2019 - 05:21
Now that's what we call a joint task force: Uncle Sam chills out, relaxes recruitment rules on drugs

Black Hat  America's crime-fighters, desperate to recruit white-hat hackers to collar spies and cyber-crooks, have been quietly and slightly relaxing the ban on hiring anyone who has used illegal drugs.…

Categories: News

Hack computers to steal someone's identity in China? Why? You can just buy one from a bumpkin for, like, $3k

The Register - Wed, 07/08/2019 - 21:09
Exploit an 3l33t zero-day and reverse-shell that backend DB proxy server... or simply pay this farmer off

Black Hat  Black Hat founder Jeff Moss opened this year's shindig in Las Vegas with tales of quite how odd the hacking culture in China is.…

Categories: News

Hack-age delivery! Wardialing, wardriving... Now warshipping: Wi-Fi-spying gizmos may lurk in future parcels

The Register - Wed, 07/08/2019 - 19:36
Maybe, maybe not. These hack-in-a-box widgets are something to think about at least, says Big Blue

Black Hat  IBM's X-Force hacking team have come up with an interesting variation on wardriving – you know, when you cruise a neighborhood scouting for Wi-Fi networks. Well, why not try using the postal service instead, and called it "warshipping," Big Blue's eggheads suggested earlier today.…

Categories: News

Your mid-week infosec news bonanza: Cisco bugs, VMware-Nvidia guest escapes, KDE hijacking, and more

The Register - Wed, 07/08/2019 - 01:40
Including: Microsoft spins up Azure security lab, offers more bug bounty cash

Roundup  Before letting the IT staff clock out early this week, make sure they read up on the following security notices out this week.…

Categories: News

Deja-woooo: Intel, AMD chips running Windows potentially vulnerable to scary Spectre variant

The Register - Wed, 07/08/2019 - 00:01
SWAPGS can be abused to siphon sensitive secrets from kernel memory, patches already available

Spectre – a family of data-leaking side-channel vulnerabilities arising from speculative execution that was disclosed last year and affects various vendors' chips – has a new sibling that bypasses previous mitigations.…

Categories: News

They say piracy killed the Amiga. Know what else it's killing? Malware sales. Awww, diddums

The Register - Tue, 06/08/2019 - 22:36
Trojan devs give up after seeing hard work ripped off, copied between crooks

BSides LV  Life’s tough as a malware developer. If the cops or Feds don't collar you, your fellow scumbags will screw you over – or perhaps both will happen.…

Categories: News

There's fraud, and then there's backdoor routers, fenced logins, malware, and bribing AT&T staff seven figures to unlock 2m phones

The Register - Tue, 06/08/2019 - 19:28
Pakistani bloke extradited to US, accused of masterminding telco hack caper

AT&T staff were bribed $1m to slip the codes to unlock two million smartphones to a gang operating out of Pakistan, US prosecutors have claimed.…

Categories: News

Add passwords to list of stuff CafePress made hash of storing, says infoseccer. 11m+ who used Facebook 'n' pals to sign in were lucky

The Register - Tue, 06/08/2019 - 18:09
11m other leaked users' p-words hashed with SHA-1

Passwords were among the 23 million customer records siphoned from CafePress by hackers – and the site was using the less secure SHA-1 hashing algorithm to store half of its users' credentials.…

Categories: News

Need to automatically and securely verify a download is legit? You bet rget this new tool

The Register - Tue, 06/08/2019 - 08:04
Wget's? I've had a few.... but then again, it's better to cryptographically check the contents of that executable

Brandon Philips, a member of the technical staff at Red Hat, has created a software tool called rget for Linux, macOS, and Windows, to make it easier to determine whether downloaded files can be trusted.…

Categories: News

It's 2019 – and you can completely pwn a Qualcomm-powered Android over the air

The Register - Tue, 06/08/2019 - 06:56
Grab security patches now from chip designer, Google

Black Hat  It is possible to thoroughly hijack a nearby vulnerable Qualcomm-based Android phone, tablet, or similar gadget, via Wi-Fi, we learned on Monday. This likely affects millions of Android devices.…

Categories: News

PIN the blame on us, says Monzo in mondo security blunder: Bank card codes stored in log files as plain text

The Register - Tue, 06/08/2019 - 06:09
Why bother go for databases when insecure log files appears to be where all the data is at

Trendy online-only Brit bank Monzo is telling hundreds of thousands of its customers to pick a new PIN – after it discovered it was storing their codes as plain-text in log files.…

Categories: News

F-B-Yikes! FBI bod allegedly hid spy camera under desk to snap coworker's upskirt pics

The Register - Tue, 06/08/2019 - 00:15
Of all the places to allegedly try this, the J Edgar Hoover HQ ain't one. In fact, no, no building is good. None of them

An FBI contractor has pleaded not guilty to charges that he installed a camera under a coworker's desk to satisfy his "voyeur" fetish.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News