News

If you want to see off next year’s cyber-threats, the time to prepare is … now

The Register - Fri, 26/11/2021 - 07:25
Fast forward into 2022 with Sophos’ Cybersecurity Summit 2021

Paid Post  Whatever sector you’re in, 2022 is likely to mean more and nastier cyber-threats.…

Categories: News

Microsoft Defender for Endpoint laid low. Not by malware, but by another buggy Windows patch

The Register - Thu, 25/11/2021 - 18:01
Only affects Windows Server Core, so that's alright then

A sad-faced Microsoft engineer has had to reset the "Days since we last shot ourselves in the foot" counter at the company's HQ after a security update broke Microsoft Defender for Endpoint on Windows Server Core.…

Categories: News

It’s about the survival of the fittest – CISOs must be brave enough to throw away their security playbook, or suffer the consequences

The Register - Thu, 25/11/2021 - 17:00
The Vectra Masked CISO series gives security leaders a place to expose the biggest issues in security and advise peers on how to overcome them.

Advertorial  I’m always asked what keeps me awake at night. Being targeted by APT groups? New ransomware strains?…

Categories: News

UK.gov emits draft IoT and smartphone security law for Parliamentary scrutiny

The Register - Thu, 25/11/2021 - 09:30
Mandatory vuln reporting, hefty fines for non-compliance

A new British IoT product security law is racing through the House of Commons, with the government boasting it will outlaw default admin passwords and more.…

Categories: News

Google advises passwords are good, spear phishing is bad, and free clouds get attacked

The Register - Thu, 25/11/2021 - 06:59
Ad giant's first stab at providing the 'world's premier security advisory' starts with the obvious

Google's Cybersecurity Action Team has released its first "threat horizon" report on the scary things it's found on the internet.…

Categories: News

Huawei's AppGallery riddled with malware-infected games

The Register - Thu, 25/11/2021 - 04:58
Cynos.7 trojan found its way into 9.3 million downloads

Cybersecurity researchers at anti-virus software company Dr Web have discovered a treasure trove of malware-laced Android games on Huawei's AppGallery.…

Categories: News

US bans Chinese firms – including one linked to HPE’s China JV – for feeding tech to Beijing's military

The Register - Thu, 25/11/2021 - 01:11
Other additions to Entity List are accused of helping Pakistan, North Korea make nukes, missiles

The US Dept of Commerce's Bureau of Industry and Security has added 27 companies to its list of entities prohibited from doing business with the USA on grounds they threaten national security – and one of the firms is associated with HPE’s Chinese joint venture H3C.…

Categories: News

Max Schrems hits Irish Data Protection Commissioner with corruption complaint

The Register - Wed, 24/11/2021 - 15:05
Watchdog argues 'fairness' in process should keep some documents confidential

Data privacy campaign group noyb, founded by Austrian lawyer Max Schrems, has filed a complaint with the Austrian Office for the Prosecution of Corruption (WKStA) for a potential violation of Austrian criminal laws by the Irish Data Protection Commission.…

Categories: News

Apple's Pegasus lawsuit a 'declaration of war' against offensive software developers, says Kaspersky director

The Register - Wed, 24/11/2021 - 13:12
Regional exec says Apple wants offensive researchers out of the field because they are harmful to the reputation of the company

Kaspersky's APAC director of Global Research and Analysis, Vitaly Kamlyuk, has called Apple's lawsuit against Pegasus maker NSO a "declaration of war against software developers."…

Categories: News

How a malicious Android app could covertly turn the DSP in your MediaTek-powered phone into an eavesdropping bug

The Register - Wed, 24/11/2021 - 11:00
Millions of devices potentially vulnerable, we're told

Check Point Research will today spill the beans on security holes it found within the audio processor firmware in millions of smartphones, which can be potentially exploited by malicious apps to secretly eavesdrop on people.…

Categories: News

Yes, ransomware is your number one security nightmare. But here’s how to sleep easy

The Register - Wed, 24/11/2021 - 07:30
Here’s a clue … it involves encryption

Advertorial  It may have escaped your notice, but last month was Cybersecurity Awareness month, and this year’s theme is “Do Your Part. Be #CyberSmart”.…

Categories: News

China trying to export its Great Firewall and governance model

The Register - Wed, 24/11/2021 - 02:56
Beware of Communists bearing internet governance proposals, says Australian Strategic Policy Institute

China is actively trying to export its internal internet governance model, according to a paper from the International Cyber Policy Centre at the Australian Strategic Policy Institute.…

Categories: News

Apple sues 'amoral 21st century mercenaries' NSO for infecting iPhones with Pegasus spyware

The Register - Tue, 23/11/2021 - 20:58
iGiant pledges any damages plus $10m to anti-cybersurveillance groups

Apple today sued NSO Group, which sells spyware to governments and other organizations, for infecting and snooping on people's iPhones.…

Categories: News

Zero-day proof-of-concept exploit lands for Windows make-me-admin vulnerability

The Register - Tue, 23/11/2021 - 20:21
InstallerFileTakeOver code pops up on GitHub

The day has a 'y' in it, so it must be time for another zero day to drop for a Microsoft product. In this case, a local privilege-elevation vulnerability to gain control of fully patched Windows 10, 11, and Server systems up to the 2022 build.…

Categories: News

Crypto for cryptographers! Infosec types revolt against use of ancient abbreviation by Bitcoin and NFT devotees

The Register - Tue, 23/11/2021 - 18:45
Complaints abound that yoof use it to mean 'digital currency'

Infosec must "reclaim" the word crypto from people who trade in Bitcoins and other digital currencies, according to industry veteran Bruce Schneier – and it seems some Reg readers agree.…

Categories: News

Alleged Brit SIM-swapper will kill himself if extradited to US for trial, London court told

The Register - Tue, 23/11/2021 - 16:10
'Exceptional' case involves 100 BTC payoff, judge told

A Briton accused of playing a pivotal role in an $8.5m SIM-swapping attack shouldn't be extradited to the US because he might commit suicide, making his an "exceptional" case, a court was told.…

Categories: News

UK Ministry of Justice secures HVAC systems 'protected' by passwordless Wi-Fi after Register tipoff

The Register - Tue, 23/11/2021 - 10:15
There's a default admin password online too

The Ministry of Justice has secured a set of Wi-Fi access points that potentially gave admin access to industrial control equipment after a tipoff by The Register.…

Categories: News

Infosec bods: After more than a year, Sky gets round to squashing hijacking bug in 6m home broadband routers

The Register - Tue, 23/11/2021 - 07:31
Plus: DNS cache poisoning again, cops probe property conveyancing group's IT outage, Azure hole addressed, and more

In brief  Sky has fixed a flaw in six million of its home broadband routers, and it only took the British broadcaster'n'telecoms giant a year to do so, infosec researchers have said.…

Categories: News

Indian bank smacks down allegation it exposed 180 million customers' accounts

The Register - Tue, 23/11/2021 - 01:58
Infosec firm says it found unpatched software, Bank admits Exchange may not have been in the best shape

India's Punjab National Bank has smacked down a security firm's allegation that it exposed personal and financial data of its 180 million customers – but appears to have admitted its Exchange Server implementation wasn't in tip-top shape.…

Categories: News

SSL keys, sFTP passwords and more exposed after someone broke into GoDaddy Managed WordPress using 'compromised password'

The Register - Mon, 22/11/2021 - 20:37
Yikes: Up to 1.2 million customers affected

GoDaddy has admitted to America's financial watchdog that one or more miscreants broke into its systems and potentially accessed a huge amount of customer data, from email addresses to SSL private keys.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News