News

Web hacker 'Alfabeto Virtual' thrown in the clink for 3 months by US judge who wanted to 'send a message'

The Register - Wed, 27/02/2019 - 23:39
By contrast, Russian hack-treason trial ends with 22-year sentence and accusations of foul play

A US judge this week sentenced website hacker Billy Anderson to three months behind bars, refusing his lawyer's request not to put him in jail, in order to "send a message" to others.…

Categories: News

Intel: Let's talk about SGX, baby. Let's talk about 2U and me. Let's talk about all the good things, and the bad...

The Register - Wed, 27/02/2019 - 22:20
Chipzilla rips sticker off its graphics accelerator, switches off GPU – now you're a security wizard, Harry!

RSA  Intel is touting a PCIe card packed with SGX tech to plug into servers in time for next week's RSA conference in San Francisco.…

Categories: News

Friendly reminder to Drupal admins: Secure your sh!t before latest RCE-holes get you

The Register - Wed, 27/02/2019 - 18:21
Last week's disclosures are now this week's live attacks

Just days after a remote code execution flaw in open-source web publishing software Drupal was made public, researchers have already spotted live exploits in the wild – reinforcing the need for admins to patch and update their sites immediately.…

Categories: News

Card-Skimming Scripts Hide Behind Google Analytics, Angular

Kapersky Labs - Wed, 27/02/2019 - 17:24
The campaign is marked by a significant level of customization, with an “individualized yet very consistent approach to every compromise.
Categories: News

Ring Doorbell Flaw Opens Door to Spying

Kapersky Labs - Wed, 27/02/2019 - 17:19
Researchers are urging Ring users to update to the latest version of the smart doorbell after a serious flaw triggered privacy concerns.
Categories: News

Cisco Patches High-Severity Webex Vulnerability For Third Time

Kapersky Labs - Wed, 27/02/2019 - 16:42
Third time's hopefully a charm for Cisco, which has patched a high-severity flaw once again in its Webex video conferencing platform.
Categories: News

Thunderclap Flaws Shatter Peripheral Security

Kapersky Labs - Wed, 27/02/2019 - 15:45
Many machines, including almost all Apple laptops and desktops produced since 2011, are vulnerable to data exfiltration via weaponized peripherals.
Categories: News

Running Elasticsearch 1.4.2 or earlier? There's targeted malware going for your boxen

The Register - Wed, 27/02/2019 - 13:59
Yes it's years out of date but there's no such thing as security through obscurity

Cisco's security limb has spotted nefarious people targeting Elasticsearch clusters using relatively ancient vulns to plant malware, cryptocurrency miners and worse – though it does root out some other cybercrims’ dodgy wares, cuckoo-style.…

Categories: News

Bronze Union APT Updates Remote Access Trojans in Fresh Wave of Attacks

Kapersky Labs - Wed, 27/02/2019 - 12:30
The China-linked threat group has returned in 2018 using updated RATs to launch its attacks, including ZxShell, Gh0st RAT, and SysUpdate malware.
Categories: News

Protect you and your biz by learning the tricks of cyber criminals' trade at SANS London in March

The Register - Wed, 27/02/2019 - 08:02
Choose between 10 intensive training courses

Promo  However sophisticated computer systems become, skilled and determined cyber criminals manage to find endless new and more ingenious ways of breaking in to steal data or hold organisations to ransom.…

Categories: News

Ready for another fright? Spectre flaws in today's computer chips can be exploited to hide, run stealthy malware

The Register - Wed, 27/02/2019 - 06:08
Honey, I've shrunk the spyware and concealed it with speculative execution

Spectre – the security vulnerabilities in modern CPUs' speculative execution engines that can be exploited to steal sensitive data – just won't quietly die in the IT world.…

Categories: News

You've got Thunderclap! macOS, Windows pwnage via peripherals is back in black

The Register - Tue, 26/02/2019 - 22:40
Open memory defenses allow mischief from connected kit

Computers have enough trouble defending sensitive data in memory from prying eyes that you might think it would be unwise to provide connected peripherals with direct memory access (DMA).…

Categories: News

Up up and Huawei in my beautiful buffoon: Trump sparks panic by tying tech kit ban, charges to China trade negotiations

The Register - Tue, 26/02/2019 - 22:05
National security, sanctions allegations, pfft, you don't understand the art of the deal

Efforts to pressure the White House into banning Huawei hardware from America's networks may have backfired.…

Categories: News

Latest 4G, 5G phone-location slurp attack is a doozy, but won't Torpedo Average Joe or Jane

The Register - Tue, 26/02/2019 - 19:34
Needs manpower, bags of time, full knowledge of target

Analysis  A group of infosec researchers have uncovered neat ways to track a phone's location via 4G or 5G. However, the mechanics of the surveillance, while fascinating, are difficult to pull off for all but the most determined foe.…

Categories: News

‘Cloudborne’ IaaS Attack Allows Persistent Backdoors in the Cloud

Kapersky Labs - Tue, 26/02/2019 - 18:46
A known vulnerability combined with a weakness in bare-metal server reclamation opens the door to powerful, high-impact attacks.
Categories: News

Harassment, hate and bile, suicide instructions for kids... anything else social media's good at? Ah yes, cybercrime

The Register - Tue, 26/02/2019 - 18:04
Businesses as well as ordinary punters hit by viral nasties

Antisocial media sites like Facebook, LinkedIn, Twitter, and YouTube aren't merely inciting hatred, enabling discrimination, driving content moderators to the brink, and showing kids how to commit suicide. They're also making cybercrime more practical and profitable, at the expense of law-abiding internet users.…

Categories: News

High-Severity SHAREit App Flaws Open Files for the Taking

Kapersky Labs - Tue, 26/02/2019 - 16:33
SHAREit has fixed two flaws in its app that allow bad actors to authenticate their devices and steal files from a victim's device.
Categories: News

Critical WinRAR Flaw Found Actively Being Exploited

Kapersky Labs - Tue, 26/02/2019 - 14:51
The spam campaign is being used to spread a malicious .exe file, taking advantage of a vulnerability in WinRAR which was patched in January.
Categories: News

Who needs malware? IBM says most hackers just PowerShell through boxes now, leaving little in the way of footprints

The Register - Tue, 26/02/2019 - 11:00
Direct-to-memory attacks now account for 57 per cent of hacks, apparently

A company's internal network, once compromised, is now more likely to be ransacked by automated scripts than a piece of malware.…

Categories: News

Jeez, what a Huawei to go: Now US senators want Chinese kit ripped out of national leccy grid

The Register - Mon, 25/02/2019 - 20:44
Red scare reaches new heights as intel committee urges further crackdown on network-connected gear

Equipment made by Chinese electronics giant Huawei could be torn out of America's electrical grid, if US senators get their way.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News