FireEye publishes details of SolarWinds hacking techniques, gives out free tool to detect signs of intrusion

The Register - Tue, 19/01/2021 - 20:42
Instructions for spotting and keeping suspected Russians out of systems

Any organizations that used the backdoored SolarWinds network-monitoring software should take another look at their logs for signs of intrusion in light of new guidance and tooling.…

Categories: News

Labour Party urges UK data watchdog to update its Code of Employment Practices to tackle workplace snooping

The Register - Tue, 19/01/2021 - 14:21
Key doc hasn't been updated since 2018, warn politicos and trade union

The UK's Information Commissioner's Office needs to update its Code of Employment Practices to tackle workplace spying by bosses, the Prospect trade union and the Labour Party have said.…

Categories: News

AnyVan confirms digital break-in, says customer names, emails and hashed passwords exposed

The Register - Tue, 19/01/2021 - 08:45
Burglary took place 3 months before biz discovered unauthorised entry

Anyvan, the European online marketplace that lets users buy delivery, transport or removal services from a network of providers, has confirmed it was the victim of a digital burglary that involved the theft of customers' personal data.…

Categories: News

Scottish Environment Protection Agency refuses to pay ransomware crooks over 1.2GB of stolen data

The Register - Mon, 18/01/2021 - 18:35
Which is exactly what you should do

Scotland's environmental watchdog has confirmed it is dealing with an "ongoing ransomware attack" likely masterminded by international "serious and organised" criminals during the last week of 2020.…

Categories: News

Bye bye, said Trump admin to Huawei: You give a cheque-ie to our techies, but there's no licence to ply

The Register - Mon, 18/01/2021 - 17:00
And them good ol' boys revokin' sanction to buy, singin', 'Soon will come the day that we fly'

As parting gifts go, this one ranks pretty low. With less than three days until the inauguration of Joe Biden, the Trump Administration has reportedly revoked several licences that would allow Huawei to buy US-made tech, and plans to deny over 150 pending requests.…

Categories: News

Hallowed Buqtraq infosec list killed then resurrected over the weekend: We heard your feedback, says Accenture

The Register - Mon, 18/01/2021 - 07:05
Plus: Watch out for NTFS-corrupting folder, Mimecast hack, and more

In brief  Last week ended with news that the venerable infosec mailing list Bugtraq was being shutdown at the end of the month.…

Categories: News

Signal boost: Secure chat app is wobbly at the moment. Not surprising after gaining 30m+ users in a week, though

The Register - Fri, 15/01/2021 - 19:30
Install base explodes following WhatsApp 'privacy' update, Musk endorsement

Updated  Signal is experiencing a partial outage as tens of millions of netizens flood the free secure messaging service.…

Categories: News

Coming in at number 5, it's a blast from the past! Tenable's 2020 security flaw chart show features hits of yesteryear

The Register - Thu, 14/01/2021 - 18:37
You know that update thing? JFDI

Out of the top five vulnerabilities for 2020 three dated back to 2019 or earlier, according to infosec firm Tenable's annual threat report.…

Categories: News

Ministry of Defence's cyber warfare drive is helping burn a hole through its budget, warns UK's National Audit Office

The Register - Thu, 14/01/2021 - 14:56
All that counter-China stuff costs a pretty penny, y'know

The Ministry of Defence's multibillion budget overrun has been caused in part because of its spending splurge on flashy new "cyber" capabilities, according to the National Audit Office.…

Categories: News

Is a remote workforce making your organisation less secure?

The Register - Thu, 14/01/2021 - 07:00
And can SASE save us?

Webcast  Last year your bosses embraced remote working because, let’s face it, none of us had a choice.…

Categories: News

World’s largest dark-web marketplace shuttered after Euro cybercops cuff Aussie

The Register - Wed, 13/01/2021 - 08:26
20 DarkMarket servers siezed and probed in international raids

Europol cops have taken down dark-web souk DarkMarket, after arresting an Australian citizen living in Germany who they claim was operating the world's biggest online bazaar of its kind.…

Categories: News

Microsoft emits 83 security fixes in first Patch Tuesday of 2021 – and miscreants are already exploiting one of them

The Register - Tue, 12/01/2021 - 21:11
Redmond keeps us hanging with on-premises Exchange flaw still to be fixed

Patch Tuesday  Microsoft on Tuesday released updates addressing 83 vulnerabilities in its software, which doesn't include the 13 flaws fixed in its Edge browser last week.…

Categories: News

SolarWinds malware was sneaked out of the firm's Orion build environment 6 months before anyone realised it was there – report

The Register - Tue, 12/01/2021 - 19:35
Crowdstrike tech analysts explain how they think it slipped under the radar

The malware that was utilised to hack SolarWinds checked to see whether software used to compile the firm's Orion product was running before deploying its payload, according to Crowdstrike.…

Categories: News

Microsoft's beefed-up take on Linux server security has hit general availability

The Register - Tue, 12/01/2021 - 13:00
Endpoint Detection and Response added. For servers, not standalone Linux desktops, mind

After a few months in preview, Microsoft has made Defender Endpoint Detection and Response (EDR) generally available for Linux servers.…

Categories: News

In case you hadn't heard, SolarWinds was hacked by Moscow, says Kaspersky Lab

The Register - Tue, 12/01/2021 - 06:56
Brave move for Russian firm to finger its own govt over cyber badness

Kaspersky Lab reckons the SolarWinds hackers may have hailed from the Turla malware group, itself linked to Russia’s FSB security service.…

Categories: News

How I found a bug in YouTube that let me watch private videos I wasn't allowed to, says compsci student

The Register - Tue, 12/01/2021 - 05:55
Theft-by-a-thousand-cuts flaw fixed

Until early last year, Google's YouTube had a security flaw that made private videos visible at reduced resolution, though not audible, to anyone who knew or guessed the video identifier and possessed the technical knowledge to take advantage of the snafu.…

Categories: News

Ubiquiti iniquity: Wi-Fi box slinger warns hackers may have peeked at customers' personal information

The Register - Tue, 12/01/2021 - 02:42
Salted password hashes, addresses, phone numbers may have been exposed in cloud security snafu

Networking vendor Ubiquiti has written to its customers to advise them of a possible leak of their personal information.…

Categories: News

That's it. It's over. It's really over. From today, Adobe Flash Player no longer works. We're free. We can just leave

The Register - Tue, 12/01/2021 - 01:41
Post-Flashpocalypse, we stumble outside, hoping no one ever creates software as insecure as that ever again

Adobe has finally and formally killed Flash.…

Categories: News

Thou shalt not hack indiscriminately, High Court of England tells Britain's spy agencies

The Register - Mon, 11/01/2021 - 16:16
Choke chain tightened on 'general warrants' after Privacy International wins judicial review

A landmark High Court ruling has struck down Britain's ability to hack millions of people at a time through so-called "general warrants" in what privacy campaigners are hailing as a major victory.…

Categories: News

Unauthorised RAC staffer harvested customer details then sold them to accident claims management company

The Register - Mon, 11/01/2021 - 14:45
8-month suspended sentence for conspiracy to secure unauthorised access to computer data

An employee at emergency roadside rescue biz RAC has received an eight-month suspended prison sentence for unsanctioned access to computer systems that saw her sell customers' data to an accident claims management company.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News