US govt accuses four Chinese Army soldiers of hacking Equifax and stealing 145 million Americans' data

The Register - Mon, 10/02/2020 - 18:41
It was a state-sponsored attack, declares US Attorney General

The United States has announced criminal charges against four Chinese Army soldiers who, it is claimed, are the hackers who stole 145 million Americans’ personal data from credit scorer Equifax.…

Categories: News

Facebook loses control of its own Twitter account in hacker attack – and more news

The Register - Mon, 10/02/2020 - 06:09
Including: Why was #RootGoat2020 trending on Twitter? It is as silly as you think

Roundup  It's time yet again to recap the latest security happenings.…

Categories: News

Google Chrome to block file downloads – from .exe to .txt – over HTTP by default this year. And we're OK with this

The Register - Fri, 07/02/2020 - 20:44
'I'm sorry, Dave, I'm afraid I can't fetch that document'

Continuing to drop flame retardant on the dumpster fire that is web security, Google on Thursday said it will soon prevent Chrome users from downloading files over insecure, plain old, unencrypted HTTP.…

Categories: News

Uncle Sam tells F-35B allies they'll have to fly the things a lot more if they want to help out around South China Sea

The Register - Fri, 07/02/2020 - 16:24
Plus: Move to Agile is 'high risk' and infosec snafus still not fixed

British F-35Bs deploying to the South China Sea next year may not meet key reliability metrics set by an American government watchdog, its annual report has revealed.…

Categories: News

Day 4 of outage: UK's Manchester police deploy exciting new carbon-based method to record crime

The Register - Fri, 07/02/2020 - 15:27
It may or not involve office stationery

Greater Manchester Police is struggling with a partial outage of a Capita-built computer system used by frontline officers to input information.…

Categories: News

Android owners – you'll want to get these latest security patches, especially for this nasty Bluetooth hijack flaw

The Register - Fri, 07/02/2020 - 06:04
'Pwned with a broadcast' bug among 25 to be patched by Google

Google has posted the February security updates for Android, including for a potentially serious remote code execution flaw in Bluetooth.…

Categories: News

Good: IT admins scrambled to patch 80 per cent of public-facing Citrix boxes to close nightmare hijack hole

The Register - Thu, 06/02/2020 - 21:42
Bad: The other 20 per cent are still wide open. Also bad: Some of those patched machines may have been hacked

Roughly a fifth of the public-facing Citrix devices vulnerable to the CVE-2019-19781 remote-hijacking flaw, aka Shitrix, remain unpatched and open to remote attack.…

Categories: News

Researchers reckon 500k PCs infested with malware after dodgy downloads install even more nasties from Bitbucket

The Register - Thu, 06/02/2020 - 13:45
That 'free' Adobe or Microsoft software isn't all it's cracked up to be, eh?

We don't know who needs to hear this, but don't download cracked commercial software. Researchers claim more than 500,000 PCs have been left wriggling with malware after a cracked app went on to retrieve further nasties from Bitbucket repos.…

Categories: News

LCD pwn System: How to modulate screen brightness to covertly transmit data from an air-gapped computer... slowly

The Register - Thu, 06/02/2020 - 06:09
To be honest, it was the impracticality and inefficiency that first attracted us to this otherwise cunning exfiltration

Boffins from Ben-Gurion University of the Negev and Shamoon College of Engineering in Israel have come up with yet another TEMPEST-style attack to exfiltrate data from an air-gapped computer: leaking binary signals invisibly by slightly modulating the light coming off its monitor.…

Categories: News

Yahoo<i>!</i> hack<i>!</i> payout<i>!</i> nearly<i>!</i> approved<i>!</i> and<i>!</i> the<i>!</i> question<i>!</i> is<i>!</i> how<i>!</i> to<i>!</i> spend<i>!</i> 60<i>!</i> cents<i>!</i>?

The Register - Thu, 06/02/2020 - 01:57
Now all you have to do is remember what your Y! email address was amid sounds of lawyers popping champagne

Long-suffering Yahoo! customers may finally get some compensation for having their personal details exposed to hackers not once, not twice, not three times, nor four times, but five times between 2012 and 2016.…

Categories: News

Terrifying bug in WhatsApp allows hackers to steal files. So get patching all nine of you using it on the desktop

The Register - Wed, 05/02/2020 - 23:56
Dear Facebook, please keep up with Electron and Chromium fixes, ta

A vulnerability in WhatsApp could be exploited to remotely access a victim's files on their computer – if they use the desktop client paired with the iPhone app. A patch has been issued and should be installed.…

Categories: News

Sketchy behavior? Wacom tablet drivers phone home with names, times of every app opened on your computer

The Register - Wed, 05/02/2020 - 21:48
'Why does a device that is essentially a mouse need a privacy policy?'

FYI: Wacom's official tablet drivers leak to the manufacturer the names of every application opened, and when, on the computers they are connected to.…

Categories: News

Time to patch your lightbulb? Researchers demonstrate Philips Hue exploit

The Register - Wed, 05/02/2020 - 20:16
First the lightbulb. Then the controller. Then your internal network.

Researchers at Check Point have demonstrated how to infect a network with malware via a simple IoT device, a Philips Hue smart lightbulb.…

Categories: News

RIP FTP? File Transfer Protocol switched off by default in Chrome 80

The Register - Wed, 05/02/2020 - 18:48
You can turn it back on, but why?

Chrome 80 emerged from Google this week with a few more nails to hammer into the coffin of the venerable File Transfer Protocol (FTP).…

Categories: News

Oh ****... Sudo has a 'make anyone root' bug that needs to be patched – if you're unlucky enough to enable pwfeedback

The Register - Wed, 05/02/2020 - 18:02
Most distros unaffected unless defaults were changed, but do check

Sudo, a standard tool on Unix-y operating systems that lets select users run some or all commands as root, can be exploited to give superpowers to any logged-in user – if deployed with a non-default configuration.…

Categories: News

They can't collect your bins or fix your roads. They let Google stalk visitors to their websites. Yes, it's UK local government

The Register - Wed, 05/02/2020 - 16:45
So use our browser, Brave implies

A new report by privacy-focused browser Brave suggests UK local authorities are sharing information about their website users with dozens of private companies.…

Categories: News

Google Takeout a bit too true to its name after potentially 1000s of private videos shared with complete strangers

The Register - Wed, 05/02/2020 - 00:48
1% of 1% of users affected, but as it's Google that's still in the six figures

A bug in Google's Photo software caused potentially 100,000 or more netizens to have their personal videos exposed to complete strangers last Thanksgiving.…

Categories: News

Is Chrome really secretly stalking you across Google sites using per-install ID numbers? We reveal the truth

The Register - Wed, 05/02/2020 - 00:22
El Reg digs into claims by Kiwi browser maker that ad giant is not GDPR compliant

Analysis  Google is potentially facing a massive privacy and GDPR row over Chrome sending per-installation ID numbers to the mothership.…

Categories: News

This is not Huawei to reassure people about Beijing's spying eyes: Trivial backdoor found in HiSilicon's firmware for net-connected cams, recorders

The Register - Tue, 04/02/2020 - 22:26
Crap security? Shocked, shocked, we tell you

This may shock you, but Huawei effectively built a poorly hidden, insecure backdoor into surveillance equipment that uses its HiSilicon subsidiary's chips, it appears.…

Categories: News

Malware infection attempts appear to be shrinking... possibly because miscreants are less spammy and more focused on specific targets

The Register - Tue, 04/02/2020 - 21:18
Or so clams this vendor's marketing

Attempts to infect computers with ransomware and other malware over networks are decreasing, reckons infosec outfit Sonicwall.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News