Patch your VMware gear now – or yank it out, Uncle Sam tells federal agencies

The Register - Thu, 19/05/2022 - 01:41
Critical authentication bypass revealed, older flaws under active attack

Uncle Sam's Cybersecurity and Infrastructure Security Agency (CISA) has issued two warnings in a single day to VMware users, as it believes the virtualization giant's products can be exploited by miscreants to gain control of systems.…

Categories: News

Meet Wizard Spider, the multimillion-dollar gang behind Conti, Ryuk malware

The Register - Wed, 18/05/2022 - 22:01
Russia-linked crime-as-a-service crew is rich, professional – and investing in R&D

Analysis  Wizard Spider, the Russia-linked crew behind high-profile malware Conti, Ryuk and Trickbot, has grown over the past five years into a multimillion-dollar organization that has built a corporate-like operating model, a year-long study has found.…

Categories: News

How these crooks backdoor online shops and siphon victims' credit card info

The Register - Wed, 18/05/2022 - 19:47
FBI and co blow lid off latest PHP tampering scam

The FBI and its friends have warned businesses of crooks scraping people's credit-card details from tampered payment pages on compromised websites.…

Categories: News

Your data's auctioned off up to 987 times a day, NGO reports

The Register - Wed, 18/05/2022 - 14:35
Irish Council on Civil Liberties said this is first time the scope of real-time bidding is being measured

The average American has their personal information shared in an online ad bidding war 747 times a day. For the average EU citizen, that number is 376 times a day. In one year, 178 trillion instances of the same bidding war happen online in the US and EU.…

Categories: News

Microsoft warns partners to revoke unused authorizations that drive <em>your</em> software

The Register - Wed, 18/05/2022 - 10:45
June debut of zero trust GDAP tool should make it harder for crims to attack through MSPs and resellers

Microsoft has advised its reseller community it needs to pay attention to the debut of improve security tooling aimed at making it harder for attackers to worm their way into your systems through partners.…

Categories: News

State of internet crime in Q1 2022: Bot traffic on the rise, and more

The Register - Wed, 18/05/2022 - 10:00
According to this cybersecurity outfit that wants your business, anyway

The fraud industry, in some respects, grew in the first quarter of the year, with crooks putting more human resources into some attacks while increasingly relying on bots to carry out things like credential stuffing and fake account creation.…

Categories: News

Monero-mining botnet targets Windows, Linux web servers

The Register - Wed, 18/05/2022 - 08:27
Sysrv-K malware infects unpatched tin, Microsoft warns

The latest variant of the Sysrv botnet malware is menacing Windows and Linux systems with an expanded list of vulnerabilities to exploit, according to Microsoft.…

Categories: News

FBI warns of North Korean cyberspies posing as foreign IT workers

The Register - Tue, 17/05/2022 - 23:58
Looking for tech talent? Kim Jong-un's friendly freelancers, at your service

Pay close attention to that resume before offering that work contract.…

Categories: News

Pentester pops open Tesla Model 3 using low-cost Bluetooth module

The Register - Tue, 17/05/2022 - 17:30
Anything that uses proximity-based BLE is vulnerable, claim researchers

Tesla Model 3 and Y owners, beware: the passive entry feature on your vehicle could potentially be fooled by a new form of relay attack.…

Categories: News

Google assuring open source code to secure software supply chains

The Register - Tue, 17/05/2022 - 17:00
Java and Python packages are the first on the list

Google has a plan — and a new product plus a partnership with developer-focused security shop Snyk — that attempts to make it easier for enterprises to secure their open source software dependencies.…

Categories: News

Facebook rated least safe e-commerce option in government rankings

The Register - Tue, 17/05/2022 - 08:55
Singapore's safety scheme measures scam-combatting capability

A newly implemented e-commerce rating system in the city-state of Singapore has rated Facebook's Marketplace as the least trustworthy e-commerce platform, behind Amazon and its Alibaba-owned Asian analogue Lazada.…

Categories: News

Europe moves closer to stricter cybersecurity standards, reporting regs

The Register - Tue, 17/05/2022 - 08:26
More types of biz fall under expanded rules – and fines for those who fall short

Europe has moved closer toward new cybersecurity standards and reporting rules following a provisional network and information systems agreement dubbed NIS2 by the European Council and Parliament. …

Categories: News

Venezuelan cardiologist charged with designing and selling ransomware

The Register - Tue, 17/05/2022 - 06:15
If his surgery was as bad as his opsec, this chap has caused a lot of trouble

The US Attorney’s Office has charged a 55-year-old cardiologist with creating and selling ransomware and profiting from revenue-share agreements with criminals who deployed his product.…

Categories: News

China reveals its top five sources of online fraud

The Register - Tue, 17/05/2022 - 04:31
'Brushing' tops the list, as quantity of forbidden content continue to rise

China’s Ministry of Public Security has revealed the five most prevalent types of fraud perpetrated online or by phone.…

Categories: News

US brings first-of-its-kind criminal charges of Bitcoin-based sanctions-busting

The Register - Mon, 16/05/2022 - 23:45
Citizen allegedly moved $10m-plus in BTC into banned nation

US prosecutors have accused an American citizen of illegally funneling more than $10 million in Bitcoin into an economically sanctioned country.…

Categories: News

Hackers are after your data. So why are you making it so easy for them?

The Register - Mon, 16/05/2022 - 18:15
Here’s how to tailor a security suite that suits you

Webinar  Some cyberattackers are out to cause mayhem, but the pros are really after one thing. Your data, whether that’s through exfiltration or encryption.…

Categories: News

San Francisco police use driverless cars for surveillance

The Register - Mon, 16/05/2022 - 11:36
Plus: Tech giants commit $30m to open-source security, miscreants breach DEA portal, and US signs cybercrime treaty

In brief  San Francisco police have been using driverless cars for surveillance to assist in law enforcement investigations.…

Categories: News

Shopping for malware: $260 gets you a password stealer. $90 for a crypto-miner...

The Register - Sat, 14/05/2022 - 01:16
We take a look at low, low subscription prices – not that we want to give anyone any ideas

A Tor-hidden website dubbed the Eternity Project is offering a toolkit of malware, including ransomware, worms, and – coming soon – distributed denial-of-service programs, at low prices.…

Categories: News

Ukrainian crook jailed in US for selling thousands of stolen login credentials

The Register - Fri, 13/05/2022 - 23:16
Touting info on 6,700 compromised systems will get you four years behind bars

A Ukrainian man has been sentenced to four years in a US federal prison for selling on a dark-web marketplace stolen login credentials for more than 6,700 compromised servers.…

Categories: News

Another ex-eBay exec admits cyberstalking web souk critics

The Register - Fri, 13/05/2022 - 21:04
David Harville is seventh to cop to harassment campaign

David Harville, eBay's former director of global resiliency, pleaded guilty this week to five felony counts of participating in a plan to harass and intimidate journalists who were critical of the online auction business.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News