Ecommerce platforms (cough, Magento) need patching before Black Friday, warns UK's National Cyber Security Centre

The Register - Mon, 22/11/2021 - 17:14
You're your own security team, remember?

If you run a small online business powered by the Magento ecommerce platform, Britain's National Cyber Security Centre (NCSC) is begging you to make sure it's fully patched ahead of Black Friday.…

Categories: News

Turbine maker Vestas Wind Systems admits to cyber incident, refuses to confirm if ransomware is at play

The Register - Mon, 22/11/2021 - 14:10
Company data compromised but not systems containing customer or supplier information

Vestas Wind Systems, one of the world's largest makers of wind turbines, today confirmed company data has been compromised in a "cyber security incident" that forced the firm to isolate parts of its IT infrastructure.…

Categories: News

Nigeria's central bank digital currency is 'same Naira, more possibilities' – if you count government snooping

The Register - Mon, 22/11/2021 - 11:00
Privacy challenges and rushed implementation should make this cash alternative much less attractive

Opinion  Nigeria recently became the first African country to launch its central bank digital currency (CBDC), the eNaira. However, there are significant privacy challenges that could make eNaira a lot less attractive.…

Categories: News

A tiny typo in an automated email to thousands of customers turns out to be a big problem for legal

The Register - Mon, 22/11/2021 - 08:30
Unexpected consequences of the SQL Slammer worm

Who, Me?  Do you check your emails before sending them? Re-read a dozen times but still that typo sneaks through? Welcome to a Who, Me? in which a reader learns that one mistyped letter can result in a visit from the legal department.…

Categories: News

After four bans, TikTok finally passes the Pakistan challenge

The Register - Mon, 22/11/2021 - 04:59
Video app promises not to let naughty content cross the border, and to ban those who try

Pakistan has allowed TikTok to resume operations on its soil.…

Categories: News

Amazon India execs charged after sellers allegedly use site to smuggle marijuana

The Register - Mon, 22/11/2021 - 03:58
Ganja believe it? Seller claimed to sell 'Stevia leaves', but shifted a tonne of wacky 'baccy before being busted

Police in the Indian state of Madhya Pradesh have charged Amazon India executives under narcotics laws, after uncovering a marijuana smuggling operation centered around the e-commerce website.…

Categories: News

Defending critical infrastructure: The status quo isn’t working

The Register - Fri, 19/11/2021 - 07:30
AI can help thwart attacks before they affect operations

Paid Feature  Cyber-attacks aren't just about siphoning bank accounts. They're also targeting critical national infrastructure, warn experts – and we're not doing a very good job of preventing them. How can we stop the rot and protect the systems that funnel our oil, carry our electricity, and manage our water, among other things?…

Categories: News

Web trust dies in darkness: Hidden Certificate Authorities undermine public crypto infrastructure

The Register - Fri, 19/11/2021 - 04:00
Boffins measure the black hole of dubious certs and find it troubling

Security researchers have checked the web's public key infrastructure and have measured a long-known but little-analyzed security threat: hidden root Certificate Authorities.…

Categories: News

Canadian teen nabbed in $36.5M crypto heist – possibly the biggest haul yet by a single individual

The Register - Thu, 18/11/2021 - 23:04
Plus, US gov to sell off $56M of Bitcoin – the largest single sum recovered so far from a cryptocurrency fraud

A Canadian teenager has been arrested for allegedly stealing $37 million worth of cryptocurrency ($46M Canadian) via a SIM swap scam, making it the largest virtual cash heist affecting a single person yet, according to police.…

Categories: News

Boffins find way to use a standard smartphone to find hidden spy cams

The Register - Thu, 18/11/2021 - 22:43
Smartphones now have lasers so we're gonna use them to find voyeurs

Recent model smartphones can be smarter still about finding hidden cameras in their vicinity, if they take advantage of time-of-flight (ToF) sensors.…

Categories: News

Thousands of Firefox users accidentally commit login cookies on GitHub

The Register - Thu, 18/11/2021 - 20:04
GitHub: 'Credentials exposed by our users are not in scope'

Thousands of Firefox cookie databases containing sensitive data are available on request from GitHub repositories, data potentially usable for hijacking authenticated sessions.…

Categories: News

What’s the biggest threat to your best-laid plans? Events, dear boy. Events

The Register - Thu, 18/11/2021 - 14:00
Learn how to build a resilient disaster response plan

Webinar  You can’t predict when a disaster will strike your organisation, whether it’s extreme weather, workplace violence, or a cyber attack.…

Categories: News

Singaporean regulator punishes biggest-ever data breach: almost 5.9 million hotel customers' info exposed

The Register - Thu, 18/11/2021 - 04:01 left red-faced after leaving AWS access key in an APK

Singapore's Personal Data Protection Commission (PDPC) has issued a fine of SG$74,000 ($54,456) on travel company Commeasure, which operates a travel booking website named RedDoorz that exposed 5.9 million customers' data – the largest data breach handled by the Commission since its inception.…

Categories: News

Cybercriminals are looking forward to 2022, so you need to plan your response now

The Register - Wed, 17/11/2021 - 18:00
Rapid7's 2022 Planning webinars are here to help

Paid Post  Is it too early to be thinking about cybersecurity in 2022? That’s an easy one ... of course not.…

Categories: News

UK government publishes guidance on security rules for tech takeovers

The Register - Wed, 17/11/2021 - 11:46
National Security and Investment Act 2021 give ministers power to halt M&As

The UK government has published guidance describing what technologies may be caught within the National Security and Investment Act 2021, which is set to give ministers the power to halt mergers and acquisitions.…

Categories: News

You wanna use GCHQ offshoot NCSC's threat intel feeds? Why not, say bosses

The Register - Wed, 17/11/2021 - 11:15
Annual review boasts of fending off health org attacks

Britain's National Cyber Security Centre is prepared to share its cyber defence tech and threat intel feeds with British organisations in need of extra help, it said at the launch of its annual review today.…

Categories: News

South Korean privacy watchdog apologises for violating privacy while mediating privacy lawsuit

The Register - Wed, 17/11/2021 - 05:15
You had one job …

South Korea's privacy watchdog leaked personal information relating to participants in a case that sought to probe Facebook's leak of personal information.…

Categories: News

The inside story of ransomware repeatedly masquerading as a popular JS library for Roblox gamers

The Register - Tue, 16/11/2021 - 21:46
Ongoing typosquatting attacks target kids as Discord drags its feet

Since early September, Josh Muir and five other maintainers of the noblox.js package, have been trying to prevent cybercriminals from distributing ransomware through similarly named code libraries.…

Categories: News

Lock up your Office macros: Emotet botnet back from the dead with Trickbot links

The Register - Tue, 16/11/2021 - 19:57
Nice to have nearly a year off from that malspam threat, but now it's returned

The Emotet malware delivery botnet is back, almost a year after law enforcement agencies bragged about shutting it down and arresting the operators.…

Categories: News

GitHub fixes authorisation vulnerability in the NPM JavaScript package registry

The Register - Tue, 16/11/2021 - 17:33
Flaw allowed 'an attacker to publish new versions of any npm package'

GitHub said it has fixed a longstanding issue with the NPM (Node Package Manager) JavaScript registry that would allow an attacker to update any package without proper authorisation.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News