News

What's the last piece of software you'd expect to spy on you? Maybe your enterprise security suite? Bad news

The Register - Wed, 31/07/2019 - 14:00
Report finds enterprise software collecting and shipping out sensitive customer information

Enterprise security, analytics, and hardware management tools - the very tools used to keep data safe - are collecting and sharing far more information than customers might think.…

Categories: News

Lancaster Uni cordons off breached systems a week after thousands of folks' data pinched

The Register - Wed, 31/07/2019 - 12:19
Educator, learn thyself. Prevention is better than cure

Lancaster University has started withdrawing non-business-critical access to a breached student database – more than a week after the apparent hack took place.…

Categories: News

Hack a small airplane? Yes, we CAN (bus) – once we physically break into one, get at its wiring, plug in evil kit...

The Register - Wed, 31/07/2019 - 00:18
PASSENGERS IN PERIL? CRISIS IN THE SKIES? No – but neat ways to frig with your own aircraft

An investigation into the computer security of small airplanes, the results of which were made public this week, will be sure to generate some flashy headlines. However, there are important caveats.…

Categories: News

Watch as ten cops with guns and military camo storm suspected Capital One hacker's house…

The Register - Tue, 30/07/2019 - 22:13
What's that? They found 20 weapons and the landlord was linked to a truck bomb assassination? Oh sheeeeet

Vid  Newly released footage showing cops storming the house of the woman accused of hacking Capital One's cloud servers to steal 106 million people's personal information, has again raised questions about the over-militarization of the American police force.…

Categories: News

Update LibreOffice now to thwart silent macro viruses – and here's how pwn those who haven't patched their suite yet

The Register - Tue, 30/07/2019 - 19:28
Vulnerable version still on main download page, use 6.2.5 instead

The Document Foundation has recently patched LibreOffice, its open-source office suite, to fix an issue where documents can be configured to run macros silently on opening.…

Categories: News

Hacker swipes personal deets of 20,000 peeps from under Los Angeles Police Dept's nose

The Register - Tue, 30/07/2019 - 19:26
Tight-lipped plod say cybercrook emailed them sample of stolen data

Around 20,000 Los Angeles Police Department job-seekers and officers have had their personal data nicked, the force has confirmed.…

Categories: News

Capital One gets Capital Done: Hacker swipes personal info on 106 million US, Canadian credit card applicants

The Register - Tue, 30/07/2019 - 01:16
180,000 SSNs nicked, Seattle woman cuffed, charged

Developing  A hacker raided Capital One's cloud storage buckets and stole personal information on 106 million credit applicants in the US and Canada.…

Categories: News

Microsoft preps to purge its cloud access security broker of shonky crypto protocols TLS 1.0, 1.1

The Register - Mon, 29/07/2019 - 23:00
Still not migrated? You have until 8 September

Transport Level Security (TLS) 1.0 and 1.1 is to be axed for users of Microsoft Cloud App Security (MCAS) from 8 September as the company shores up security with a requirement for TLS 1.2+.…

Categories: News

Oh sh*t's, 11: VxWorks stars in today's security thriller – hijack bugs discovered in countless gadgets' network code

The Register - Mon, 29/07/2019 - 21:36
Equipment in hospitals, factories, offices, etc potentially vulnerable to attack

Wind River has patched 11 security vulnerabilities in VxWorks that can be potentially exploited over networks or the internet to commandeer all sorts of equipment dotted around the planet.…

Categories: News

Android exploit code emerges, ransomware goes south, Citrix calls off hack probe, and more

The Register - Mon, 29/07/2019 - 15:09
Plus: RobinHood admits to password gaffe

Roundup  Here's a quick summary of what's been happening in the infosec world lately, beyond what we've already reported.…

Categories: News

Dear hackers: If you try to pwn a website for phishing, make sure it's not the personal domain of a senior Akamai security researcher

The Register - Mon, 29/07/2019 - 13:00
Crooks fail to hijack infosec bloke's site to dress it up as a legit Euro bank login page

Think you have bad luck? Imagine being the script kiddie who inadvertently tried and failed to pwn an Akamai security pro.…

Categories: News

Brit infosec firms urge PM Boris to reform the Computer Misuse Act

The Register - Mon, 29/07/2019 - 10:00
Let us compete globally, say threat intel outfits

A group of British infosec companies has written to UK prime minister Boris Johnson asking him to reform the Computer Misuse Act 1990, saying the act "has failed to keep pace with technological and market developments, inadvertently prohibiting a large component of contemporary threat intelligence research."…

Categories: News

As the world secures itself, so do crims: Encrypted malware on the rise, warns Sonicwall

The Register - Mon, 29/07/2019 - 07:32
Let's be careful out there

Scanning of random ports and the use of encrypted malware by online criminals is on the rise, according to a threat report by Sonicwall.…

Categories: News

He’s coming home, he’s coming home ... Hutchins’ coming home: British Wannacry killer held in US on malware dev rap set free by judge

The Register - Fri, 26/07/2019 - 20:23
Joy as infosec researcher spared jail time in America

Marcus Hutchins is on his way home to England after a judge spared him a stretch behind bars in America for developing the Kronos banking trojan.…

Categories: News

Cyberlaw wonks squint at NotPetya insurance smackdown: Should 'war exclusion' clauses apply to network hacks?

The Register - Fri, 26/07/2019 - 11:30
When UK and US said it was Russia, they weren't thinking of the litigators!

Analysis  The defining feature of cyberwarfare is the fact that both the weapon and the target is the network itself. In June 2017, the notorious file-scrambling software nasty NotPetya caused global havoc that affected government agencies, power suppliers, healthcare providers and big biz.…

Categories: News

South Africans shivering after ransomware infection knackers power grid for Johannesburg

The Register - Thu, 25/07/2019 - 21:45
City says no customer data stolen in malware outbreak

The city of Johannesburg in South Africa is working to get its power grid back online after a ransomware infection blocked service for some customers.…

Categories: News

Backdoors won't weaken your encryption, wails FBI boss. And he's right. They won't – they'll fscking torpedo it

The Register - Thu, 25/07/2019 - 21:18
Give it a Wray, give it a Wray, give it a Wray now: Big Chris steps in to defend blowing a hole in personal crypto

FBI head honcho Christopher Wray is rather peeved that you all think the US government is trying to weaken cryptography, privacy, and online security, by demanding backdoors in encryption software.…

Categories: News

Sanctions-hit Russian developers fingered for crafting 'Monokle' Android snoopware

The Register - Wed, 24/07/2019 - 21:06
Group connected to election meddling now selling spy tools

A Russian software developer, currently under American sanctions for its purported role in the Kremlin's interference with the 2016 US elections, is now selling spyware to governments.…

Categories: News

Man arrested over UK's Lancaster University data breach hack allegations

The Register - Wed, 24/07/2019 - 13:45
25-year-old Bradfordian cuffed by NCA over '20k' records breach

Cops have cuffed a 25-year-old man from Bradford on suspicion of committing Computer Misuse Act crimes after Lancaster University suffered a data breach affecting more than 12,000 students and applicants.…

Categories: News

With more hints dropped online on how to exploit BlueKeep, you've patched that Windows RDP flaw, right?

The Register - Wed, 24/07/2019 - 02:39
Someone just revealed the tricky kernel heap spray part

Vital clues on how to exploit the notorious Windows RDP bug, aka CVE-2019-0708 aka BlueKeep, and hijack vulnerable boxes, emerged online this week.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News