News

China bans compulsory facial recognition and its use in private spaces like hotel rooms

The Register - Sun, 23/03/2025 - 23:29
PLUS: Zoho's Ulaa anointed India’s most patriotic browser; Typhoon-like gang targets Taiwan; Japan debates offensive cyber-ops; and more

Asia In Brief  China’s Cyberspace Administration and Ministry of Public Security have outlawed the use of facial recognition without consent.…

Categories: News

Oracle Cloud says it's not true someone broke into its login servers and stole data

The Register - Sun, 23/03/2025 - 21:09
Despite evidence to the contrary as alleged pilfered info goes on sale

Oracle has straight up denied claims by a miscreant that its public cloud offering has been compromised and information stolen.…

Categories: News

Ex-NSA boss: Good news. Election security focus helped dissuade increase in Russian meddling with US

The Register - Sun, 23/03/2025 - 13:04
Plus AI in the infosec world, why CISA should know its place, and more

Interview  Russia appears to be having second thoughts on how aggressively, or at least how visibly, it attempts to influence American elections, according to a former head of the NSA.…

Categories: News

AdTech CEO whose products detected fraud jailed for financial fraud

The Register - Fri, 21/03/2025 - 07:32
Made up revenue and pretended to use non-existent data

The former CEO of Kubient, an advertising tech company that developed a cloudy product capable of detecting fraudulent ads, has been jailed for fraud.…

Categories: News

Paragon spyware deployed against journalists and activists, Citizen Lab claims

The Register - Fri, 21/03/2025 - 06:26
Plus: Customer info stolen from 'parental control' software slinger SpyX; F-35 kill switch denied

Infosec newsbytes  Israeli spyware maker Paragon Solutions pitches its tools as helping governments and law enforcement agencies to catch criminals and terrorists, but a fresh Citizen Lab report claims its software has been used to target journalists, activists, and other civilians.…

Categories: News

Capital One cracker could be sent back to prison after judges rule she got off too lightly

The Register - Fri, 21/03/2025 - 01:06
Feds want book thrown at Paige Thompson, who pinched 100M customer records

Paige Thompson, the perpetrator of the Capital One data theft, may be sent back behind bars – after an appeals court ruled her sentence of time served plus five years of probation was too lenient.…

Categories: News

Dept of Defense engineer took home top-secret docs, booked a fishing trip to Mexico – then the FBI showed up

The Register - Thu, 20/03/2025 - 23:02
So much for that vacation

A US Department of Defense electrical engineer has turned his world upside down after printing 155 pages from 20 documents, all of which were marked top secret and classified, from his DoD workspace, brought them home with him – and was collared on his way to Mexico.…

Categories: News

Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist

The Register - Thu, 20/03/2025 - 18:33
Palming off the blame using an ‘unknown’ best practice didn’t go down well either

In patching the latest critical remote code execution (RCE) bug in Backup and Replication, software shop Veeam is attracting criticism from researchers for the way it handles uncontrolled deserialization vulnerabilities.…

Categories: News

Too many software supply chain defense bibles? Boffins distill advice

The Register - Thu, 20/03/2025 - 13:31
How to avoid another SolarWinds, Log4j, and XZ Utils situation

Organizations concerned about software supply chain attacks should focus on role-based access control, system monitoring, and boundary protection, according to a new preprint paper on the topic.…

Categories: News

The post-quantum cryptography apocalypse will be televised in 10 years, says UK's NCSC

The Register - Thu, 20/03/2025 - 13:15
Wow, a government project that could be on time for once ... cos it's gonna be wayyyy more than a decade

The UK's National Cyber Security Centre (NCSC) today started the post-quantum cryptography (PQC) countdown clock by claiming organizations have ten years to migrate to a safer future.…

Categories: News

Attackers swipe data of 500k+ people from Pennsylvania teachers union

The Register - Wed, 19/03/2025 - 21:09
SSNs, payment details, and health info too

The Pennsylvania State Education Association (PSEA) says a July 2024 "security incident" exposed sensitive personal data on more than half a million individuals, including financial and health info.…

Categories: News

Names, bank info, and more spills from top sperm bank

The Register - Wed, 19/03/2025 - 20:56
Cyber-crime is officially getting out of hand

One of the world's largest sperm banks, California Cryobank, is in a sticky situation.…

Categories: News

IBM scores perfect 10 ... vulnerability in mission-critical OS AIX

The Register - Wed, 19/03/2025 - 18:58
Big Blue's workstation workhorse patches hole in network installation manager that could let the bad guys in

IBM "strongly recommends" customers running its Advanced Interactive eXecutive (AIX) operating system apply patches after disclosing two critical vulnerabilities, one of which has a perfect 10 severity score.…

Categories: News

Ex-US Cyber Command chief: Europe and 5 Eyes can't fully replicate US intel

The Register - Wed, 19/03/2025 - 13:01
Cue deepening existential European dread as Rest of World contemplates Trump turning off the info tap

If the United States stopped sharing cyber-threat intel with Ukraine, its European allies and the rest of the Five Eyes nations wouldn't be able to provide all the info Uncle Sam collects, according to former chief of US Cyber Command and the NSA General Paul Nakasone.…

Categories: News

Show top LLMs buggy code and they'll finish off the mistakes rather than fix them

The Register - Wed, 19/03/2025 - 08:32
One more time, with feeling ... Garbage in, garbage out, in training and inference

Researchers have found that large language models (LLMs) tend to parrot buggy code when tasked with completing flawed snippets.…

Categories: News

CISA fires, now rehires and immediately benches security crew on full pay

The Register - Tue, 18/03/2025 - 21:46
DOGE efficiency in action

The upheaval at the US government's Cybersecurity and Infrastructure Security Agency, aka CISA, took another twist on Tuesday, as it moved to reinstate staffers it had fired over the past few weeks - specifically those still in their probationary period - though they've been benched on paid leave for now.…

Categories: News

US tech jobs outlook clouded by DOGE cuts, Trump tariffs

The Register - Tue, 18/03/2025 - 18:01
Hiring remains relatively strong as analysts warn of slowdown

A pair of reports on tech sector employment trends in the United States suggest out-of-work techies right now have relatively decent prospects, but economic uncertainty and rapid policy changes initiated by the Trump administration mean the future job market looks less rosy.…

Categories: News

Microsoft isn't fixing 8-year-old shortcut exploit abused for spying

The Register - Tue, 18/03/2025 - 15:13
'Only' a local access bug but important part of N Korea, Russia, and China attack picture

An exploitation avenue found by Trend Micro has been used in an eight-year-long spying campaign, but there's no sign of a fix from Microsoft, which apparently considers this a low priority.…

Categories: News

Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos

The Register - Tue, 18/03/2025 - 13:02
Ad giant's cloudy arm to pay $30B in security shop deal

Wiz security researchers think they've found the root cause of the GitHub supply chain attack that unfolded over the weekend, and they say that a separate attack may have been to blame.…

Categories: News

UK wants dirt on data brokers before criminals get there first

The Register - Tue, 18/03/2025 - 10:32
Govt wants to learning mistakes of serially breached record holders so it can, er, liberalize data sharing regs under new law

The UK government is inviting experts to provide insights about the data brokerage industry and the potential risks it poses to national security as it moves to push new data-sharing legislation over the line.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News