News

Prohibition never works, but that didn't stop the UK's Online Safety Act

The Register - 1 hour 18 min ago
Will someone think of the deals politicians are making?

Opinion  You might think, since I write about tech all the time, my degrees are in computer science. Nope. I'm a bona fide, degreed historian, which is why I can say with confidence that the UK's recently passed Online Safety Act is doomed to fail.…

Categories: News

Why blow up satellites when you can just hack them?

The Register - 8 hours 42 min ago
A pair of German researchers showed how easy it is

Black Hat  Four countries have now tested anti-satellite missiles (the US, China, Russia, and India), but it's much easier and cheaper just to hack them.…

Categories: News

German security researchers say 'Windows Hell No' to Microsoft biometrics for biz

The Register - Thu, 07/08/2025 - 21:20
Hello loophole could let a rogue admin, or a pwned one, inject new facial scans

Black Hat  Microsoft is pushing hard for Windows users to shift from using passwords to its Hello biometrics system, but researchers sponsored by the German government have found a critical flaw in its business implementation.…

Categories: News

Microsoft, CISA warn yet another Exchange server bug can lead to 'total domain compromise'

The Register - Thu, 07/08/2025 - 18:53
No reported in-the-wild exploits…yet

Microsoft and the feds late Wednesday sounded the alarm on another high-severity bug in Exchange Server hybrid deployments that could allow attackers to escalate privileges from on-premises Exchange to the cloud.…

Categories: News

Black Hat's network ops center brings rivals together for a common cause

The Register - Thu, 07/08/2025 - 16:00
The Reg goes behind the scenes of the conference NOC, where volunteers 'look for a needle in a needle stack'

Black Hat  Neil "Grifter" Wyler is spending the week "looking for a needle in a needle stack," a task he'll perform from the network operations center (NOC) that powers the Black Hat security conference in Las Vegas.…

Categories: News

CISA releases malware analysis for Sharepoint Server attack

The Register - Thu, 07/08/2025 - 15:30
Indications of compromise and Sigma rules report for your security scanners amid ongoing 'ToolShell' blitz

CISA has published a malware analysis report with compromise indicators and Sigma rules for "ToolShell" attacks targeting specific Microsoft SharePoint Server versions.…

Categories: News

KLM, Air France latest major organizations looted for customer data

The Register - Thu, 07/08/2025 - 14:00
Watch out, the phishermen are about, customers told

European airline giants Air France and KLM say they are the latest in a string of major organizations to have their customers' data stolen by way of a break-in at a third party org.…

Categories: News

Meta training AI on social media posts? Only 7% in Europe think it's OK

The Register - Thu, 07/08/2025 - 13:30
Privacy campaigner Max Schrem's NOYB is back on Zuck's back

Meta's enthusiasm for training its AI on user data is not shared by the users themselves – at least for some Europeans – according a study commissioned by Facebook legal nemesis Max Schrems and his privacy advocacy group Noyb.…

Categories: News

Amnesty slams Elon Musk's X for 'central role' in fueling 2024 UK riots

The Register - Thu, 07/08/2025 - 09:45
Human rights org calls for greater accountability and stronger enforcement of Online Safety Act

Amnesty International claims Elon Musk's X platform "played a central role" in pushing the misinformation that stoked racially charged violence following last year's Southport murders.…

Categories: News

Could agentic AI save us from the cybercrisis?

The Register - Thu, 07/08/2025 - 09:00
Many hands make light work in the SOC

Sponsored feature  The cyberthreat landscape is evolving fast, with highly organized bad actors launching ever more devastating and sophisticated attacks against often ill-prepared targets.…

Categories: News

Microsoft researchers bullish on AI security agent even though it let 74% of malware slip through

The Register - Wed, 06/08/2025 - 22:00
Project Ire promises to use LLMs to detect whether code is malicious or benign

Microsoft has rolled out an autonomous AI agent that it claims can detect malware without human assistance.…

Categories: News

Google says the group behind last year's Snowflake attack slurped data from one of its Salesforce instances

The Register - Wed, 06/08/2025 - 19:00
ShinyHunters suspected in rash of intrusions

Google confirmed that criminals breached one of its Salesforce databases and stole info belonging to some of its small-and-medium-business customers.…

Categories: News

Vibe coding tool Cursor's MCP implementation allows persistent code execution

The Register - Wed, 06/08/2025 - 00:28
More evidence that AI expands the attack surface

Check Point researchers uncovered a remote code execution bug in popular vibe-coding AI tool Cursor that could allow an attacker to poison developer environments by secretly modifying a previously approved Model Context Protocol (MCP) configuration, silently swapping it for a malicious command without any user prompt.…

Categories: News

Patch now: Millions of Dell PCs with Broadcom chips vulnerable to attack

The Register - Tue, 05/08/2025 - 19:28
Psst, wanna steal someone's biometrics?

black hat  Critical security flaws in Broadcom chips used in more than 100 models of Dell computers could allow attackers to take over tens of millions of users' devices, steal passwords, and access sensitive data, including fingerprint information, according to Cisco Talos.…

Categories: News

Study finds humans not completely useless at malware detection

The Register - Tue, 05/08/2025 - 18:00
Some pinpointed software nasties but were suspicious of printer drivers too

Researchers from the Universities of Guelph and Waterloo have discovered exactly how users decide whether an application is legitimate or malware before installing it – and the good news is they're better than you might expect, at least when primed to expect malware.…

Categories: News

Chained bugs in Nvidia's Triton Inference Server lead to full system compromise

The Register - Tue, 05/08/2025 - 15:28
Wiz Research details flaws in Python backend that expose AI models and enable remote code execution

Security researchers have lifted the lid on a chain of high-severity vulnerabilities that could lead to remote code execution (RCE) on Nvidia's Triton Inference Server.…

Categories: News

Hacker summer camp: What to expect from BSides, Black Hat, and DEF CON

The Register - Tue, 05/08/2025 - 11:45
These are the conference events to keep an eye on. You can even stream a few

The security industry is hitting Vegas hard this week with three conferences in Sin City that bring the world's largest collection of security pros together for the annual summer camp.…

Categories: News

Antivirus vendors fail to spot persistent, nasty, stealthy Linux backdoor

The Register - Tue, 05/08/2025 - 01:01
'Plague' malware has been around for months without tripping alarms

Researchers at German infosec services company Nextron Threat have spotted malware that creates a highly-persistent Linux backdoor and say antivirus engines do not flag the code as malicious.…

Categories: News

SonicWall investigates 'cyber incidents,' including ransomware targeting suspected 0-day

The Register - Mon, 04/08/2025 - 22:40
Bypassing MFA and deploying ransomware…sounds like something that rhymes with 'schmero-day'

SonicWall on Monday confirmed that it's investigating a rash of ransomware activity targeting its firewall devices, following multiple reports of a zero-day bug under active exploit in its VPNs.…

Categories: News

Python-powered malware snags hundreds of credit cards, 200K passwords, and 4M cookies

The Register - Mon, 04/08/2025 - 19:33
PXA Stealer pilfers data from nearly 40 browsers, including Chrome

More than 4,000 victims across 62 countries have been infected by stealthy infostealers pilfering people's passwords, credit card numbers, and browser cookies, which are then sold to other criminals on Telegram-based marketplaces.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News