News

Shhh! Microsoft, Intel, Google and more sign up to the Confidential Computing Consortium

The Register - 4 hours 18 min ago
You can make your own joke about foxes and hen houses...

The Linux Foundation has signed up the likes of Microsoft and Google for its Confidential Computing Consortium, a group with the laudable goal of securing sensitive data.…

Categories: News

Disgruntled bug-hunter drops Steam zero-day to get back at Valve for refusing him a bounty

The Register - 11 hours 17 min ago
EoP bug now free for the world to see after bounty was rejected

A security bod angry at Valve's handling of bug reports has released a zero-day vulnerability affecting the games giant's flagship Steam app.…

Categories: News

The Joy of Six... critical security patches: Cisco small biz switches open to hijacking via web UI

The Register - 16 hours 14 min ago
Plus UCS and other gear need updates

Cisco has emitted a fresh round of software updates to address security holes in its network switches and controllers.…

Categories: News

Finally. Thanks so much, nerds. Google, Apple, Mozilla end government* internet spying for good

The Register - Wed, 21/08/2019 - 23:28
* Terms and conditions apply. Offer not valid outside Kazakhstan. Your home may be repossessed if you do not keep up payments

On Wednesday, Google, Apple, and Mozilla said their web browsers will block the Kazakhstan root Certificate Authority (CA) certificate – following reports that ISPs in the country have required customers to install a government-issued certificate that enables online spying.…

Categories: News

Here's a top tip: Don't trust the new guy – block web domains less than a month old. They are bound to be dodgy

The Register - Wed, 21/08/2019 - 20:53
Better to be aggressive and safe than sorry

IT admins could go a long way towards protecting their users from malware and other dodgy stuff on the internet if they ban access to any web domain less than a month old.…

Categories: News

Microsoft: Reckon our code is crap? Prove it and $30k could be yours

The Register - Wed, 21/08/2019 - 16:00
Doors on the Edge Insider Bounty Program flung open

Having finally pushed out the first Beta preview of its Chromium-based browser, Microsoft has launched a bounty programme aimed at getting researchers to kick the tyres on its latest and greatest.…

Categories: News

Sorry script kiddies, hacktivism isn't cool anymore: No one cares about stuff that's easy-peasy to defend against

The Register - Wed, 21/08/2019 - 15:00
So much for Beto O'Rourke's cow-related capers

The youthful doings of US presidential wannabe Beto O'Rourke are in sharp decline, according to threat intel biz Recorded Future, which reckons folk have fallen out of love with hacktivism.…

Categories: News

Stuff like sophisticated government spyware is scary and all – but don't forget, a single .wmv file can pwn you via VLC

The Register - Wed, 21/08/2019 - 09:57
Keep your media player, like other apps, up to date: 13 security flaws fixed

VideoLAN has issued an update to address a baker's dozen of CVE-listed security vulnerabilities in its widely used VLC player software.…

Categories: News

30+ countries, 160,000 emails, $4.2m in cyber-heists… maybe it's time for the Silence hacker crew to change its name

The Register - Wed, 21/08/2019 - 06:00
Russian bank-hacking ring continues its global expansion

The rapidly growing hacking crew dubbed Silence, has – in less than three years – gone from ransacking small regional banks in Eastern Europe to stealing millions from some of the largest international banks.…

Categories: News

No REST for the wicked: Ruby gem hacked to siphon passwords, secrets from web devs

The Register - Tue, 20/08/2019 - 22:21
Developer account cracked due to credential reuse, source tampered with and released to hundreds of programmers

An old version of a Ruby software package called rest-client that was modified and released about a week ago has been removed from the Ruby Gems repository – because it was found to be deliberately leaking victims' credentials to a remote server.…

Categories: News

Huawei goes all <i>Art of War</i> on us: Switches on 'battle mode' and vows to 'dominate the world'

The Register - Tue, 20/08/2019 - 16:30
You listening, Trump?

An internal memo to Huawei staff sent by boss Ren Zhengfei is long on military metaphors and warns that the company needs to go into "battle mode" to counter trade barriers put up by the United States.…

Categories: News

Breaker, breaker. Apple's iOS 12.4 update breaks jailbreak break, un-breaks the break. 10-4

The Register - Tue, 20/08/2019 - 02:58
File under: 'Breaking' news

iPhone hackers have discovered Apple's most recent iOS update, 12.4, released in July, accidentally reopened a code-execution vulnerability that was previously patched – a vulnerability that can be abused to jail-break iThings.…

Categories: News

The Pwn Star State: Nearly two dozen Texas towns targeted by tiresome ransomware

The Register - Tue, 20/08/2019 - 01:02
Officials suspect a coordinated extortion campaign

Twenty-three towns in Texas have been targeted with ransomware in what appears to be a coordinated attack.…

Categories: News

Dear Planet Earth: Patch Webmin now – zero-day exploit emerges for potential hijack hole in server control panel

The Register - Mon, 19/08/2019 - 21:28
Flawed code traced to home build system, vulnerability can be attacked in certain configs

The maintainers of Webmin – an open-source application for system administration tasks on Unix-flavored systems – have released Webmin version 1.930 and the related Usermin version 1.780 to patch a vulnerability that can be exploited to achieve remote code execution in certain configurations.…

Categories: News

Teen TalkTalk hacker ordered to pay £400k after hijacking popular Instagram account

The Register - Mon, 19/08/2019 - 14:03
Sanitised browser history sparked another investigation

One of the crew who hacked TalkTalk has been ordered to hand over £400,000 after seizing control of a high-profile Instagram account following a hack on Aussie telco Telstra.…

Categories: News

KNOB turns up the heat on Bluetooth encryption, hotels leak guest info, city hands $1m to crook, and much, much more

The Register - Mon, 19/08/2019 - 11:08
Spec design flaw stiffs security of gizmos

Roundup  Let's run through all the bits and bytes of security news beyond what we've already covered. Also, don't forget our articles from this year's Black Hat, DEF CON, and BSides Las Vegas conferences in the American desert.…

Categories: News

iFrame clickjacking countermeasures appear in Chrome source code. And it only took *checks calendar* three years

The Register - Mon, 19/08/2019 - 10:04
After inaction, technical changes promise better fraud defense

Three years ago, Google software engineer Ali Juma proposed that Chrome should be modified to ignore recently moved iframe elements on web pages as a defense against clickjacking.…

Categories: News

Subcontractor's track record under spotlight as London Mayoral e-counting costs spiral

The Register - Mon, 19/08/2019 - 09:11
Bill approaching £9m compared to £4.1m for the system in 2016

Concerns have been raised over a key supplier of an e-counting system for the London Mayoral elections in 2020.…

Categories: News

Chrome add-on warns netizens when they use a leaked password. Sometimes, they even bother to change it

The Register - Fri, 16/08/2019 - 21:57
Alerted to exposed credentials, users do something about it roughly a quarter of the time

Between February and March this year, after Google released a Chrome extension called Password Checkup to check whether people's username and password combinations had been stolen and leaked from website databases, computer scientists at the biz and Stanford University gathered anonymous telemetry from 670,000 people who installed the add-on.…

Categories: News

NSA asks Congress to permanently reauthorize spying program that was so shambolic, the snoops had shut it down

The Register - Fri, 16/08/2019 - 21:09
You never know, we might figure out how not to screw up in future

Analysis  In the clearest possible sign that the US intelligence services live within their own political bubble, the director of national intelligence has asked Congress to reauthorize a spying program that the NSA itself decided to shut down after it repeatedly – and illegally – gathered the call records of millions of innocent Americans.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News