Great news. Patch load drops 20% for the first time in 10 years. Bad news: Well, you've heard about coronavirus?

The Register - 11 hours 16 min ago
Fix the crits and backload the rest later

Over the first quarter of 2020, the number of security bugs disclosed by software makers fell 20 per cent though not for any of the right reasons, it seems.…

Categories: News

It's not every day the NSA publicly warns of attacks by Kremlin hackers – so take this critical Exim flaw seriously

The Register - 15 hours 53 min ago
Open-source mail servers under active exploitation by GRU crew, make sure you're patched up

The NSA has raised the alarm over what it says is Russia's active exploitation of a remote-code execution flaw in Exim for which a patch exists.…

Categories: News

NTT warns its Singapore cloud was hacked, Japanese customer data compromised

The Register - 20 hours 25 min ago
Early May attack hit 600-plus hosting and cloud customers

Global system integrator NTT has said someone hacked their way into its hosting and cloud services and may have accessed 600-odd customers’ data.…

Categories: News

Got $50k spare? Then you can crack SHA-1 – so OpenSSH is deprecating flawed hashing algo in a 'near-future release'

The Register - Thu, 28/05/2020 - 22:03
The price will only go down

The maintainers of OpenSSH, widely used for connecting securely to servers and devices over networks, have warned that the SHA-1 algorithm will be disabled in a "near-future release".…

Categories: News

Cybercrooks tend to prefer Google-branded phishing to Microsoft-flavoured lures

The Register - Thu, 28/05/2020 - 19:59
So says Barracuda Networks, anyway

Digital rogues are shunning Microsoft in favour of Google when it comes to launching branded spear-phishing attacks, according to threat intel firm Barracuda Networks.…

Categories: News

You, Apple Mac fan. Put down the homemade oat-milk latte, you need to patch a load of security bugs, too

The Register - Thu, 28/05/2020 - 16:45
Patch Thursday is for you, Patch Tuesday is for everyone else

Apple has alerted users about a bunch of security fixes for its software on supported versions of macOS that you ought to install as soon as you can.…

Categories: News

Why zero trust security needs strong hardware foundations

The Register - Thu, 28/05/2020 - 07:00
Intel vPro platform provides hardware level of trust

Sponsored  Sometimes it feels like the hackers and malware creators are in an arms race with the teams tasked with protecting systems and data. New tools and technologies are being deployed on both sides all the time.…

Categories: News

26 million logins believed to be stolen from LiveJournal in 2017 pop up on hacker forum

The Register - Wed, 27/05/2020 - 19:30
Best change any recycled credentials from your blogging days

Russian-owned blogging service LiveJournal has reportedly suffered a hack affecting 26 million user accounts.…

Categories: News

Oh cool, tech service prices are plummeting. And by tech services, we mean botnet rentals and stolen credit cards

The Register - Wed, 27/05/2020 - 12:02
Supply and demand in action

Crime has never been cheaper to pull off, so long as you're not particular about quality.…

Categories: News

Microsoft banishes Trend Micro code at center of driver 'cheatware' storm from Windows 10, rootkit detector product pulled from site

The Register - Wed, 27/05/2020 - 08:14
Infosec's Drivergate scandal deepens

Microsoft has blocked a Trend Micro driver from running on Windows 10 – and Trend has withdrawn downloads of its rootkit detector that uses the driver – after the code appeared to cheat Redmond's QA tests.…

Categories: News

Mulled Chrome API shines light on long-neglected privacy gap: Sites can snoop on your find-in-page searches

The Register - Wed, 27/05/2020 - 06:04
Naughty JS can watch you hit control+F, start typing, see what's on your mind

Analysis  A browser feature being developed for the open-source Chromium platform has raised data-leakage privacy concerns – though the Google engineers working on the project contend the potential benefits outweigh the risks.…

Categories: News

India said its contact-tracing app is perfect – adds bug bounty and open-sources it anyway

The Register - Wed, 27/05/2020 - 03:59
As the legalese changes to extend data retention period

India has open-sourced its Aarogya Setu contact-tracing app and announced a bug bounty program to detect any security issues.…

Categories: News

US lawmakers get a second shot at forcing FBI agents to obtain a warrant before they leaf through web histories

The Register - Wed, 27/05/2020 - 00:25
Bi-partisan amendment aims to take away easy access to your online life

US lawmakers will get another vote on whether the FBI must get a warrant before agents can search Americans’ search and web-browsing histories.…

Categories: News

If someone could stop hackers pwning medical systems right now, that would be cool, say Red Cross and friends

The Register - Tue, 26/05/2020 - 20:51
The rules of war that protect hospitals should extend into cyberspace

Following the surge of cyber attacks on medical facilities, the head of the International Committee of the Red Cross (ICRC) and more than 40 other international leaders asked the governments of the world to do more to safeguard critical medical organizations amid the coronavirus pandemic.…

Categories: News

Airline-chasing lawyers leap on Easyjet for £18bn after 9m folks' data, itineraries nicked

The Register - Tue, 26/05/2020 - 17:22
No win, no fee. But if they win it's an up to £5.4bn fee

A law firm that is already chasing British Airways now claims it is suing Easyjet for up to £18bn, intending to take a modest £5.4bn cut for itself, after nine million people's data was stolen from the airline's servers.…

Categories: News

Unmanned drones to slash NHS delivery times to one-fifth of road 'n' rail transport

The Register - Tue, 26/05/2020 - 15:41
Scottish trial will courier PPE and COVID-19 tests to remote hospital

Remote-control drones are to be used to deliver coronavirus testing kits to a remote Scottish hospital – and they're being flown outside of the operators' direct line of sight.…

Categories: News

eBay users spot the online auction house port-scanning their PCs. Um... is that OK?

The Register - Tue, 26/05/2020 - 13:39
Fraud is a big issue for etailer, but there are privacy and consent concerns too

Users visiting eBay have spotted that the website runs port scans against their computer, using the localhost address to inspect what may be running on your machine.…

Categories: News

Galaxy S20 security is already old hat as Samsung launches new safety silicon

The Register - Tue, 26/05/2020 - 11:32
Passport-grade chippery to help mobile devices prove their identity

Samsung will launch a new standalone turnkey security chip to protect mobile devices, the company announced today.…

Categories: News

Contact-tracing app may become a permanent fixture in major Chinese city

The Register - Tue, 26/05/2020 - 07:02
Hangzhou wants a 'health and immunity firewall'

One of China's major tech hubs is planning to make a health and movement tracking system developed to fight the COVID-19 epidemic a permanent fixture in daily life.…

Categories: News

Pre-authentication, remote root hole in call-center software? Thanks, Cisco. Just what a long weekend needs

The Register - Mon, 25/05/2020 - 10:31
This and more bits and bytes from infosec world

Roundup  It's once again time to catch up on the latest happenings from the world of infosec.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News