Try as they might, ransomware crooks can't hide their tells when playing hands

The Register - 2 hours 6 min ago
Sophos sees common behavior across various infections

Common behaviors shared across all families of ransomware are helping security vendors better spot and isolate attacks.…

Categories: News

What a pair of Massholes! New England duo cuffed over SIM-swapping cryptocoin charges

The Register - Thu, 14/11/2019 - 20:52
Account takeovers allegedly used to plunder digital wallets

Two men from Massachusetts have been arrested and charged with 11 criminal counts stemming from a string of account takeovers and cryptocurrency thefts.…

Categories: News

Infosec boffins pour cold water on claims Home Office Brexit app can be easily hacked

The Register - Thu, 14/11/2019 - 13:07
'Unnecessary scaremongering' but still some work to be done

Reports that the Home Office's Brexit app contains "serious vulnerabilities" that could expose the phone numbers, addresses and passport details of EU citizens are overblown, say security experts.…

Categories: News

UK Info Commish quietly urged court to swat away 100k Morrisons data breach sueball

The Register - Wed, 13/11/2019 - 11:00
Supermarket says it's innocent and we don't need more than that, ICO told judges

The UK's Information Commissioner urged the Court of Appeal to side with Morrisons in the supermarket’s battle to avoid liability for the theft and leaking of nearly 100,000 employees’ payroll details – despite not having read the employees’ legal arguments.…

Categories: News

Londoner accused of accessing National Lottery users' accounts

The Register - Wed, 13/11/2019 - 09:15
Case to be heard in full next year

A man will appear at Crown court in December to answer charges that he used hacking program Sentry MBA to access and take money from online UK National Lottery gambling accounts.…

Categories: News

Russian bloke charged in US with running $20 million stolen card-as-a-service online souk

The Register - Wed, 13/11/2019 - 05:01
Prosecutors say 29 year-old was mastermind of prolific 'Cardplanet' operation

A Russian man was detained at Dulles airport in Washington DC on Monday and charged with running a stolen card trading ring that was responsible for $20m worth of fraud.…

Categories: News

Shock! US border cops need 'reasonable suspicion' of a crime before searching your phone, laptop

The Register - Tue, 12/11/2019 - 23:57
Massachusetts judge reminds America of that little thing called the Fourth Amendment

The seizure and search of phones and laptops at the US border is unconstitutional, a judge said Tuesday in a landmark ruling.…

Categories: News

This November, give thanks for only having one exploited Microsoft flaw for Patch Tues. And four Hyper-V escapes

The Register - Tue, 12/11/2019 - 22:19
Intel joins the fun with monthly releases from Adobe, SAP

Patch Tuesday  The November edition of Patch Tuesday has landed with scheduled updates from Microsoft, Adobe, and SAP, along with the debut of a new update calendar from Intel.…

Categories: News

Don't trust the Trusted Platform Module – it may leak your VPN server's private key (depending on your configuration)

The Register - Tue, 12/11/2019 - 19:43
You know what they say: Timing is... everything

Trusted Platform Modules, specialized processors or firmware that protect the cryptographic keys used to secure operating systems, are not entirely trustworthy.…

Categories: News

True to its name, Intel ZombieLoad processor attack comes crawling back with new variant

The Register - Tue, 12/11/2019 - 18:02
Boffins say even the latest chips could allow data to be leaked between CPU cores

Intel is once again moving to patch its CPU microcode following the revelation of yet another data-leaking side-channel vulnerability.…

Categories: News

Don't miss this patch: Bad Intel drivers give hackers a backdoor to the Windows kernel

The Register - Tue, 12/11/2019 - 18:00
Alarm raised over more holes in third-party low-level code

Nearly three months after infosec biz Eclypsium highlighted widespread security weaknesses in third-party Windows hardware drivers, you can now add Intel to the list of vendors leaving holes in their all-powerful low-level code.…

Categories: News

From AV to oy-vey: McAfee antivirus has security hole of its own

The Register - Tue, 12/11/2019 - 16:30
Security suite falls victim to malicious DLLs

Three of McAfee's anti-malware tools have been found to contain a vulnerability that could potentially allow an attacker to bypass its security protections and take control of a PC.…

Categories: News

'Sophisticated' cyber attack on UK Labour Party platforms was probably just a DDoS, says official

The Register - Tue, 12/11/2019 - 11:41
'Really very everyday' – report

The UK's Labour Party says its campaign site has been the target of "sophisticated and large-scale cyber-attack" and has informed GCHQ's National Cyber Security Centre.…

Categories: News

150 infosec bods now know who they're up against thanks to BT Security cc/bcc snafu

The Register - Tue, 12/11/2019 - 11:08
Mass-mail fail followed outfit's appearance at jobs fair

BT Security managed to commit the most basic blunder of all after emailing around 150 infosec professionals who attended a jobs fair – using the "cc" field instead of "bcc".…

Categories: News

BlueKeep freakout had little to no impact on patching, say experts

The Register - Mon, 11/11/2019 - 22:05
Admins snoozing on patching despite reports of active attacks

The flurry of reports in recent weeks of in-the-wild exploits for the Windows RDP 'BlueKeep' security flaw had little impact among those responsible for patching, it seems.…

Categories: News

Back-2-school hacking: Kaspersky blames pesky script kiddies for rash of DDoS cyber hooliganism

The Register - Mon, 11/11/2019 - 17:51
Educational institutions main target during September spike

Kasperksy researchers have blamed pesky schoolkids for the big September spike in denial-of-service attacks.…

Categories: News

If it sounds too good to be true, it most likely is: Nobody can decrypt the Dharma ransomware

The Register - Mon, 11/11/2019 - 15:42
Not even data recovery companies

A data recovery company is dubiously claiming it has cracked decryption of Dharma ransomware – despite there being no known method of unscrambling its files.…

Categories: News

Hate hub hacked, Cisco bugs squished, Bluekeep attacks begin, and much, much, more

The Register - Mon, 11/11/2019 - 07:01
Plus, rConfig flaw raises alarms

Roundup  Time for a look at some of the other security stories making the rounds in the past week.…

Categories: News

Morrisons is to blame for 100k payroll theft and leak, say 9,000 workers

The Register - Fri, 08/11/2019 - 16:00
Supreme Court wraps up legal submissions from supermarket and breach victims

"Cutting to the chase, it's not a case where the office cleaner finds a thumb drive, picks it up and takes the opportunity to make some use of it," barrister Jonathan Barnes told the Supreme Court as he urged judges to dismiss Morrisons' appeal against liability for its 2014 payroll data breach.…

Categories: News

Surveillance kit slinger accused of slapping 'Made in America' on Chinese gear, selling it to the US government

The Register - Fri, 08/11/2019 - 01:57
But sure, it's Huawei that's the big security threat

Staff were cuffed in a police raid on Thursday at the offices of US surveillance equipment vendor Aventura Technologies. The workers are now facing criminal charges for allegedly passing off Chinese-made gear as stuff built in America, and selling it to Uncle Sam and its military.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News