US won’t prosecute ‘good faith’ security researchers under CFAA

The Register - 1 hour 10 min ago
Well, that clears things up? Maybe not.

The US Justice Department has directed prosecutors not to charge "good-faith security researchers" with violating the Computer Fraud and Abuse Act (CFAA) if their reasons for hacking are ethical — things like bug hunting, responsible vulnerability disclosure, or above-board penetration testing.…

Categories: News

US recovers a record $15m from the 3ve ad-fraud crew

The Register - Thu, 19/05/2022 - 21:30
Swiss banks cough up around half of the proceeds of crime

The US government has recovered over $15 million in proceeds from the 3ve digital advertising fraud operation that cost businesses more than $29 million for ads that were never viewed.…

Categories: News

Iran, China-linked gangs join Putin's disinformation war online

The Register - Thu, 19/05/2022 - 15:00
They're using the invasion 'to take aim at the usual adversaries,' Mandiant told The Reg

Pro-Beijing and Iran miscreants are using the war in Ukraine to spread disinformation that supports these countries' political interests — namely, advancing anti-Western narratives – according to threat-intel experts at Mandiant.…

Categories: News

Hot glare of the spotlight doesn’t slow BlackByte ransomware gang

The Register - Thu, 19/05/2022 - 10:56
Crew's raids continue worldwide, Talos team warns

The US government's alert three months ago warning businesses and government agencies about the threat of BlackByte has apparently done little to slow down the ransomware group's activities.…

Categories: News

The cyber threat isn’t going anywhere, but the fight back starts in London

The Register - Thu, 19/05/2022 - 08:15
CyberThreat 22 returns this September

Sponsored Post  It might feel like you’re facing down the cyber bad guys all on your own sometimes but be assured that’s not the case. In fact, if you head to CyberThreat 22 this Autumn you can draw on the expertise of some of the world’s most experienced practitioners.…

Categories: News

Your snoozing iOS 15 iPhone may actually be sleeping with one antenna open

The Register - Thu, 19/05/2022 - 07:02
No, you're not really gonna be hacked. But you may be surprised

Some research into the potentially exploitable low-power state of iPhones has sparked headlines this week.…

Categories: News

Patch your VMware gear now – or yank it out, Uncle Sam tells federal agencies

The Register - Thu, 19/05/2022 - 01:41
Critical authentication bypass revealed, older flaws under active attack

Uncle Sam's Cybersecurity and Infrastructure Security Agency (CISA) has issued two warnings in a single day to VMware users, as it believes the virtualization giant's products can be exploited by miscreants to gain control of systems.…

Categories: News

Meet Wizard Spider, the multimillion-dollar gang behind Conti, Ryuk malware

The Register - Wed, 18/05/2022 - 22:01
Russia-linked crime-as-a-service crew is rich, professional – and investing in R&D

Analysis  Wizard Spider, the Russia-linked crew behind high-profile malware Conti, Ryuk and Trickbot, has grown over the past five years into a multimillion-dollar organization that has built a corporate-like operating model, a year-long study has found.…

Categories: News

How these crooks backdoor online shops and siphon victims' credit card info

The Register - Wed, 18/05/2022 - 19:47
FBI and co blow lid off latest PHP tampering scam

The FBI and its friends have warned businesses of crooks scraping people's credit-card details from tampered payment pages on compromised websites.…

Categories: News

Your data's auctioned off up to 987 times a day, NGO reports

The Register - Wed, 18/05/2022 - 14:35
Irish Council on Civil Liberties said this is first time the scope of real-time bidding is being measured

The average American has their personal information shared in an online ad bidding war 747 times a day. For the average EU citizen, that number is 376 times a day. In one year, 178 trillion instances of the same bidding war happen online in the US and EU.…

Categories: News

Microsoft warns partners to revoke unused authorizations that drive <em>your</em> software

The Register - Wed, 18/05/2022 - 10:45
June debut of zero trust GDAP tool should make it harder for crims to attack through MSPs and resellers

Microsoft has advised its reseller community it needs to pay attention to the debut of improve security tooling aimed at making it harder for attackers to worm their way into your systems through partners.…

Categories: News

State of internet crime in Q1 2022: Bot traffic on the rise, and more

The Register - Wed, 18/05/2022 - 10:00
According to this cybersecurity outfit that wants your business, anyway

The fraud industry, in some respects, grew in the first quarter of the year, with crooks putting more human resources into some attacks while increasingly relying on bots to carry out things like credential stuffing and fake account creation.…

Categories: News

Monero-mining botnet targets Windows, Linux web servers

The Register - Wed, 18/05/2022 - 08:27
Sysrv-K malware infects unpatched tin, Microsoft warns

The latest variant of the Sysrv botnet malware is menacing Windows and Linux systems with an expanded list of vulnerabilities to exploit, according to Microsoft.…

Categories: News

FBI warns of North Korean cyberspies posing as foreign IT workers

The Register - Tue, 17/05/2022 - 23:58
Looking for tech talent? Kim Jong-un's friendly freelancers, at your service

Pay close attention to that resume before offering that work contract.…

Categories: News

Pentester pops open Tesla Model 3 using low-cost Bluetooth module

The Register - Tue, 17/05/2022 - 17:30
Anything that uses proximity-based BLE is vulnerable, claim researchers

Tesla Model 3 and Y owners, beware: the passive entry feature on your vehicle could potentially be fooled by a new form of relay attack.…

Categories: News

Google assuring open source code to secure software supply chains

The Register - Tue, 17/05/2022 - 17:00
Java and Python packages are the first on the list

Google has a plan — and a new product plus a partnership with developer-focused security shop Snyk — that attempts to make it easier for enterprises to secure their open source software dependencies.…

Categories: News

Facebook rated least safe e-commerce option in government rankings

The Register - Tue, 17/05/2022 - 08:55
Singapore's safety scheme measures scam-combatting capability

A newly implemented e-commerce rating system in the city-state of Singapore has rated Facebook's Marketplace as the least trustworthy e-commerce platform, behind Amazon and its Alibaba-owned Asian analogue Lazada.…

Categories: News

Europe moves closer to stricter cybersecurity standards, reporting regs

The Register - Tue, 17/05/2022 - 08:26
More types of biz fall under expanded rules – and fines for those who fall short

Europe has moved closer toward new cybersecurity standards and reporting rules following a provisional network and information systems agreement dubbed NIS2 by the European Council and Parliament. …

Categories: News

Venezuelan cardiologist charged with designing and selling ransomware

The Register - Tue, 17/05/2022 - 06:15
If his surgery was as bad as his opsec, this chap has caused a lot of trouble

The US Attorney’s Office has charged a 55-year-old cardiologist with creating and selling ransomware and profiting from revenue-share agreements with criminals who deployed his product.…

Categories: News

China reveals its top five sources of online fraud

The Register - Tue, 17/05/2022 - 04:31
'Brushing' tops the list, as quantity of forbidden content continue to rise

China’s Ministry of Public Security has revealed the five most prevalent types of fraud perpetrated online or by phone.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News