Merry Xmas, fellow code nerds: Avast open-sources decompiler

The Register - 1 hour 35 min ago
RetDec will turn binaries into something more legible

Malware hunting biz and nautical jargon Avast has released its machine-code decompiler RetDec as open source, in the hope of arming like-minded haters of bad bytes and other technically inclined sorts with better analytical tools.…

Categories: News

We need to talk about mathematical backdoors in encryption algorithms

The Register - 9 hours 17 min ago
Yo, NSA maths chaps, can you hear me? – Black Hat man

Security researchers regularly set out to find implementation problems in cryptographic algorithms, but not enough effort is going towards the search for mathematical backdoors, two cryptography professors have argued.…

Categories: News

Russia could chop vital undersea web cables, warns Brit military chief

The Register - 10 hours 36 min ago
ACM Sir Stuart Peach is right – but only to a point

The head of the British Armed Forces, Air Chief Marshal Sir Stuart Peach, has warned that Russia could cut off the UK by severing undersea communications cables.…

Categories: News

Brit film board proposed as overlord of online pr0nz age checks

The Register - 11 hours 37 min ago
Campaigners say body 'will be pushed to block' large number

The British Board of Film Classification will be responsible for regulating age checks for UK users of online porn websites, if the government gets its way.…

Categories: News delays biometrics strategy again – but cops will STILL USE the tech

The Register - Thu, 14/12/2017 - 11:33
Tech's too 'fast moving' for framework, but not for slurping your face

The Home Office has admitted the UK’s biometrics strategy won't be published until next year, as MPs slam an "unacceptable" delay of more than five years.…

Categories: News

OK, OK, MIRA-I DID IT: Botnet-building compsci kid comes clean

The Register - Wed, 13/12/2017 - 22:13
Jha rule-breaker and pals confess IoT gadget hack crimes, now facing the slammer

A former New Jersey college student has copped to helping create and run the massive Mirai DDoS botnet.…

Categories: News

Barclays employee sentenced for aiding Dridex money launderers

The Register - Wed, 13/12/2017 - 15:17
Six years's porridge. Dridex not a laundry soap btw; it's a Trojan

An employee of Barclays Bank who laundered thousands of pounds on behalf of Moldovan cybercriminals was sentenced to six years and four months in prison yesterday.…

Categories: News

One per cent of all web sites probably p0wned each year, say boffins

The Register - Wed, 13/12/2017 - 07:28
Automated account-creator used bad passwords to detect when sites go bad

Researchers working on a technology to detect unannounced data breaches have found, to their dismay, that one per cent of the sites they monitored were hacked over the previous 18 months.…

Categories: News

Up to 'ONE BEEELLION' vid-stream gawpers toil in crypto-coin mines

The Register - Wed, 13/12/2017 - 07:02
Come for the free movies, stay to dig Monero for a stranger

Security experts claim four extremely popular video-streaming websites have been secretly loaded with crypto-currency-crafting code.…

Categories: News

Put down the eggnog, it's Patch Tuesday: Fix Windows boxes ASAP

The Register - Wed, 13/12/2017 - 02:13
IE haunted by ghosts of past bugs – plus remote-code exec holes that'll chill your blood

Microsoft has kicked out its December batch of software security fixes, the final Patch Tuesday of 2017.…

Categories: News

Intel to slap hardware lock on Management Engine code to thwart downgrade attacks

The Register - Wed, 13/12/2017 - 01:49
From version 12 onward, ME-equipped chips will defend against patch rollbacks

Intel's Coffee Lake and Cannon Lake x86 processors can be fortified by computer manufacturers to prevent in hardware attempts to downgrade, exploit and potentially neuter Chipzilla's built-in creepy Management Engine.…

Categories: News

I, Robot? Aiiiee, ROBOT! RSA TLS crypto attack pwns Facebook, PayPal, 27 of 100 top domains

The Register - Wed, 13/12/2017 - 01:02
Two-decade-old hole lets hackers unlock encrypted data

A 19-year-old vulnerability in the TLS network security protocol has been found in the software of at least eight IT vendors and open-source projects – and the bug could allow an attacker to decrypt encrypted communications.…

Categories: News

Tenable's response to folks upset at AWOL features: A 150-emails-a-minute spam storm

The Register - Tue, 12/12/2017 - 23:54
Nessus Pro V7 launch fiasco

Tenable Security has given itself two problems, by releasing a product its users don't like, and then adding them all to a support email group that's sending uncomfortable volumes of messages.…

Categories: News

Kaspersky dragged into US govt's trashcan as weaponized blockchain agile devops mulled

The Register - Tue, 12/12/2017 - 22:25
Trump signs defense law with No Eugenes clause, plenty more cyber stuff

President Donald Trump has signed the National Defense Authorization Act for 2018, which includes a ban on products from Kaspersky Lab running in US government agencies.…

Categories: News

Argy-bargy Argies barge into Starbucks Wi-Fi with alt-coin discharges

The Register - Tue, 12/12/2017 - 20:34
Venti vanilla skinny latte with sprinkles of JavaScript and a side of Monero mining, please

Starbucks has joined the long growing list of organizations that have inadvertently and silently mined alt-coins on customers' computers for mystery miscreants.…

Categories: News

Brrr! It's a snow day and someone has pwned the chuffin' school heating

The Register - Tue, 12/12/2017 - 15:02
Building management systems easily hackable – researchers

Britain's freezing weather has reanimated the issue of insecure building control systems.…

Categories: News

Why bother cracking PCs? Spot o' malware on PLCs... Done. Industrial control network pwned

The Register - Tue, 12/12/2017 - 10:56
Jumping the air gap

Security researchers have demonstrated a new technique for hacking air-gapped industrial control system networks, and hope their work will encourage the development of more robust defences for SCADA-based systems.…

Categories: News

Google's Project Zero reveals Apple jailbreak exploit

The Register - Tue, 12/12/2017 - 02:02
Holy Moley! iOS and MacOS were wholly holey

Ian Beer of Google's Project Zero bod has followed up on a “coming soon” Twitter teaser with a jailbreakable iOS and Mac OS vulnerability.…

Categories: News

Archive of 1.4 BEEELION credentials in clear text found in dark web archive

The Register - Tue, 12/12/2017 - 01:05
Find shows people still suck at passwords

A data dump containing over 1.4 billion email addresses, passwords, and other credentials, all in clear text, has been found online by security shop @4iQ.…

Categories: News

New Ruski hacker clan exposed: They're called MoneyTaker, and they're gonna take your money

The Register - Mon, 11/12/2017 - 17:58
Subtly named group has gone largely unnoticed until now

Security researchers have lifted the lid on a gang of Russian-speaking cybercrooks, dubbed MoneyTaker.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News