APIC fail: Intel 'Sunny Cove' chips with SGX spill secrets

The Register - Tue, 09/08/2022 - 18:00
AMD Zen chips, meanwhile, are vulnerable to side-channel data scrying

A group of computer scientists has identified an architectural error in certain recent Intel CPUs that can be abused to expose SGX enclave data like private encryption keys.…

Categories: News

Malicious deepfakes used in attacks up 13% from last year, VMware finds

The Register - Tue, 09/08/2022 - 16:11
Plus: Crooks swimming around your network, looking for a way in, says Incident Response Threat Report

Security teams are facing down more cyberattacks following Russia's invasion of Ukraine, and sophisticated crooks are using double-extortion techniques and, increasingly, deepfakes in their strikes.…

Categories: News

Microsoft's fix for 'data damage' risk hits PC performance

The Register - Tue, 09/08/2022 - 14:30
'AES-based operations might be two times slower' without latest updates

Microsoft has warned that Windows devices with the newest supported processors might be susceptible to data damage, noting the initial fix might have slowed operations down for some.…

Categories: News

Chinese scammers target kids with promise of extra gaming hours

The Register - Tue, 09/08/2022 - 03:45
Cyberspace regulator's fraud report finds all is not well behind the Great Firewall

Fraudsters in China have targeted a child with promises of allowing them to get around the nation's time limits on playing computer games – for a mere $560, according to the nation's cyberspace administration. Yesterday the CAC detailed some of the 12,000 acts of online fraud perpetrated against minors it handled this year.…

Categories: News

China-linked spies used six backdoors to steal info from defense, industrial enterprise orgs

The Register - Tue, 09/08/2022 - 01:23
We're 'highly likely' to see similar attacks, Kaspersky warned

Beijing-backed cyberspies used specially crafted phishing emails and six different backdoors to break into and then steal confidential data from military and industrial groups, government agencies and other public institutions, according to Kaspersky researchers.…

Categories: News

US treasury whips up sanctions for crypto mixer Tornado Cash

The Register - Tue, 09/08/2022 - 00:00
Being the money launderer for North Korea’s Lazarus Group comes at a price

The US Treasury Department is levying sanctions against Tornado Cash, a notorious cryptocurrency mixer that it says has been used by threat groups like ransomware gang Lazarus to launder stolen digital assets.…

Categories: News

Twilio customer data exposed after its staffers got phished

The Register - Mon, 08/08/2022 - 18:45
Comms giant says several other firms targeted in 'sophisticated attack'

Twilio confirmed a breach of the communication giant's network and accessed "a limited number" of customer accounts after tricking some employees into falling for a phishing attack.…

Categories: News

Microsoft tightens Edge security for less visited websites

The Register - Mon, 08/08/2022 - 18:15
We're pretty sure that doesn't mean it's safe to click on sketchy popups

Microsoft wants to make it safer for Edge users to browse and visit unfamiliar websites by automatically applying stronger security settings.…

Categories: News

Slack leaked hashed passwords from its servers for years

The Register - Mon, 08/08/2022 - 12:45
Users who created shared invitation links for their workspace had login details slip out among encrypted traffic

Did Slack send you a password reset link last week? The company has admitted to accidentally exposing the hashed passwords of workspace users.…

Categories: News

Dark Utilities C2 service draws thousands of cyber criminals

The Register - Mon, 08/08/2022 - 07:31
Nascent platform provides miscreants an easier and cheaper way to launch remote access, DDoS, and other attacks

A platform that makes it easier for cyber criminals to establish command-and-control (C2) servers has already attracted 3,000 users since launching earlier this year, and will likely expand its client list in the coming months.…

Categories: News

DuckDuckGo says Hell, Hell, No to those Microsoft trackers after web revolt

The Register - Sat, 06/08/2022 - 20:41
Plus: That Twitter privacy leak, scammers send Ubers for victims, critical flaw in Cisco gear, and more

In brief  DuckDuckGo has finally mostly cracked down on the third-party Microsoft tracking scripts that got the alternative search engine into hot water earlier this year.…

Categories: News

Hi, I'll be your ransomware negotiator today – but don't tell the crooks that

The Register - Sat, 06/08/2022 - 09:19
What it's like bargaining with criminals ... and advising clients suffering their worst day yet

Interview  The first rule of being a ransomware negotiator is that you don't admit you're a ransomware negotiator — at least not to LockBit or another cybercrime gang. …

Categories: News

Nomad to crypto thieves: Please give us back 90%, keep 10% as a reward. Deal?

The Register - Fri, 05/08/2022 - 20:43
The Feds may see things differently

Cryptocurrency bridge Nomad sent a message to the looters who drained nearly $200 million in tokens from its coffers earlier this week: return at least 90 percent of the ill-gotten gains, keep 10 percent as a bounty for discovering the security flaw, and Nomad will consider this a "white-hat" hack, as opposed to plain old theft, and not take legal action.…

Categories: News

Warning! Critical flaws found in US Emergency Alert System

The Register - Fri, 05/08/2022 - 19:05
DEF CON may be about to blow lid off security hole

The US government is warning of critical vulnerabilities in its Emergency Alert System (EAS) systems that, if exploited, could enable intruders to send fake alerts out over television, radio, and cable networks.…

Categories: News

Critical flaws found in four Cisco SMB router ranges – for the second time this year

The Register - Fri, 05/08/2022 - 07:57
At least Switchzilla thinks they're salvageable, unlike the boxes it ordered binned back in June

Cisco has revealed four of its small business router ranges have critical flaws – for the second time in 2022 alone.…

Categories: News

Bloke robbed of $800,000 in cryptocurrency by fake wallet app wants payback from Google

The Register - Fri, 05/08/2022 - 00:45
I got played via the Play store

Last October, California resident Jacob Pearlman downloaded an Android version of a cryptocurrency wallet app called Phantom from the Google Play app store.…

Categories: News

Taiwanese military reports DDoS in wake of Pelosi visit

The Register - Thu, 04/08/2022 - 13:23
Controversial visit to Taiwan continues to reverberate through cyberspace, the real world, and the semiconductor industry

Taiwan's Ministry of National Defense confirmed it was hit by a DDoS attack on Wednesday in what has been an eventful week for the island nation, US-Sino relations, and semiconductors.…

Categories: News

India scraps data protection law in favor of better law coming … sometime

The Register - Thu, 04/08/2022 - 07:58
Tech giants and digital rights groups didn't like it, but at least it was a law

The government of India has scrapped the Personal Data Protection Bill it's worked on for three years, and announced it will – eventually – unveil a superior bill.…

Categories: News

Student crashes Cloudflare beta party, redirects email, bags a bug bounty

The Register - Thu, 04/08/2022 - 07:31
Simple to exploit, enough to pocket $3,000

A Danish ethical hacker was able to work his way uninvited into a closed Cloudflare beta and found a vulnerability that could have been exploited by a cybercriminal to hijack and steal someone else's email.…

Categories: News

UK Parliament bins its TikTok account over China surveillance fears

The Register - Thu, 04/08/2022 - 06:58
Plan to educate the children turned out to be a 'won't someone think of the children?' moment

The UK's Parliament has ended its presence on TikTok after MPs pointed out the made-in-China social media service probably sends data about its users back to Beijing.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News