Cybercriminals are stealing Face ID scans to break into mobile banking accounts

The Register - Thu, 15/02/2024 - 14:00
Deepfake-enabled attacks against Android and iOS users are netting criminals serious cash

Cybercriminals are targeting iOS users with malware that steals Face ID scans to break into and pilfer money from bank accounts – thought to be a world first.…

Categories: News

Miscreants turn to ad tech to measure malware metrics

The Register - Thu, 15/02/2024 - 08:27
Now that's what you call dual-use tech

Cyber baddies have turned to ad networks to measure malware deployment and to avoid detection, according to HP Wolf Security.…

Categories: News

European Court of Human Rights declares backdoored encryption is illegal

The Register - Thu, 15/02/2024 - 07:26
Surprising third-act twist as Russian case means more freedom for all

The European Court of Human Rights (ECHR) has ruled that laws requiring crippled encryption and extensive data retention violate the European Convention on Human Rights – a decision that may derail European data surveillance legislation known as Chat Control.…

Categories: News

North Korea running malware-laden gambling websites as-a-service

The Register - Thu, 15/02/2024 - 04:30
$5k a month for the site. $3k for tech support. Infection with malware and funding a despot? Priceless

North Korea's latest money-making venture is the production and sale of gambling websites that come pre-infected with malware, according to South Korea's National Intelligence Service (NIS).…

Categories: News

OpenAI shuts down China, Russia, Iran, N Korea accounts caught doing naughty things

The Register - Thu, 15/02/2024 - 00:10
You don't need us to craft phishing emails or write malware, super-lab sniffs

OpenAI has shut down five accounts it asserts were used by government agents to generate phishing emails and malicious software scripts as well as research ways to evade malware detection.…

Categories: News

China's Volt Typhoon spies broke into emergency network of 'large' US city

The Register - Wed, 14/02/2024 - 21:00
Jeez, not now, Xi. Can't you see we've got an election and Ukraine and Gaza and cost of living and layoffs and ...

The Chinese government's Volt Typhoon spy team has apparently already compromised a large US city's emergency services network and has been spotted snooping around America's telecommunications' providers as well.…

Categories: News

US Air Force's new cyber, IT skill recruitment plan: Bring back warrant officer ranks

The Register - Wed, 14/02/2024 - 18:34
Officer pay, limited command duties and writing 'code for your country'

Skilled IT professionals considering a career change have a new option, as the US Air Force is reintroducing warrant officer ranks exclusively "within the cyber and information technology professions." …

Categories: News

Prudential Financial finds cybercrims lurking inside its IT systems

The Register - Wed, 14/02/2024 - 17:24
Some company admin and customers data exposed, but bad guys were there for 'only' a day

Prudential Financial, the second largest life insurance company in the US and eight largest worldwide, is dealing with a digital break-in that exposed some internal company and customer records to a criminal group.…

Categories: News

Romanian hospital ransomware crisis attributed to third-party breach

The Register - Wed, 14/02/2024 - 15:48
Emergency impacting more than 100 facilities appears to be caused by incident at software provider

The Romanian national cybersecurity agency (DNSC) has pinned the outbreak of ransomware cases across the country's hospitals to an incident at a service provider.…

Categories: News

Southern Water cyberattack expected to hit hundreds of thousands of customers

The Register - Wed, 14/02/2024 - 12:38
The company also curiously disappears from Black Basta leak site

UK utilities giant Southern Water admits between 5 and 10 percent of its customers have had their data stolen during a January cyberattack.…

Categories: News

Bumblebee malware wakes from hibernation, forgets what year it is, attacks with macros

The Register - Wed, 14/02/2024 - 10:57
Trying to break in with malicious Word documents? How very 2015 of you

The Bumblebee malware loader seemingly vanished from the internet last October, but it's back and - oddly - relying on a vintage vector to try and gain access.…

Categories: News

Australian Tax Office probed 150 staff over social media refund scam

The Register - Wed, 14/02/2024 - 04:45
$1.3 billion lost as identity fraud – and greed – saw 57,000 or more seek unearned tax refunds

One hundred and fifty people who worked for the Australian Taxation Office (ATO) have been investigated – and some prosecuted – for participating in a tax refund scam promoted on Facebook and TikTok.…

Categories: News

Crims found and exploited these two Microsoft bugs before Redmond fixed 'em

The Register - Wed, 14/02/2024 - 01:47
SAP, Adobe, Intel, AMD also issue fixes as well as Google for Android

Patch Tuesday  Microsoft fixed 73 security holes in this February's Patch Tuesday, and you better get moving because two of the vulnerabilities are under active attack.…

Categories: News

Just one bad DNS packet can bring down a public DNSSEC server

The Register - Tue, 13/02/2024 - 23:27
'You don't have to do more than that to disconnect an entire network' El Reg told as patches emerge

A 20-plus-year-old security vulnerability in the design of DNSSEC could allow a single DNS packet to exhaust the processing capacity of any server offering the system for domain-name resolution, effectively disabling the machine.…

Categories: News

QNAP vulnerability disclosure ends up an utter shambles

The Register - Tue, 13/02/2024 - 20:00
Two new flaws, one zero-day, countless different patches, but everything's fine!

Network-attached storage (NAS) specialist QNAP has disclosed and released fixes for two new vulnerabilities, one of them a zero-day discovered in early November.…

Categories: News

ALPHV blackmails Canadian pipeline after 'stealing 190GB of vital info'

The Register - Tue, 13/02/2024 - 19:20
Gang still going after critical infrastructure because it's, you know, critical

Canada's Trans-Northern Pipelines has allegedly been infiltrated by the ALPHV/BlackCat ransomware crew, which claims to have stolen 190 GB of data from the oil distributor.…

Categories: News

Crooks hook hundreds of exec accounts after phishing in Azure C-suite pond

The Register - Tue, 13/02/2024 - 14:20
Plenty of successful attacks observed with dangerous follow-on activity

The number of senior business executives stymied by an ongoing phishing campaign continues to rise with cybercriminals registering hundreds of cloud account takeovers (ATOs) since spinning it up in November.…

Categories: News

Meta says risk of account theft after phone number recycling isn't its problem to solve

The Register - Tue, 13/02/2024 - 08:27
Leaves it to carriers, promoting a complaint to Irish data cops from Big Tech's bête noire

Meta has acknowledged that phone number reuse that allows takeovers of its accounts "is a concern," but the ad biz insists the issue doesn't qualify for its bug bounty program and is a matter for telecom companies to sort out.…

Categories: News

Infosys subsidiary named as source of Bank of America data leak

The Register - Tue, 13/02/2024 - 05:28
Looks like LockBit took a swipe at an outsourced life insurance application

Indian tech services giant Infosys has been named as the source of a data leak suffered by the Bank of America.…

Categories: News

Korean eggheads crack Rhysida ransomware and release free decryptor tool

The Register - Tue, 13/02/2024 - 01:47
Great news for victims of gang that hit the British Library in October

Some smart folks have found a way to automatically unscramble documents encrypted by the Rhysida ransomware, and used that know-how to produce and release a handy recovery tool for victims.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News