Solana, Phantom blame Slope after millions in crypto-coins stolen from 8,000 wallets

The Register - Thu, 04/08/2022 - 04:26
SOL holders literally S.O.L.

Millions of dollars worth of Solana cryptocurrency and other tokens were stolen from seemingly thousands of netizens this week by thieves exploiting some kind of security weakness or blunder.…

Categories: News

Microsoft widens enterprise access to its threat intelligence pool

The Register - Wed, 03/08/2022 - 22:31
Organizations can be more proactive in tracking threats, finding holes in their protection

Microsoft says it will give enterprise security operation centers (SOCs) broader access to the massive amount of threat intelligence it collects every day.…

Categories: News

Ex-T-Mobile US store owner phished staff, raked in $25m from unlocking phones

The Register - Wed, 03/08/2022 - 21:17
That's just the tip of the iceberg – and now he faces potentially years in the clink

A now-former T-Mobile US store stole at least 50 employees' work credentials to run a phone unlocking and unblocking service that prosecutors said netted $25 million.…

Categories: News

Sonatype shines light on typosquatting ransomware threat in PyPI

The Register - Wed, 03/08/2022 - 18:15
It's all fun and games until somebody gets their files encrypted

Miscreants making use of typosquatting are being spotted by researchers at Sonatype, emphasizing the need to check that the package is really the one you meant to download.…

Categories: News

You can’t choose when you’ll be hit by ransomware, but you can choose how you prepare

The Register - Wed, 03/08/2022 - 16:46
Without a road to recovery, you’re just going to be roadkill

Sponosred Feature  What sort of disaster would you rather prepare for? Hurricanes are destructive, but you know when one's coming, giving you time to take defensive action. Earthquakes vary in their destructive power, but you never know when they're going to hit, meaning your ability to recover after the impact is critical.…

Categories: News

NortonLifeLock and Avast $8.6b deal gets provisional yes from UK regulator

The Register - Wed, 03/08/2022 - 12:30
Plus: Even market authorities can't seem to keep up with Microsoft's Defender branding

The UK's Competition and Markets Authority has given a provisional nod to the proposed merger of British cybersecurity company Avast and US rival NortonLifeLock.…

Categories: News

Post-quantum crypto cracked in an hour with one core of an ancient Xeon

The Register - Wed, 03/08/2022 - 07:59
NIST's nifty new algorithm looks like it's in trouble

One of the four encryption algorithms the US National Institute of Standards and Technology (NIST) recommended as likely to resist decryption by quantum computers has has holes kicked in it by researchers using a single core of an Intel Xeon CPU, released in 2013.…

Categories: News

Nancy Pelosi ties Chinese cyber-attacks to need for Taiwan visit

The Register - Wed, 03/08/2022 - 03:58
And is if to confirm the link, a DDoS takes out Taiwan's presidential website ahead of senior politico's arrival

Speaker of the US House of Representatives Nancy Pelosi has tied her controversial visit to Taiwan to an alleged barrage of China-directed cyber-attacks against the territory.…

Categories: News

VMware patches critical 'make me admin' auth bypass bug, plus nine other flaws

The Register - Wed, 03/08/2022 - 01:26
Meanwhile, a security update for rsync

VMware has fixed a critical authentication bypass vulnerability that hits 9.8 out of 10 on the CVSS severity scale and is present in multiple products.…

Categories: News

How a crypto bridge bug led to a $200m 'decentralized crowd looting'

The Register - Wed, 03/08/2022 - 00:34
Flash mob exploits Nomad's validation code blunder

Cryptocurrency bridge service Nomad, which describes itself as "an optimistic interoperability protocol that enables secure cross-chain communication," has been drained of tokens notionally worth $190.7 million if exchanged for US dollars.…

Categories: News

Robinhood's crypto unit hit with $30m fine over security, anti-crime misses

The Register - Tue, 02/08/2022 - 20:42
And just lays off about a quarter of staff

Updated  Robinhood's cryptocurrency operations has been formally fined $30 million for violating New York's anti-money-laundering and cybersecurity regulations.…

Categories: News

Threat groups embrace messaging apps to spread malware, communicate

The Register - Tue, 02/08/2022 - 18:45
Underground forums are so last year. Telegram, Discord offer better privacy, functionality to criminals, says Intel 471

Cybercriminals are turning to messaging apps like Telegram and Discord as alternatives to popular underground forums: not only for the private communications and security features but also as avenues for spreading malware.…

Categories: News

Bot army risk as 3,000+ apps found spilling Twitter API keys

The Register - Tue, 02/08/2022 - 15:45
Please stop leaving credentials where miscreants can find them

Want to build your own army? Engineers at CloudSEK have published a report on how to do just that in terms of bots and Twitter, thanks to API keys leaking from applications.…

Categories: News

Miscreants aim to cause Discord discord with malicious npm packages

The Register - Tue, 02/08/2022 - 10:31
LofyLife campaign comes amid GitHub security lockdown

Cybercriminals continue to use npm packages to drop malicious packages on unsuspecting victims, most recently to steal Discord login tokens, bank card data, and other user information from infected systems.…

Categories: News

Charges filed over $300m 'textbook pyramid and Ponzi scheme' crypto startup

The Register - Tue, 02/08/2022 - 02:09
Financial watchdog accuses 11 of playing role in alleged scam

Forsage, an alleged crypto Ponzi scheme purporting to be a decentralized smart contract platform, bilked millions of investors worldwide out of more than $300 million, according to America's securities watchdog.…

Categories: News

Defence against the dark arts of ransomware

The Register - Mon, 01/08/2022 - 17:30
Locking in safeguards against incursion with Rubrik Zero Trust Security

Webinar  It's just any old Monday, already you are mentally ticking off the to do list, and then, as you reach for your morning coffee and switch on your screen. Devastation. You've been hacked.…

Categories: News

Akamai: We stopped record DDoS attack in Europe

The Register - Mon, 01/08/2022 - 08:27
A 'sophisticated, global botnet' held an Eastern European biz under siege over 30 days

Akamai Technologies squelched the largest-ever distributed denial-of-service (DDoS) attack in Europe earlier this month against a company that was being consistently hammered over a 30-day period.…

Categories: News

Spyware developer charged by Australian Police after 14,500 sales

The Register - Mon, 01/08/2022 - 01:30
PLUS: India open to space tourism; China/Indonesia infosec pact; Paytm denies breach; Infosys dodges government again; and more

Asia In Brief  Australia's federal police (AFP) on Friday charged a man with creating and profiting from spyware that allowed total remote control of victims' computers.…

Categories: News

Tim Hortons offer free coffee and donut to settle data privacy invasion claims

The Register - Sat, 30/07/2022 - 14:25
Also, malicious VBA macros are out and container files are in, Robin Banks helps criminals rob banks, and more

In brief  Canadian fast food chain Tim Hortons is settling multiple data privacy class-action lawsuits against it by offering something it knows it's good for: a donut and coffee.…

Categories: News

This is what to expect when a managed service provider gets popped

The Register - Sat, 30/07/2022 - 01:30
MSP should just stand for My Server's Pwned!

A Russian-language miscreant claims to have hacked their way into a managed service provider, and has asked for help monetizing what's said to be access to the networks and computers of that MSP's 50-plus US customers.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News