Federal Communications Commission proposed stricter rules on how telco carriers should report data breaches

The Register - Thu, 13/01/2022 - 22:42
Customers shouldn't need to wait seven days before being told

The US Federal Communications Commission is considering imposing stricter rules requiring telecommunications carriers to report data breaches to customers and law enforcement more quickly.…

Categories: News

Orca Security tells AWS fail tale with a happy ending

The Register - Thu, 13/01/2022 - 21:02
Those critical AWS flaws that exposed data and broke tenant separation? All fixed!

Two serious security vulnerabilities were recently found in AWS services, but because they were responsibly reported and the cloud biz responded quickly, no harm appears to have been done.…

Categories: News

Continuous security and compliance for hybrid cloud, the Red Hat way

The Register - Thu, 13/01/2022 - 18:00
Tune in, turn on, run in the background, using Red Hat DevSecOps framework

Paid feature  Assessing what can go wrong in a hybrid cloud environment can be daunting. Applications can be poorly coded, security vulnerabilities may be present but hard to detect or manage, and applications and the IT infrastructure may not be designed for DevSecOps.…

Categories: News

Ukrainian cops nab husband and wife suspected to be part of $1m ransomware operation

The Register - Thu, 13/01/2022 - 15:31
Plus three other suspects nicked in raids today

Ukrainian police have arrested five people on suspicion of operating a ransomware gang, including a husband-and-wife team, following tipoffs from UK law enforcement.…

Categories: News

Austrian watchdog rules German company's use of Google Analytics breached GDPR by sending data to US

The Register - Thu, 13/01/2022 - 14:48
Schrems II ruling continues to trouble transatlantic data sharing

The Austrian data protection authority has ruled that use of Google Analytics by a German company is in breach of European law in light of the Schrems II EU-US data sharing ruling.…

Categories: News

Admins report Hyper-V and domain controller issues after first Patch Tuesday of 2022

The Register - Thu, 13/01/2022 - 13:17
Start as you mean to go on, Microsoft

Microsoft's first Patch Tuesday of 2022 has, for some folk, broken Hyper-V and sent domain controllers into boot loops.…

Categories: News

Volunteer Dutch flaw finders bag $100k to forward national bug bounty goal

The Register - Thu, 13/01/2022 - 08:33
Huntress Labs tips some loose change into vuln-spotters' cup

The Dutch Initiative for Vulnerability Disclosure has scored $100k towards its founder's hope of a nationwide bug bounty available for anything at all.…

Categories: News

Ransomware puts New Mexico prison in lockdown: Cameras, doors go offline

The Register - Wed, 12/01/2022 - 22:03
Bernalillo County's Metropolitan Detention Center still recovering from infection

Bernalillo County, New Mexico, has been unable to comply with the settlement terms of a 27-year-old lawsuit over prison conditions because of a ransomware attack last week that saw prisoners back under manual control.…

Categories: News

Ransomware demands… a new approach to security

The Register - Wed, 12/01/2022 - 18:00
Spending more time thinking about trust could mean spending less cash on ransom

Webinar  A ransomware attack is not a smash and grab operation. Once attackers are in your systems they’ll quietly take their time working out what to encrypt to have maximum impact and make you more likely to pay up.…

Categories: News

Info-saturated techie builds bug alert service that phones you to warn of new vulns

The Register - Wed, 12/01/2022 - 11:02
Or SMSes, if the idea of midnight robot calls worries you

An infosec pro fed up of having to follow tedious Twitter accounts to stay on top of cybersecurity developments has set up a website that phones you if there's a new vuln you really need to know about.…

Categories: News

Microsoft starts 2022 with big bundle fixes for 96 security bugs in its software

The Register - Wed, 12/01/2022 - 01:14
Nothing is certain except death, taxes, and programming errors

Patch Tuesday  The new year brings the same old chore of shoring up Microsoft software. For its first Patch Tuesday of 2022, Redmond has bestowed 96 new CVEs affecting its Windows products.…

Categories: News

Make sure you're up-to-date with Sonicwall SMA 100 VPN box patches – security hole exploit info is now out

The Register - Tue, 11/01/2022 - 22:46
Nothing like topping off unauth'd remote code execution with a su password of ... password

Technical details and exploitation notes have been published for a remote-code-execution vulnerability in Sonicwall SMA 100 series VPN appliances.…

Categories: News

EU data watchdog to Europol: You've helped yourself to too much data

The Register - Tue, 11/01/2022 - 11:47
Law enforcement agency now has one year to delete any data older than 6 months not related to criminal activity

The European Data Protection Supervisor (EDPS) has ordered European Union law enforcement agency Europol to delete any data it has on individuals that's over six months old, provided there's no link to criminal activity.…

Categories: News

Secure boot for UK electric car chargers isn't mandatory until 2023 – but why the delay?

The Register - Tue, 11/01/2022 - 10:17
Good: New requirements in new law. Bad: Grace period

Electric car chargers will have to include secure boot and automatic network disconnection if unsigned software runs on the smart devices – but only from 2023, the British government has said.…

Categories: News

Four million outdated Log4j downloads were served from Apache Maven Central alone despite vuln publicity blitz

The Register - Tue, 11/01/2022 - 08:27
It's not as though folks haven't been warned about this

There have been millions of downloads of outdated, vulnerable Log4j versions despite the emergence of a serious security hole in December 2021, according to figures compiled by the firm that runs Apache Maven's Central Repository.…

Categories: News

Signal CEO Moxie Marlinspike resigns, leaves WhatsApp co-founder to run things until a successor is named

The Register - Tue, 11/01/2022 - 01:02
Departure comes as app courts controversy by integrating private cryptocurrency scheme

Moxie Marlinspike, the creator of the Signal secure messaging app, on Monday announced his resignation as CEO of the company.…

Categories: News

Avira also mines imaginary internet money on customers' PCs

The Register - Mon, 10/01/2022 - 18:36
Who should your PC work for: you, or your antivirus vendor?

Germany-based security biz Avira's antivirus has enabled a new feature: "Avira Crypto". It's opt-in, but if you click "yes", the AV will use your computer to mine Ethereum.…

Categories: News

China puts Walmart in the naughty corner, citing 19 alleged cybersecurity 'violations'

The Register - Mon, 10/01/2022 - 13:35
Warning comes weeks after govt body accused subsidiary Sam’s Club of 'ulterior motive' in goods stocking spat

American budget retailer Walmart was cited for 19 alleged cybersecurity breaches in China, state-sponsored media reported last week.…

Categories: News

GCHQ was rebuked for ignoring spy law safeguards as pandemic hit Britain

The Register - Mon, 10/01/2022 - 12:47
Auditor IPCO flagged it up – but then approved 99.94% of state snooping

Former foreign secretary Dominic Raab rebuked GCHQ for secretly halting internal compliance audits that ensured the spy agency was obeying the law, a government report has revealed – while just 0.06 per cent of spying requests made by Britain's public sector were refused by its supposed overseer.…

Categories: News

No defence for outdated defenders as consumer AV nears RIP

The Register - Mon, 10/01/2022 - 10:00
How sad would you be to see AV go? Us neither

Opinion  Game knows game. Thus it came as little surprise that Norton's consumer security software not only sprouted a cryptominer that slurps your computer's life essence and skims a cut, but that it's hard to turn it off.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News