News

US says China's Volt Typhoon is readying destructive cyberattacks

The Register - Wed, 07/02/2024 - 19:11
12 international govt agencies sound the alarm, critical infrastructure at the heart of threats

The US government today confirmed China's Volt Typhoon crew comprised "multiple" critical infrastructure org's IT networks in America – and Uncle Sam warned that the Beijing-backed spies are readying "disruptive or destructive cyberattacks" against those targets.…

Categories: News

Iran's cyber operations in Israel a potential prelude to US election interference

The Register - Wed, 07/02/2024 - 16:30
Tactics are more sophisticated and supported in greater numbers

Iran's anti-Israel cyber operations are providing a window into the techniques the country may deploy in the run-up to the 2024 US Presidential elections, Microsoft says.…

Categories: News

Raspberry Pi Pico cracks BitLocker in under a minute

The Register - Wed, 07/02/2024 - 15:30
Windows encryption feature defeated by $10 and a YouTube tutorial

We're very familiar with the many projects in which Raspberry Pi hardware is used, from giving old computers a new lease of life through to running the animated displays so beloved by retailers. But cracking BitLocker? We doubt the company will be bragging too much about that particular application.…

Categories: News

JetBrains urges swift patching of latest critical TeamCity flaw

The Register - Wed, 07/02/2024 - 12:33
Cloud version is safe, but no assurances offered about possible on-prem exploits

JetBrains is encouraging all users of TeamCity (on-prem) to upgrade to the latest version following the disclosure of a critical vulnerability in the CI/CD tool.…

Categories: News

The spyware business is booming despite government crackdowns

The Register - Wed, 07/02/2024 - 08:31
'Almost zero data being shared across the industry on this particular threat,' we're told

The commercial spyware economy – despite government and big tech's efforts to crack down – appears to be booming.…

Categories: News

DEF CON is canceled! No, really this time – but the show will go on

The Register - Wed, 07/02/2024 - 00:59
Longtime host Caesars ends relationship at short notice

It's an annual meme that DEF CON infosec conference has been canceled, but this time it actually happened.…

Categories: News

Mozilla adds paid-for data-deletion tier to Monitor, its privacy-breach radar

The Register - Tue, 06/02/2024 - 21:54
Firefox maker promises to lean on personal info brokers to scrub records

Mozilla on Tuesday expanded its free privacy-monitoring service with a paid-for tier called Mozilla Monitor Plus that will try to get data brokers to delete their copies of subscribers' personal information.…

Categories: News

Verizon says 63K employees' info fell into the wrong hands – an insider this time

The Register - Tue, 06/02/2024 - 19:00
Telco says it's a private matter, data 'not shared externally'

Verizon is notifying more than 63,000 people, mostly current employees, that an insider, accidentally or otherwise, had inappropriate access to their personal data.…

Categories: News

Chinese Coathanger malware hung out to dry by Dutch defense department

The Register - Tue, 06/02/2024 - 17:15
Attack happened in 2023 using a bespoke backdoor, confirming year-old suspicions

Dutch authorities are lifting the curtain on an attempted cyberattack last year at its Ministry of Defense (MoD), blaming Chinese state-sponsored attackers for the espionage-focused intrusion.…

Categories: News

EquiLend back in the saddle as ransom payment rumors swirl

The Register - Tue, 06/02/2024 - 15:45
Still no word on how the intruders broke in or the full extent of any possible data compromise

Global securities finance tech company EquiLend's systems are now back online after announcing a disruptive ransomware attack nearly two weeks ago.…

Categories: News

Double trouble for Fortinet customers as pair of critical vulns found in FortiSIEM

The Register - Tue, 06/02/2024 - 13:30
Admins should get a move on while info is scarce and exploits aren't yet available

Fortinet's FortiSIEM product is vulnerable to two new maximum-severity security vulnerabilities that allow for remote code execution.…

Categories: News

New kids on the ransomware block in 2023: Akira and 8Base lead dozens of newbies

The Register - Tue, 06/02/2024 - 10:16
How good are your takedowns when fresh gangs are linked to previous ops, though?

At least 25 new ransomware gangs emerged in 2023, with Akira and 8Base proving the most "successful," research reveals.…

Categories: News

Google throws $1M at Rust Foundation to build C++ bridges

The Register - Mon, 05/02/2024 - 22:58
Chocolate Factory matches Microsoft money for memory safety

Google on Monday donated $1 million to the Rust Foundation specifically to improve interoperability between the language and C++.…

Categories: News

Ivanti devices hit by wave of exploits for latest security hole

The Register - Mon, 05/02/2024 - 20:45
At this point you might be better off just shutting the stuff down

Various miscreants are attempting to exploit the latest Ivanti flaw, a server-side request forgery (SSRF) vulnerability tracked as CVE-2024-21893 that can be used to hijack equipment.…

Categories: News

Ignore Uncle Sam's 'voluntary' cybersecurity goals for hospitals at your peril

The Register - Mon, 05/02/2024 - 19:30
What is on HHS paper will most likely become law, Google security boss says

Interview  If you are responsible for infosec at a US hospital or other healthcare organization, and you treat the government's new "voluntary" cybersecurity performance goals (CPGs) as, well, voluntary, you're ignoring the writing on the wall. …

Categories: News

AnyDesk revokes signing certs, portal passwords after crooks sneak into systems

The Register - Mon, 05/02/2024 - 18:30
Horse, meet stable door

AnyDesk has copped to an IT security "incident" in which criminals broke into the remote-desktop software maker's production systems. The biz has told customers to expect disruption as it attempts to lock down its infrastructure.…

Categories: News

Lurie Children's Hospital back to pen and paper after cyberattack

The Register - Mon, 05/02/2024 - 14:45
It's the second Chicago hospital to disclose a major incident in the same week

For the second time in one week, cybercriminals have targeted a Chicago children's hospital, this time causing significant operational disruption.…

Categories: News

SBF likely off the hook for misplaced FTX funds after cops bust SIM swap ring

The Register - Mon, 05/02/2024 - 01:27
PLUS: more glibc vulns discovered; DraftKings hacker sentenced; and a hefty dose of critical vulnerabilities

Infosec In Brief  The recent indictment of a massive SIM-swapping ring may mean convicted crypto conman Sam Bankman-Fried is innocent of at least one allegation still hanging over his head: The theft of more than $400 million in crypto hacked from wallets belonging to his crypto firm, FTX, just before it declared bankruptcy.…

Categories: News

Researchers remotely exploit devices used to manage safe aircraft landings and takeoffs

The Register - Sat, 03/02/2024 - 09:30
The closest thing we may ever get to a real-life Die Hard 2 scenario

Criminals could remotely tamper with the data that apps used by airplane pilots rely on to inform safe takeoff and landing procedures, according to fresh research.…

Categories: News

Blackbaud settles with FTC after that IT breach exposed millions of people's info

The Register - Fri, 02/02/2024 - 21:12
Cloud software slinger admits no guilt, promises better basic security hygiene

Blackbaud, which had data on millions of people stolen from it by one or more crooks, has promised to shore up its IT defenses in a proposed deal with the FTC.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News