Uber fined £385k by ICO for THAT hack of 57m customers' deets

The Register - Tue, 27/11/2018 - 11:03
2.7 million Brits caught up in 'serious failure of data security' says UK data watchdog

The UK’s data watchdog has slapped a £385,000 penalty on app-not-driving-service baddie Uber for security weak spots that attackers exploited to expose the details of millions of customers.…

Categories: News

Sacked NCC Group grad trainee emailed 300 coworkers about Kali Linux VM 'playing up'

The Register - Tue, 27/11/2018 - 09:35
Then took her employers to the Employment Tribunal

An NCC Group graduate trainee who emailed 300 coworkers to ask for help with what she deemed to be "unusual" behaviour from her Kali Linux VM; contacted the firm’s incident response team to complain about a faulty laptop; and said the machine had been "deliberately sabotaged", has had her victimisation claim thrown out by an employment tribunal.…

Categories: News

Oz opposition caves, offers encryption backdoor compromise

The Register - Tue, 27/11/2018 - 02:57
Mark Dreyfus offers to rubber-stamp legislation if only counter-terror agencies get decryption

Mark Dreyfus, the Labor opposition's shadow Attorney General, has offered a compromise on Australia's controversial encryption backdooring bill that could see it passed, but with its operation restricted to counter-terrorism agencies.…

Categories: News

Knuddels Flirt App Slapped with Hefty Fine After Data Breach

Kapersky Labs - Mon, 26/11/2018 - 21:34
It's Germany's first GDPR fine, for an incident that affected millions of accounts.
Categories: News

Check your repos... Crypto-coin-stealing code sneaks into fairly popular NPM lib (2m downloads per week)

The Register - Mon, 26/11/2018 - 20:58
Node.js package tried to plunder Bitcoin wallets

A widely used Node.js code library in NPM's warehouse of repositories was altered to include crypto-coin-stealing malware. The lib in question, event-stream, is downloaded roughly two million times a week by application programmers.…

Categories: News

Mobile Rotexy Malware Touts Ransomware, Banking Trojan Functions

Kapersky Labs - Mon, 26/11/2018 - 18:49
A mobile malware has accelerated its activity in 2018, launching more than 70k attacks in August through October.
Categories: News

USPS, Amazon Data Leaks Showcase API Weaknesses

Kapersky Labs - Mon, 26/11/2018 - 18:46
The incidents affected millions, just as Black Friday, Cyber Monday and the holiday shopping season kicked off.
Categories: News

User Confidence in Smartphone Security Abysmal

Kapersky Labs - Mon, 26/11/2018 - 16:13
Sixty-six percent of phone users said they had suffered data-related harm: 11 percent suffered identity theft, 22 percent account hacking, 14 percent credit cards hacking and 12 percent financial fraud. 
Categories: News

Bedroom design outfit slapped with £160k fine for 1.6 million spam calls

The Register - Mon, 26/11/2018 - 15:30
Just five years after it paid a £90k penalty for dodgy dialling

A Glaswegian business has been fined £160,000 for making 1.6 million nuisance calls to people on the UK's opt-out database – five years after it received a £90,000 fine which was also for dodgy dialling.…

Categories: News

Tighten up your security defences at SANS London 2019

The Register - Mon, 26/11/2018 - 10:48
Ten intensive courses cover all the cyber security skills you need

Promo  Defending organisations against security attacks is an ongoing challenge, with new threats constantly emerging to test the beleaguered security professional.…

Categories: News

Spotify Phishers Hijack Music Fans’ Accounts

Kapersky Labs - Sat, 24/11/2018 - 15:00
The credentials could be used to glean a variety of intel on the victims.
Categories: News

Threatpost News Wrap Podcast for Nov. 23

Kapersky Labs - Fri, 23/11/2018 - 21:01
From Ford data security speculation to the VisionDirect data breach, the Threatpost editors talk about this week's biggest stories.
Categories: News

Old Printer Vulnerabilities Die Hard

Kapersky Labs - Fri, 23/11/2018 - 14:00
New research on an old problem reveals despite efforts, the InfoSec professionals still have a way to go when it comes to securing printers.
Categories: News

'Cuddly' German chat app slacking on hashing given a good whacking under GDPR: €20k fine

The Register - Fri, 23/11/2018 - 13:15
PLAIN TEXT passwords showed up on file-hosting site

German chat platform ("Cuddles") has been fined €20,000 for storing user passwords in plain text (no hash at all? Come on, people, it's 2018).…

Categories: News

ThreatList: One-Third of Firms Say Their Container Security Lags

Kapersky Labs - Fri, 23/11/2018 - 13:00
More than one-third of respondents in a new survey haven’t started or are just creating their security strategy plans.
Categories: News

Apache Hadoop spins cracking code injection vulnerability YARN

The Register - Fri, 23/11/2018 - 11:00
Loose .zips sink chips 2: Electric Boogaloo

The "Zip Slip" vulnerability that first emerged in June has claimed another victim – the Apache Hadoop YARN NodeManager daemon.…

Categories: News

Laptop search unravels scheme to fake death for insurance cash

The Register - Thu, 22/11/2018 - 17:00
The first rule of death club is not to be seen alive

After faking one's own death to defraud a life insurance company, it's best to avoid being photographed alive and well, particularly when border agents may be reviewing those photos.…

Categories: News

Zero-Trust Frameworks: Securing the Digital Transformation

Kapersky Labs - Thu, 22/11/2018 - 13:30
Zero trust refers to the notion of evaluating  the security risk of devices and users within the context of any given moment, without automatically conferring access based on credentials.
Categories: News

Podcast: Breaking Down the Magecart Threat (Part One)

Kapersky Labs - Thu, 22/11/2018 - 12:00
In the first part of our podcast series, we talked to Rapid7's chief data scientist about how Magecart has changed.
Categories: News

German e-government SDK patched against ID spoofing vulnerability

The Register - Thu, 22/11/2018 - 11:45
Alice becomes Bob

Germany has patched a key "e-government" service against possible impersonation attacks, and both private and public sector developers have been told to check their logs for evidence of exploits.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News