News

EFF adds Street Surveillance Hub so Americans can check who's checking on them

The Register - Mon, 22/01/2024 - 16:30
'The federal government has almost entirely abdicated its responsibility'

For a country that prides itself on being free, America does seem to have an awful lot of spying going on, as the new Street Surveillance Hub from the Electronic Frontier Foundation shows.…

Categories: News

Ivanti and Juniper Networks accused of bending the rules with CVE assignments

The Register - Mon, 22/01/2024 - 15:00
Critics claim now-fixed vulnerabilities weren't disclosed, flag up grouping of multiple flaws under one CVE

Critics are accusing major tech companies of not sticking to the rules when it comes to registering vulnerabilities with the appropriate authorities.…

Categories: News

Subway's data torpedoed by LockBit, ransomware gang claims

The Register - Mon, 22/01/2024 - 14:00
Fast food chain could face a footlong recovery process if allegations are true

The LockBit ransomware gang is claiming an attack on submarine sandwich slinger Subway, alleging it has made off with a platter of data.…

Categories: News

ICO fines spam slinging financial services biz

The Register - Mon, 22/01/2024 - 11:00
It's all very well offering 'Free Debt Help,' but recipients were unwilling, says watchdog...

A financial services company that illegally dispatched tens of thousands of spam messages promising to help the recipients magically wipe away their debts is itself now a debtor to the UK’s data regulator.…

Categories: News

Safeguarding against the global ransomware threat

The Register - Mon, 22/01/2024 - 09:51
How Object First’s Ootbi delivers ransomware-proof and immutable backup storage that can be up and running in minutes

Sponsored Feature  Ransomware is used by cybercriminals to steal and encrypt critical business data before demanding payment for its restoration. It represents one of, if not the most, serious cybersecurity threat currently facing governments, public/private sector organizations and enterprises around the world.…

Categories: News

BreachForums admin 'Pompourin' sentenced to 20 years of supervised release

The Register - Mon, 22/01/2024 - 02:29
ALSO: Another UEFI flaw found; Kaspersky discovers iOS log files actually work; and a few critical vulnerabilities

in brief  Conor Brian Fitzpatrick – aka "Pompourin," a former administrator of notorious leak site BreachForums – has been sentenced to 20 years of supervised release.…

Categories: News

Russians invade Microsoft exec mail while China jabs at VMware vCenter Server

The Register - Sat, 20/01/2024 - 00:08
Plus: Uncle Sam says Ivanti exploits 'consistent with PRC' snoops

A VMware security vulnerability has been exploited by Chinese cyberspies since late 2021, according to Mandiant, in what has been a busy week for nation-state espionage news.…

Categories: News

Five ripped off IT giant with $7M+ in bogus work expenses, prosecutors claim

The Register - Fri, 19/01/2024 - 21:21
Account manager and pals blew it on hotels, cruise, fancy meals and more allegedly

Five people have been accused of pulling off a "brazen" scam that involved submitting more than $7 million in fake work expense claims to an IT consultancy to bankroll hotel stays, a cruise, visits to strip clubs, and more.…

Categories: News

Thieves steal 35.5M customers’ data from Vans sneakers maker

The Register - Fri, 19/01/2024 - 13:56
But what kind of info was actually compromised? None of your business

VF Corporation, parent company of clothes and footwear brands including Vans and North Face, says 35.5 million customers were impacted in some way when criminals broke into their systems in December.…

Categories: News

IT consultant fined for daring to expose shoddy security

The Register - Fri, 19/01/2024 - 06:44
Spotting a plaintext password and using it in research without authorization deemed a crime

A security researcher in Germany has been fined €3,000 ($3,300, £2,600) for finding and reporting an e-commerce database vulnerability that was exposing almost 700,000 customer records.…

Categories: News

US agencies warn made-in-China drones might help Beijing snoop on the world

The Register - Fri, 19/01/2024 - 02:45
It’s a bird, it’s a plane… it’s a flying menace out to endanger national security

Two US government agencies, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI), warned on Wednesday that drones made in China could be used to gather information on critical infrastructure.…

Categories: News

JPMorgan exec claims bank repels 45 billion cyberattack attempts per day

The Register - Thu, 18/01/2024 - 19:04
Assets boss also reckons she has more engineers than Amazon

The largest bank in the United States repels 45 billion – yes, with a B – cyberattack attempts per day, one of its leaders claimed at the World Economic Forum in Davos. …

Categories: News

Future of America's Cyber Safety Review Board hangs in balance amid calls for rethink

The Register - Thu, 18/01/2024 - 18:30
Politics-busting, uber-transparent incident reviews require independence, less internal conflict

As the US mulls legislation that would see the Cyber Safety Review Board (CSRB) become a permanent fixture in the government's cyber defense armory, experts are calling for substantial changes in the way it's organized.…

Categories: News

Ransomware attacks hospitalizing security pros, as one admits suicidal feelings

The Register - Thu, 18/01/2024 - 17:00
Untold harms of holding the corporate perimeter revealed in extensive series of interviews

Ransomware attacks are being linked to a litany of psychological and physical illnesses reported by infosec professionals, and in some cases blamed for hospitalizations.…

Categories: News

Two more Citrix NetScaler bugs exploited in the wild

The Register - Thu, 18/01/2024 - 15:30
Just when you thought you had recovered from Bleed

Two vulnerabilities in NetScaler's ADC and Gateway products have been fixed – but not before criminals found and exploited them, according to the vendor.…

Categories: News

Google TAG: Kremlin cyber spies move into malware with a custom backdoor

The Register - Thu, 18/01/2024 - 14:00
The threat hunters believe COLDRIVER has used SPICA since at least November 2022

Russian cyberspies linked to the Kremlin's Federal Security Service (FSB) are moving beyond their usual credential phishing antics and have developed a custom backdoor that they started delivering via email as far back as November 2022, according to Google's Threat Analysis Group.…

Categories: News

Vast botnet hijacks smart TVs for prime-time cybercrime

The Register - Thu, 18/01/2024 - 10:15
8-year-old op responsible for DDoS attacks and commandeering broadcasts to push war material

Security researchers have pinned a DDoS botnet that's infected potentially millions of smart TVs and set-top boxes to an eight-year-old cybercrime syndicate called Bigpanzi.…

Categories: News

Enter the era of platform-based cloud security

The Register - Thu, 18/01/2024 - 09:35
How an integrated platform can streamline the management overhead, improve cloud security and boost threat visibility

Sponsored Post  Reports suggest that forward-looking organisations are ditching legacy point-based cloud security offerings and replacing them with more efficient integrated platforms which slash management overheads while significantly improving the app security.…

Categories: News

Insurance website's buggy API leaked Office 365 password and a giant email trove

The Register - Thu, 18/01/2024 - 01:58
Pen-tester accessed more than 650,000 sensitive messages, and still can, at Indian outfit using Toyota SaaS

Toyota Tsusho Insurance Broker India (TTIBI), an Indo-Japanese joint insurance venture, operated a misconfigured server that exposed more than 650,000 Microsoft-hosted email messages to customers, a security researcher has found.…

Categories: News

Apple, AMD, Qualcomm GPU security hole lets miscreants snoop on AI training and chats

The Register - Wed, 17/01/2024 - 23:21
So much for isolation

A design flaw in GPU drivers made by Apple, Qualcomm, AMD, and likely Imagination can be exploited by miscreants on a shared system to snoop on fellow users.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News