World's favourite open-source PDF interpreter needs patching (again)

The Register - Thu, 24/01/2019 - 13:32
Still afraid of no ghost? You didn't read the script

Google Project Zero bug-hunter Tavis Ormandy took a "random look at the new release" of Ghostscript, and turned up a vulnerability that works in all versions up to 9.26.…

Categories: News

Tech sector meekly waves arms in another bid to get Oz to amend its crypto-busting laws

The Register - Thu, 24/01/2019 - 11:14
Rather than binning them and starting again

Comment  An alliance of Australia's tech and industry advocacy groups hopes, yet again, to have the country's encryption-busting legislation tweaked before the government goes to an election no later than May.…

Categories: News

Hadoop coop thrown for loop by malware snoop n' scoop troop? Oh poop

The Register - Thu, 24/01/2019 - 08:04
Attacks on distributed frameworks on the rise, it is claimed by infosec biz

Hadoop databases haven't been getting much interest from hackers so far, compared to other data silos, but that's changing, according to a new study.…

Categories: News

As netizens, devs scream bloody murder over Chrome ad-block block, Googlers insist: It's not set in stone (yet)

The Register - Wed, 23/01/2019 - 22:11
Advertising giant insists it's all still on drawing board – as plugin devs face code rewrites

Analysis  Following uproar from developers and netizens over proposed changes to Chrome that threaten to break content and ad blockers, and knacker other browser extensions, Google software engineer Devlin Cronin has offered reassurance that the plans aren't set in stone.…

Categories: News

Fake broadband ISP support scammers accidentally cough up IP address to Deadpool in card phish gone wrong

The Register - Wed, 23/01/2019 - 21:27
A tale of Twitter fraudsters, an infosec biz boss, and a quest for one honeypot hit

Fraudsters masquerading as ISP support agents to phish payment card details have been unmasked – after they tried to scam a Brit infosec biz cofounder.…

Categories: News

Redaman Spams Russian Banking Customers with Rotating Tactics

Kapersky Labs - Wed, 23/01/2019 - 20:27
The banking trojan hides its misdeeds with a rotating set of tactics.
Categories: News

Google faces another GDPR probe – this time in the land of meatballs and flat-pack furniture

The Register - Wed, 23/01/2019 - 20:01
Gimme, gimme, gimme your data after midnight... Swedish watchdogs cry, Mamma Mia! over location slurping

Google's slurping of people's location data and web browsing histories is being probed by Swedish privacy watchdog.…

Categories: News

Malware in Ad-Based Images Targets Mac Users

Kapersky Labs - Wed, 23/01/2019 - 20:00
Researchers detected 191,970 bad ads and estimates that around 1 million users were impacted.
Categories: News

Monero: Cybercrime’s Top Choice for Mining Malware

Kapersky Labs - Wed, 23/01/2019 - 18:17
Illicit Monero-mining malware accounts for more than 4 percent of the XMR in circulation, and has created $57 million in profits for the bad guys.
Categories: News

6 Signs of Successful Threat Hunting

Kapersky Labs - Wed, 23/01/2019 - 16:34
Here are six tips to put threat hunters in the driver's seat so they can outsmart their adversaries.
Categories: News

‘Chaos’ iPhone X Attack Alleges Remote Jailbreak

Kapersky Labs - Wed, 23/01/2019 - 16:23
The attack makes use of previously disclosed critical vulnerabilities in the Apple Safari web browser and iOS.
Categories: News

U.S. Gov Issues Urgent Warning of DNS Hijacking Attacks

Kapersky Labs - Wed, 23/01/2019 - 15:06
An emergency directive from the Department of Homeland Security provides "required actions" for U.S. government agencies to prevent widespread DNS hijacking attacks.
Categories: News

Black hats are great for language diversity, says Eugene Kaspersky

The Register - Wed, 23/01/2019 - 12:21
Also reckons Russian hackers go quiet over the Christmas holidays

FIC2019  According to Eugene Kaspersky, founder of the eponymous antivirus company, black-hat hackers are increasingly likely to speak Portuguese and Spanish as well as the traditional English, Russian and Chinese.…

Categories: News

Microsoft Windows RCE Flaw Gets Temporary Micropatch

Kapersky Labs - Wed, 23/01/2019 - 12:00
0patch released the fix for the remote code execution vulnerability in Windows, which has a CVSS score of 7.8.
Categories: News

RogueRobin Malware Uses Google Drive as C2 Channel

Kapersky Labs - Wed, 23/01/2019 - 12:00
The RogueRobin uses a mix of novel techniques.
Categories: News

White-listing Azure cloud connections to grease your Office 365 wheels? About that...

The Register - Wed, 23/01/2019 - 08:53
Dev fears sub-domain abuse – Plus, unofficial patches for trio of Windows zero-days

Microsoft has been accused of ignoring an IT security risk that could be exploited to create legit-looking malware-laden webpages that sport seemingly trusted Azure and Office 365 domain names. Alternatively, the domains potentially could be used to stealthily leak stolen data from networks.…

Categories: News

Build the wall... around your DNS settings, US govt IT staff urged by Homeland Security amid domain hijackings

The Register - Wed, 23/01/2019 - 04:05
Anyone still at their posts, please stop these address takeovers... please, helloo? Anyone there?

America's Homeland Security has urged US government departments and federal agencies to shore up their DNS control panels after hackers successfully stormed the barricades.…

Categories: News

Plug in your iPhone, iPad, iPod, fire up the App Store: You have new Apple patches to install

The Register - Wed, 23/01/2019 - 00:11
Open the door, get on the floor – not so fast if you've an iPhone 4

Apple has emitted a handful of software patches to address security vulnerabilities in iOS, macOS, and various peripherals.…

Categories: News

Wow, fancy that. Web ad giant Google to block ad-blockers in Chrome. For safety, apparently

The Register - Tue, 22/01/2019 - 22:27
How many ad blocks could an ad slinger block if an ad slinger could block blocks?

Google engineers have proposed changes to the open-source Chromium browser that will break content-blocking extensions, including various ad blockers.…

Categories: News

Heads up: Debian's package manager is APT for root-level malware injection... Fix out now to thwart MITM hijacks

The Register - Tue, 22/01/2019 - 22:11
Disable redirects before applying update

The Debian Project has patched a security flaw in its software manager Apt that can be exploited by network snoops to execute commands as root on victims' boxes as they update or install packages.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News