As Black Friday Looms, IoT Gadgets Take the Risk Spotlight

Kapersky Labs - Thu, 22/11/2018 - 11:00
Ahead of the holiday shopping bonanza, the security community is talking to consumers about IoT security.
Categories: News

Malware scum want to build a Linux botnet using Mirai

The Register - Thu, 22/11/2018 - 10:20
Hadoop YARN is the attack vector, so lock it away

Diligent hackers have decided routers and cameras aren't enough, and have reportedly crafted Mirai variants targeting Linux servers.…

Categories: News

Talk in Trump's tweets tells whether tale is true: Code can mostly spot Prez lies from wording

The Register - Wed, 21/11/2018 - 20:54
And no, it's not simply return true;... Study finds language analysis is fairly good at detecting deception

Boffins from the Netherlands and France claim that the word choices and sentence construction in President Donald Trump's tweets can be used more often than not for lie detection.…

Categories: News

Podcast: Why ‘Throwing Money’ at Threats Won’t Work

Kapersky Labs - Wed, 21/11/2018 - 20:05
How can businesses create an effective cyber defense strategy? It starts with defining success, an expert tells us.
Categories: News

FCC Addresses Robocalling – But Questions Remain

Kapersky Labs - Wed, 21/11/2018 - 19:15
The FCC will consider a proposal to combat robocalls and text spam in December.
Categories: News

Emotet’s Thanksgiving Campaign Delivers New Recipes for Compromise

Kapersky Labs - Wed, 21/11/2018 - 16:19
The crafty malware has departed from its usual cornucopia of tactics and tricks.
Categories: News

3 is the magic number (of bits): Flip 'em at once and your ECC protection has been Rowhammer'd

The Register - Wed, 21/11/2018 - 15:00
Dutch boffins slip memory-busting attack round mitigations

Researchers in the Netherlands have discovered that error-correcting code (ECC) protections can be thwarted to perform Rowhammer memory manipulation attacks.…

Categories: News

Technical foul: Amazon suffers data breach days before Black Friday, emails world+dog

The Register - Wed, 21/11/2018 - 12:40
$1tn biz doesn't answer very basic questions - like how or why it happened

Amazon has suffered a data breach just days before Black Friday – and the company was tight-lipped about whether it had notified the British data protection authorities.…

Categories: News

Fancy Bear hacker crew Putin dirty RATs in Word documents emailed to govt orgs – report

The Register - Wed, 21/11/2018 - 11:55
Disguised as files about recent Lion Air crash, no less

Russian state-backed hacking crew Fancy Bear (aka APT28) is distributing malware-riddled files with a suggested link to the recent Lion Air crash in order to dupe government workers into downloading software nasties – and has developed a new remote-access trojan called Cannon, according to Palo Alto Networks.…

Categories: News

New era for Japan, familiar problems: Microsoft withdraws crash-tastic patches

The Register - Wed, 21/11/2018 - 10:53
Upcoming calendar change more than Office can handle

Stop us if you've heard this one, but Microsoft has pulled a couple of buggy patches in Office, but left a crash-worthy security fix in place.…

Categories: News

When selling security awareness training by email, probably a good shout not to hit 'reply all'

The Register - Wed, 21/11/2018 - 09:54
The irony meter is quivering

Oh the irony. A channel account rep trying to drum up business for security awareness training scored an own goal this week when he pressed the send to all option on an email to prospective clients.…

Categories: News

Talk about a cache flow problem: This JavaScript can snoop on other browser tabs to work out what you're visiting

The Register - Wed, 21/11/2018 - 07:04
Yes, even the Tor browser can be spied on by this nasty code

Special report  Computer science boffins have demonstrated a side-channel attack technique that bypasses recently-introduced privacy defenses, and makes even the Tor browser subject to tracking. The result: it is possible for malicious JavaScript in one web browser tab to spy on other open tabs, and work out which websites you're visiting.…

Categories: News

If you're using Dell EMC Avamar, even in VMware's vSphere, you need to grab and install these security updates

The Register - Wed, 21/11/2018 - 06:11
Unless you want your private key to leak, watch miscreants inject commands, etc

Get patching: data protection offerings in the Dell EMC Avamar range have four exploitable security bugs – one enabling remote code execution – and VMware's inherited the vulnerabilities, with fixes now available.…

Categories: News

Infosec's Thanksgiving turkey triumvirate: Tesla, Tumblr, Trump (as in Ivanka)... and tons more

The Register - Wed, 21/11/2018 - 02:07
It's like a turducken of screw-ups

Roundup  As America prepares for Thursday's Thanksgiving rituals of turkey, football, and awkward conversations with extended family, three organisations are going to have admins working overtime to clean up security messes.…

Categories: News

Australia's 'snoop minister' wants crypto-busting law probe wound up, proposals back into parliament

The Register - Wed, 21/11/2018 - 01:23
Dutton busts out the ol' razzle-dazzle of terrorists, encrypted chat and hand-wringing

Australia's home affairs minister Peter Dutton wants the parliamentary inquiry into his proposed crypto-busting law to wind up its work, and send the draft rules back to legislators to approve, stat.…

Categories: News

Sofacy APT Takes Aim with Novel ‘Cannon’ Trojan

Kapersky Labs - Wed, 21/11/2018 - 00:32
The Russian-speaking threat group is changing up its tactics.
Categories: News

What the #!/%* is that rogue Raspberry Pi doing plugged into my company's server room, sysadmin despairs

The Register - Tue, 20/11/2018 - 22:44
Online sleuths dig into the case, with surprising success

It's every sysadmin's worst nightmare: discovering that someone has planted a device in your network, among all your servers, and you have no idea where it came from nor what it does. What do you do?…

Categories: News

LastPass? More like lost pass. Or where the fsck has it gone pass. Five-hour outage drives netizens bonkers

The Register - Tue, 20/11/2018 - 21:44
Data centre lost connectivity, now restored

LastPass's cloud service suffered a five-hour outage today that left some people unable to use the password manager to log into their internet accounts.…

Categories: News

Critical Adobe Flash Bug Impacts Windows, macOS, Linux and Chrome OS

Kapersky Labs - Tue, 20/11/2018 - 20:49
Adobe issues patch for a Flash Player vulnerability that could lead to an arbitrary code execution on targeted systems.
Categories: News

Did you hear? There's a critical security hole that lets web pages hijack computers. Of course it's Adobe Flash's fault

The Register - Tue, 20/11/2018 - 20:08
The internet's screen door strikes again – so get patching

Adobe has emitted software updates to address a critical vulnerability in Flash Player for Windows, Mac, and Linux.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News