Cybercrooks get cozy with BoxedApp to dodge detection

The Register - Tue, 04/06/2024 - 13:00
Some of the biggest names in the game are hopping on the trend

Malware miscreants are increasingly showing a penchant for abusing legitimate, commercial packer apps to evade detection.…

Categories: News

Hudson Rock yanks report fingering Snowflake employee creds snafu for mega-leak

The Register - Tue, 04/06/2024 - 03:25
Cloud storage giant lawyers up against infosec house

Analysis  Hudson Rock, citing legal pressure from Snowflake, has removed its online report that claimed miscreants broke into the cloud storage and analytics giant's underlying systems and stole data from potentially hundreds of customers including Ticketmaster and Santander Bank.…

Categories: News

NIST turns to IT consultants to clear National Vulnerability Database backlog

The Register - Mon, 03/06/2024 - 22:46
Aims to get CVE logjam cleared by the end of FY 24

Facing a growing backlog of reported flaws, NIST has extended a commercial contract with an outside consultancy to help it get on top of its National Vulnerability Database (NVD).…

Categories: News

Crooks threaten to leak 3B personal records 'stolen from background check firm'

The Register - Mon, 03/06/2024 - 20:36
Turns out opting out actually works?

Billions of records detailing people's personal information may soon be dumped online after being allegedly obtained from a Florida firm that handles background checks and other requests for folks' private info.…

Categories: News

Russia takes gold for disinformation as Olympics approach

The Register - Mon, 03/06/2024 - 15:45
Featuring Tom Cruise deepfakes and multiple made-up terrorism threats

Still throwing toys out the pram over its relationship with international sport, Russia is engaged in a multi-pronged disinformation campaign against the Olympic Games and host nation France that's intensifying as the opening ceremony approaches.…

Categories: News

Check Point warns customers to patch VPN vulnerability under active exploitation

The Register - Mon, 03/06/2024 - 13:02
Also, free pianos are the latest internet scam bait, Cooler Master gets pwned, and some critical vulnerabilities

Infosec in brief  Cybersecurity software vendor Check Point is warning customers to update their software immediately in light of a zero day vulnerability under active exploitation.…

Categories: News

Derisking your CNI

The Register - Mon, 03/06/2024 - 10:00
How to strengthen cyber risk management for cyber physical systems (CPS)

Webinar  Can organizations ever scale back on the relentless task of identifying, prioritizing, and remediating vulnerabilities, and misconfigurations across their industrial and critical infrastructure environments?…

Categories: News

Researchers crash Baidu robo-cars with tinfoil and paint daubed on cardboard

The Register - Mon, 03/06/2024 - 06:48
The fusion of Lidar, radar, and cameras can be fooled by stuff from your kids' craft box

A team of researchers from prominent universities – including SUNY Buffalo, Iowa State, UNC Charlotte, and Purdue – were able to turn an autonomous vehicle (AV) operated on the open sourced Apollo driving platform from Chinese web giant Baidu into a deadly weapon by tricking its multi-sensor fusion system.…

Categories: News

Twitch ditches Safety Advisory Council, relaunches with vetted 'ambassadors'

The Register - Sat, 01/06/2024 - 00:13
Who needs experts when you have an army of hand-picked super users telling you what you want to hear?

Twitch has reportedly dismantled its Safety Advisory Council, and apparently plans to replace the panel with chosen "ambassadors."…

Categories: News

Snowflake denies miscreants melted its security to steal data from top customers

The Register - Fri, 31/05/2024 - 22:44
Infosec house claims Ticketmaster, Santander hit via cloud storage

Infosec analysts at Hudson Rock believe Snowflake was compromised by miscreants who used that intrusion to steal data on hundreds of millions of people from Ticketmaster, Santander, and potentially other customers of the cloud storage provider. Snowflake denies its security was defeated.…

Categories: News

US senator claims UnitedHealth's CEO, board appointed 'unqualified' CISO

The Register - Fri, 31/05/2024 - 22:29
Similar cases have resulted in serious sanctions, and they were on a far smaller scale

Serial tech and digital privacy critic Senator Ron Wyden (D-OR) laid into UnitedHealth Group's (UHG) CEO for appointing a CISO Wyden deemed "unqualified"– a decision he claims likely led to its ransomware catastrophe of late.…

Categories: News

Cyber cops plead for info on elusive Emotet mastermind

The Register - Fri, 31/05/2024 - 20:21
Follows arrests and takedowns of recent days

After the big dog revelations from the past week, the cops behind Operation Endgame are now calling for help in tracking down the brains behind the Emotet operation.…

Categories: News

New Nork-ish cyberespionage outfit uncovered after three years

The Register - Fri, 31/05/2024 - 16:25
Sector-agnostic group is after your data, wherever you are

Infosec researchers revealed today a previously unknown cybercrime group that's been on the prowl for three years and is behaving like some of the more dangerous cyber baddies under Kim Jong-Un's watch.…

Categories: News

Google to push ahead with Chrome's ad-blocker extension overhaul in earnest

The Register - Fri, 31/05/2024 - 12:15
Starting Monday, users will gradually be warned the end is near

On Monday, June 3, 2024, some people using Beta, Dev, and Canary builds of Google's Chrome browser will be presented with a warning banner when they access their extension management page – located at chrome://extensions.…

Categories: News

FlyingYeti phishing crew grounded after abominable Ukraine attacks

The Register - Fri, 31/05/2024 - 07:27
Kremlin-aligned gang used Cloudflare and GitHub resources, and they didn't like that one bit

Cloudflare's threat intel team claims to have thwarted a month-long phishing and espionage attack targeting Ukraine which it has attributed to Russia-aligned gang FlyingYeti.…

Categories: News

Mystery miscreant remotely bricked 600,000 SOHO routers with malicious firmware update

The Register - Fri, 31/05/2024 - 01:15
Source and motive of 'Pumpkin Eclipse' assault unknown

Unknown miscreants broke into more than 600,000 routers belonging to a single ISP late last year and deployed malware on the devices before totally disabling them, according to security researchers.…

Categories: News

OpenAI is very smug after thwarting five ineffective AI covert influence ops

The Register - Fri, 31/05/2024 - 00:29
That said, use of generative ML to sway public opinion may not always be weak sauce

OpenAI on Thursday said it has disrupted five covert influence operations that were attempting to use its AI services to manipulate public opinion and elections.…

Categories: News

US Treasury says NFTs 'highly susceptible' to fraud, but ignored by high-tier criminals

The Register - Thu, 30/05/2024 - 22:47
Narco kingpins aren't coming for your apes, but internet con artists still are

The US Treasury Department has assessed the risk of non-fungible tokens (NFTs) being used for illicit finance, and has found them wanting for lack of proper roadblocks preventing illegal applications.…

Categories: News

Euro cops disrupt malware droppers, seize thousands of domains

The Register - Thu, 30/05/2024 - 19:00
Operation Endgame just beginning: 'Stay tuned,' says Europol

An international law enforcement operation led by Europol has kicked off with the announcement of multiple arrests, searches, seizures and takedowns of malware droppers and their operators.…

Categories: News

Cybercriminals raid BBC pension database, steal records of over 25,000 people

The Register - Thu, 30/05/2024 - 15:02
This just in: We lost your personal info, but here's 2 years' worth of Experian

The BBC has emailed more than 25,000 current and former employees on one of its pension schemes after an unauthorized party broke into a database and stole their personal data.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News