News

American Water stops billing for H2O due to 'cybersecurity incident'

The Register - Mon, 07/10/2024 - 22:30
Water is still safe to drink, it confirms

American Water, which supplies over 14 million people in the US and numerous military bases, has stopped issuing bills and has taken its MyWater app offline while it investigates a hacking incident.…

Categories: News

Cops love facial recognition, and withholding info on its use from the courts

The Register - Mon, 07/10/2024 - 20:45
Withholding exculpatory evidence from suspects isn't a great look when the tech is already questionable

Police around the United States are routinely using facial recognition technology to help identify suspects, but those departments rarely disclose they've done so - even to suspects and their lawyers. …

Categories: News

Chinese cyberspies reportedly breached Verizon, AT&T, Lumen

The Register - Mon, 07/10/2024 - 18:17
Salt Typhoon may have accessed court-ordered wiretaps and US internet traffic

Verizon, AT&T, and Lumen Technologies were among the US broadband providers whose networks were reportedly hacked by Chinese cyberspies, possibly compromising the wiretapping systems used for court-ordered surveillance.…

Categories: News

Embattled users worn down by privacy options? Let them eat code

The Register - Mon, 07/10/2024 - 09:30
Struggle ye not with cookies, lest ye become a cookie monster

Opinion  The people are defeated. Worn out, deflated, and apathetic about the barrage of banners and pop-ups about cookies and permissions.…

Categories: News

Ryanair faces GDPR turbulence over customer ID checks

The Register - Sat, 05/10/2024 - 10:31
Irish data watchdog opens probe after 'numerous complaints'

Ireland's Data Protection Commission (DPC) has launched an inquiry into Ryanair's Customer Verification Process for travelers booking flights through third-party websites or online travel agents (OTA).…

Categories: News

UK's Sellafield nuke waste processing plant fined £333K for infosec blunders

The Register - Sat, 05/10/2024 - 07:07
Radioactive hazards and cyber failings ... what could possibly go wrong?

The outfit that runs Britain's Sellafield nuclear waste processing and decommissioning site has been fined £332,500 ($440,000) by the nation's Office for Nuclear Regulation (ONR) for its shoddy cybersecurity practices between 2019 and 2023.…

Categories: News

About a quarter million Comcast subscribers had their data stolen from debt collector

The Register - Fri, 04/10/2024 - 21:13
Cable giant says ransomware involved, FBCS keeps schtum

Comcast says data on 237,703 of its customers was in fact stolen in a cyberattack on a debt collector it was using, contrary to previous assurances it was given that it was unaffected by that intrusion.…

Categories: News

Apple fixes bug that let VoiceOver shout your passwords

The Register - Fri, 04/10/2024 - 12:54
Not a great look when the iGiant just launched its first password manager

Apple just fixed a duo of security bugs in iOS 18.0.1 and iPadOS 18.0.1, one of which might cause users' saved passwords to be read aloud. It's hardly an ideal situation for the visually impaired.…

Categories: News

Visit CyberThreat 2024 to hone your cybersecurity skills

The Register - Fri, 04/10/2024 - 09:02
Get together with the European cybersecurity community at a two-day conference in London this December

Sponsored Post  This year's CyberThreat returns to London to provide a place for cybersecurity professionals to share experiences, new tools and techniques to help organisations stay ahead of the latest cyber threats.…

Categories: News

Harvard duo hacks Meta Ray-Bans to dox strangers on sight in seconds

The Register - Fri, 04/10/2024 - 07:32
'You can build this in a few days – even as a very naïve developer'

A pair of inventive Harvard undergraduates have created what they believe could be one of the most intrusive devices ever built – a wake-up call, they tell The Register, for the world to take privacy seriously in the AI era.…

Categories: News

Big names among thousands infected by payment-card-stealing CosmicSting crooks

The Register - Fri, 04/10/2024 - 04:42
Gangs hit 5% of all Adobe Commerce, Magento-powered stores, Sansec says

Ray-Ban, National Geographic, Whirlpool, and Segway are among thousands of brands whose web stores were reportedly compromised by criminals exploiting the CosmicSting flaw in hope of stealing shoppers' payment card info as they order stuff online.…

Categories: News

DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks

The Register - Thu, 03/10/2024 - 17:00
Winter is coming

The US Department of Justice and Microsoft have seized 107 websites used by Russian cyberspies in a phishing campaign to steal sensitive information from US government agencies, think tanks, and other victims.…

Categories: News

Average North American CISO salary now $565K, mainly thanks to one weird trick

The Register - Thu, 03/10/2024 - 15:01
Best way to boost your package is to leave, or pretend to

A survey of nearly 700 CISOs in the US and Canada has found that salaries have risen over the last year to an average of $565,000 and a median of $403,000, with the top 10 percent of execs pulling in over $1 million.…

Categories: News

Two British-Nigerian men sentenced over multimillion-dollar business email scam

The Register - Thu, 03/10/2024 - 13:30
Fraudsters targeted local government, colleges, and construction firms in Texas and North Carolina

Two British-Nigerian men were sentenced for serious business email compromise schemes in the US this week, netting them millions of dollars from local government entities, construction companies, and colleges.…

Categories: News

Ransomware crew infects 100+ orgs monthly with new MedusaLocker variant

The Register - Thu, 03/10/2024 - 11:00
Crooks 'like a sysadmin, with a malicious slant'

Exclusive  An extortionist armed with a new variant of MedusaLocker ransomware has infected more than 100 organizations a month since at least 2022, according to Cisco Talos, which recently discovered a "substantial" Windows credential data dump that sheds light on the criminal and their victims.…

Categories: News

Brits hate how big tech handles their data, but can't be bothered to do much about it

The Register - Thu, 03/10/2024 - 10:15
Managing the endless stream of cookie banners leaves little energy for anything else

Fewer than one in five Brits report being happy with the way their personal data is handled by big tech companies, yet the furthest many will go is to reject optional cookies on the web.…

Categories: News

700K+ DrayTek routers are sitting ducks on the internet, open to remote hijacking

The Register - Wed, 02/10/2024 - 22:33
With 14 serious security flaws found, what a gift for spies and crooks

Fourteen bugs in DrayTek routers — including one critical remote-code-execution flaw that received a perfect 10 out of 10 CVSS severity rating — could be abused by crooks looking to seize control of the equipment to then steal sensitive data, deploy ransomware, and launch denial-of-service attacks.…

Categories: News

Two simple give-me-control security bugs found in Optigo network switches used in critical manufacturing

The Register - Wed, 02/10/2024 - 21:39
Poor use of PHP include() strikes again

Two trivial but critical security holes have been found in Optigo's Spectra Aggregation Switch, and so far no patch is available.…

Categories: News

NIST's security flaw database still backlogged with 17K+ unprocessed bugs. Not great

The Register - Wed, 02/10/2024 - 13:31
Logjam 'hurting infosec processes world over' one expert tells us as US body blows its own Sept deadline

NIST has made some progress clearing its backlog of security vulnerability reports to process – though it's not quite on target as hoped.…

Categories: News

'Patch yesterday': Zimbra mail servers under siege through RCE vuln

The Register - Wed, 02/10/2024 - 11:50
Attacks began the day after public disclosure

"Patch yesterday" is the advice from infosec researchers as the latest critical vulnerability affecting Zimbra mail servers is now being mass-exploited.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News