Industry piles in on North Korea for sustained rampage on software supply chains

The Register - Thu, 23/11/2023 - 13:38
Kim’s cyber cronies becoming more active, sophisticated in attempts to pwn global orgs

The national cybersecurity organizations of the UK and the Republic of Korea (ROK) have issued a joint advisory warning of an increased volume and sophistication of North Korean software supply chain attacks. …

Categories: News

Attack on direct debit provider London & Zurich leaves customers with 6-figure backlogs

The Register - Thu, 23/11/2023 - 11:47
Customers complain of poor comms during huge outage that’s sparked payroll fears

A ransomware attack and resulting outages at direct debit collection company London & Zurich has forced at least one customer to take out a short-term loan as six-figure backlogs continue to cause cash flow mayhem.…

Categories: News

Stop social engineering at the IT help desk

The Register - Thu, 23/11/2023 - 09:09
How Secure Service Desk thwarts social engineering attacks and secures user verification

Sponsored Post  Ransomware can hit any organization at any time, and hackers are proving adept at social engineering techniques to gain access to sensitive data in any way they can.…

Categories: News

Mirai we go again: Zero-day flaws see routers and cameras co-opted into botnet

The Register - Thu, 23/11/2023 - 08:25
Akamai sounds the alarm – won't name the vendors yet, but there is a fix coming

Akamai has uncovered two zero-day bugs capable of remote code execution, both being exploited to distribute the Mirai malware and built a botnet army for distributed denial of service (DDoS) attacks.…

Categories: News

New Relic warns customers it's experienced a cyber … something

The Register - Thu, 23/11/2023 - 04:58
Users told to hold tight and await instructions as investigation continues

Web tracking and analytics outfit New Relic has issued a scanty security advisory warning customers it has experienced a scary cyber something.…

Categories: News

North Korea makes finding a gig even harder by attacking candidates and employers

The Register - Thu, 23/11/2023 - 01:33
That GitHub repo an interviewer wants you to work on could be malware

Palo Alto Networks' Unit 42 has detailed a pair of job market hacking schemes linked to state-sponsored actors in North Korea: one in which the threat actors pose as job seekers, the other as would-be employers.…

Categories: News

How to give Windows Hello the finger and login as someone on their stolen laptop

The Register - Wed, 22/11/2023 - 22:36
Not that we're encouraging anyone to defeat this fingerprint authentication

Hardware security hackers have detailed how it's possible to bypass Windows Hello's fingerprint authentication and login as someone else – if you can steal or be left alone with their vulnerable device.…

Categories: News

US nuke reactor lab hit by 'gay furry hackers' demanding cat-human mutants

The Register - Wed, 22/11/2023 - 21:38
Staff records swiped, leaked by gang who probably read one too many comics, sorry, graphic novels

The self-described "gay furry hackers" of SiegedSec are back: this time boasting they've broken into America's biggest nuclear power lab's IT environment and stolen records on thousands of employees. Some of that data has already been leaked, it appears.…

Categories: News

US cybercops take on 'pig butchering' org, return $9M in scammed crypto

The Register - Wed, 22/11/2023 - 12:43
Crims drain wallets of marks after letting them in on 'awesome crypto scheme secret'

The US has seized nearly $9 million in proceeds generated by exploiting more than 70 victims across the nation in so-called "pig butchering" scams.…

Categories: News

Microsoft's bug bounty turns 10. Are these kinds of rewards making code more secure?

The Register - Wed, 22/11/2023 - 10:58
Katie Moussouris, who pioneered Redmond's program, says folks are focusing on the wrong thing

Interview  Microsoft's bug bounty program celebrated its tenth birthday this year, and has paid out $63 million to security researchers in that first decade – with $60 million awarded to bug hunters in the past five years alone, according to Redmond.…

Categories: News

UK's cookie crumble: Data watchdog serves up tougher recipe for consent banners

The Register - Wed, 22/11/2023 - 10:15
30 days to get compliant with tracking rules or face enforcement action

The UK's Information Commissioner's Office (ICO) is getting tough on website design, insisting that opting out of cookies must be as simple as opting in.…

Categories: News

Binance and CEO admit financial crimes, billions coughed up to US govt

The Register - Wed, 22/11/2023 - 01:02
Chief quits, pays own penalty after helping crooks launder cash, aiding sanctions evaders

The world's largest cryptocurrency exchange just got a little smaller, with the US Department of Justice announcing Binance and its CEO Changpeng Zhao have both pleaded guilty to a multitude of financial crimes. As a result Binance will fork out $10 billion to Uncle Sam in fines and settlements.…

Categories: News

Sumo Logic wrestles with security breach, pins down customer data

The Register - Tue, 21/11/2023 - 16:32
Compromised AWS account led to fears that user info could have been exposed to cybercriminals

Sumo Logic has confirmed that no customer data was compromised as a result of the potential security breach it discovered on November 3.…

Categories: News

The XBOM vs SBOM debate

The Register - Tue, 21/11/2023 - 13:56
Why an eXtended Software Bill of Materials could be the next step up in cybersecurity

Webinar  A Software Bill of Materials (SBOM) has become a non-negotiable requirement to meet regulatory and buyer requirements. But does this provide enough protection if it can give only a partial view into interconnected and ever-changing application attack surfaces?…

Categories: News

Third-party data breach affecting Canadian government could involve data from 1999

The Register - Tue, 21/11/2023 - 13:21
Any govt staffers who used relocation services over past 24 years could be at risk

The government of Canada has confirmed its data was accessed after two of its third-party service providers were attacked.…

Categories: News

Maintaining a state of readiness to deal with cyber attacks

The Register - Tue, 21/11/2023 - 10:51
Continuous training can help improve EMEA organisations’ ability to fend off the cyber criminals in 2024

Sponsored Post  You can never afford to drop your guard when it comes to cyber security – hackers never do.  Any weakness in your organisation's defence is certain to be tested at some point.…

Categories: News

MOVEit victim count latest: 2.6K+ orgs hit, 77M+ people's data stolen

The Register - Mon, 20/11/2023 - 20:39
Real-life impact of buggy software laid bare – plus: Avast tries to profit from being caught up in attacks

Quick show of hands: whose data hasn't been stolen in the mass exploitation of Progress Software's vulnerable MOVEit file transfer application? Anyone?…

Categories: News

Former infosec COO pleads guilty to attacking hospitals to drum up business

The Register - Mon, 20/11/2023 - 17:15
Admits to taking phones used for 'code blue' emergencies offline and more

An Atlanta tech company's former COO has pleaded guilty to a 2018 incident in which he deliberately launched online attacks on two hospitals, later citing the incidents in sales pitches.…

Categories: News

Rhysida ransomware gang: We attacked the British Library

The Register - Mon, 20/11/2023 - 12:05
Crims post passport scans and internal forms up for 'auction' to prove it

The Rhysida ransomware group says it's behind the highly disruptive October cyberattack on the British Library, leaking a snippet of stolen data in the process.…

Categories: News

Your password hygiene remains atrocious, says NordPass

The Register - Mon, 20/11/2023 - 02:33
ALSO: FCC cracks down on SIM-swap scams, old ZeroLogon targeted by new ransomware, and critical vulnerabilities

Infosec in brief  It's that time of year again – NordPass has released its annual list of the most common passwords. And while it seems some of you took last year's chiding to heart, most of you arguably swapped bad for worse.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News