Here's how Chinese cyber spies exploited a critical Fortinet bug

The Register - Fri, 17/03/2023 - 01:00
Looks to be the same baddies attacking VMware hypervisors last year

Suspected Chinese spies have exploited a critical Fortinet bug, and used custom networking malware to steal credentials and maintain network access, according to Mandiant security researchers.…

Categories: News

FTX inner circle helped itself to $3.2B, liquidators say

The Register - Thu, 16/03/2023 - 22:04
SBF alone pocketed $2.2B, or so this bankruptcy paperwork goes

In fresh filings in the FTX bankruptcy case, the cryptocurrency-exchange-slash-hedge-fund's liquidators say they've uncovered $3.2 billion (£2.6b) in payments and loans made to disgraced FTX founder Sam Bankman-Fried and his inner circle. …

Categories: News

Got Conti? Here's the ransomware cure to avoid paying up

The Register - Thu, 16/03/2023 - 20:28
Kaspersky cracks the code, so get busy before the next update comes

Good news for ransomware victims: Kaspersky security researchers say they've cracked the Conti ransomware code and released a decryptor tool after uncovering leaked data belonging to the notorious Russian crime group.…

Categories: News bans TikTok from its devices as a 'precaution' over spying fears

The Register - Thu, 16/03/2023 - 14:34
Gov staff using it on personal mobes just fine... it's not like ministers use WhatsApp etc for business ... oh wait

The United Kingdom government has banned use of Chinese social media platform TikTok among ministers and officials on their work devices as a “precautionary” measure over worries the app is used to snoop on Brits.…

Categories: News

Hands up who DIDN'T exploit this years-old flaw to ransack a US govt web server...

The Register - Wed, 15/03/2023 - 23:00
Why patching matters: Everyone seemingly had a crack at security bug

Multiple criminals, including at least potentially one nation-state group, broke into a US federal government agency's Microsoft Internet Information Services web server by exploiting a critical three-year-old Telerik bug to achieve remote code execution.…

Categories: News

Cancer patient sues hospital after ransomware gang leaks her nude medical photos

The Register - Wed, 15/03/2023 - 20:05
Victim offered two years of credit monitoring after highly sensitive records dumped online

A cancer patient whose nude medical photos and records were posted online after they were stolen by a ransomware gang, has sued her healthcare provider for allowing the "preventable" and "seriously damaging" leak.…

Categories: News

Pair accused of breaking into US law enforcement database, posing as cops

The Register - Wed, 15/03/2023 - 14:10
Teen arrested yesterday while another man suspected of being a ViLE crime group member still 'at large'

A 19-year-old suspected of belonging to the "ViLE" crime group told a man authorities think is in the same gang that he "jacked into a police officer's account" and "the portal had some fucking potent tools" according to a complaint unsealed today in the Eastern District of New York.…

Categories: News

SVB collapse's mix of money, urgency and uncertainty makes it irresistible to scammers

The Register - Wed, 15/03/2023 - 05:46
Phishing, dodgy domain names, and sophisticated attacks already deployed

The collapse of Silicon Valley Bank (SVB) late last week sent tremors through the global financial system, creating opportunities for short-sellers – and numerous species of scammer.…

Categories: News

China sought control of submarine cables to spy, says Micronesia

The Register - Wed, 15/03/2023 - 03:29
Outgoing president alleges Beijing is systematically bullying strategically located island paradise

The outgoing president of the Federated States of Micronesia (FSM), David Panuelo, penned a lengthy letter last week accusing Beijing of rampant bribery, spying and other tactics – including an attempt to take control of the nation's submarine cables and telecoms infrastructure.…

Categories: News

Crims exploit Microsoft, Fortinet flaws before any patches exist

The Register - Tue, 14/03/2023 - 23:59
The outlook is grim for Outlook - and SAP, Adobe. Android, and Chrome - so get ready for a long update party

Patch Tuesday  Microsoft's March Patch Tuesday includes new fixes for 74 bugs, two of which are already being actively exploited, and nine that are rated critical. Let's start with the two that miscreants found before Redmond issued a fix.…

Categories: News

Microsoft squashes Windows bug exploited to inflict ransomware misery

The Register - Tue, 14/03/2023 - 19:01
Not-so-smart SmartScreen flagged up by Googlers

Criminals are exploiting a Microsoft SmartScreen bug to deliver Magniber ransomware, potentially infecting hundreds of thousands of devices, without raising any security red flags, according to Google's Threat Analysis Group (TAG).…

Categories: News

UK refreshes national security plan to stop more of China's secret-stealing cyber-tricks

The Register - Tue, 14/03/2023 - 07:40
A threat that needs two orgs to tackle it: the 'Integrated Security Fund' and the 'National Protective Security Agency'

Britain's domestic intelligence service MI5 will oversee a new agency tasked with helping local organizations combat Chinese cyber-spies and other threats]…

Categories: News

LockBit brags: We'll leak thousands of SpaceX blueprints stolen from supplier

The Register - Mon, 13/03/2023 - 23:40
And also, Ring hit with ransomware, too?

Ransomware gang Lockbit has boasted it broke into Maximum Industries, which makes parts for SpaceX, and stole 3,000 proprietary schematics developed by Elon Musk's rocketeers.…

Categories: News

Zoll Medical says intruders had 1M+ patient, staff records at their fingertips

The Register - Mon, 13/03/2023 - 21:30
Names, addresses, SSNs all up for grabs

Medical device and software maker Zoll Medical says the personal and health information of more than a million people, including patients and employees, may have been stolen by crooks in January.…

Categories: News

CISA joins forces with Women in CyberSecurity to break up the boy's club

The Register - Mon, 13/03/2023 - 12:32
Also, the FBI just admitted to bypassing warrants by buying cellphone location data, and this week's actionable items

in brief  Cybersecurity and Infrastructure Security Agency's director Jen Easterly has been outspoken in her drive to bring more women into the security industry, and this year for International Women's Day her agency formalized that pledge by announcing a partnership with nonprofit Women in CyberSecurity (WiCyS).…

Categories: News

The UK's bad encryption law can't withstand global contempt

The Register - Mon, 13/03/2023 - 10:32
Any sufficiently stupid technology is indistinguishable from magical thinking

Opinion  Around the world, a vital technology is failing. Just as massive solar flares fry satellites and climate-change superstorms overwhelm flood defences, so a new surge of ridiculous IT-related events is burning out irony meters across the globe.…

Categories: News

Cutting complexity

The Register - Mon, 13/03/2023 - 08:52
Ensuring cybersecurity defences do more with less

Webinar  It's like living in a fever dream out there in the world of cybersecurity. More and more sophisticated attacks, a tsunami of solutions offering a gilt-edged escape from the need to constantly reconfigure your defences, and relentless pressure to always stay one step ahead of the hackers.…

Categories: News

India floats idea of dedicated tribunal to handle online offences

The Register - Mon, 13/03/2023 - 07:58
Consultation for the long-awaited Digital India Act is finally under way although the draft law's still not been revealed

India's government has started to consult some proposed details of its long-awaited Digital India Act, including a declaration that the bill needed a dedicated adjudicatory tool for offenses committed online.…

Categories: News

Google euthanizes Chrome Cleanup Tool because it no longer has a purpose

The Register - Sat, 11/03/2023 - 00:28
Times have changed and unwanted software on Windows is a rarity (unless you count Windows itself)

Google is bidding adieu to an application that enabled Chrome users on Windows systems to get rid of unwanted software.…

Categories: News

What happens if you 'cover up' a ransomware infection? For Blackbaud, a $3m charge

The Register - Fri, 10/03/2023 - 22:05
File under cost of doing business

Blackbaud has agreed to pay $3 million to settle charges that it made misleading disclosures about a 2020 ransomware infection in which crooks stole more than a million files on around 13,000 of the cloud software slinger's customers.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News