News

Industrial cybersecurity group gathers lobbying force

The Register - Tue, 12/04/2022 - 17:30
Industrial giants, cybersec vendors collect under OTCSA banner

A number of the world's largest manufacturing and cybersecurity companies are getting behind a new consortium aimed at protecting industrial systems from threats.…

Categories: News

OpenSSH takes aim at 'capture now, decrypt later' quantum attacks

The Register - Tue, 12/04/2022 - 15:00
Guarding against the forever almost-here crypto-cracking tech

OpenSSH 9 is here, with updates aimed at dealing with cryptographically challenging quantum computers.…

Categories: News

Critical bug allows attacker to remotely control medical robot

The Register - Tue, 12/04/2022 - 12:00
CVSS 9.8 flaws are not what you want in a hospital robot

Mobile robot maker Aethon has fixed a series of vulnerabilities in its Tug hospital robots that, if exploited, could allow a cybercriminal to remotely control thousands of medical machines.…

Categories: News

Singapore to license pentesters and managed infosec operators

The Register - Tue, 12/04/2022 - 09:30
Outfits that can rummage around inside customer systems need to prove they're up to the job - and accountable

Cybersecurity service providers must for licenses to operate in Singapore, under new regulations launched by the country’s Cyber Security Agency (CSA) on Monday.…

Categories: News

Defending the Endpoint with AI

The Register - Tue, 12/04/2022 - 08:46
Traditional endpoint security isn't working, says Darktrace

Sponsored feature  Remember the good old days, when the only devices a company had to worry about were the PCs on its own network? Today, security teams must yearn for those times as they struggle to protect endpoint devices everywhere.…

Categories: News

HCL and HP named in unflattering audit of India’s biometric ID system

The Register - Tue, 12/04/2022 - 07:57
Same biometric used for different people, no archives, lousy infosec among the issues

India’s Comptroller and Auditor General has published a performance audit of the nation’s Unique Identification Authority and found big IT problems – some attributable to Indian services giant HCL and to HP, but others due to poor government decisions.…

Categories: News

European officials reportedly targeted by NSO spyware

The Register - Mon, 11/04/2022 - 23:22
Pegasus software maker faces mounting lawsuits, investigations in the US and EU

Someone at least tried to use NSO Group's surveillance software to spy on European Commission officials last year, according to a Reuters report. …

Categories: News

Attackers exploit Spring4Shell flaw to let loose the Mirai botnet

The Register - Mon, 11/04/2022 - 18:00
Trend Micro says vulnerable systems in Singapore have been compromised

There has been a land rush of sorts among threat groups trying to use the vulnerability discovered in the open-source Spring Framework last month, and now researchers at Trend Micro are saying it's being actively exploited to execute the Mirai botnet.…

Categories: News

There are few guarantees when it comes to ransomware, except that you’re a target

The Register - Mon, 11/04/2022 - 17:15
Learn how to live with that by joining this session

Webinar  Are there any cast iron guarantees when it comes to ransomware? Well, you can guarantee that your organization will come under attack sooner or later. Probably sooner.…

Categories: News

Identity access management has a new price: $6.9 billion

The Register - Mon, 11/04/2022 - 16:30
That's what Thoma Bravo is paying for SailPoint in a mid-pandemic market

A $6.9 billion acquisition is putting a hard number on the value of Identity and Access Management (IAM). …

Categories: News

Google Play pulls sneaky data-harvesting apps with 46m+ downloads

The Register - Mon, 11/04/2022 - 12:01
Plus: Fox News learns to use database passwords, Autodesk patches high-severity bugs, and CISA says retire old D-Link routers

In brief  Google pulled a slew of Android apps with more than 46 million downloads from its Google Play Store after security researchers notified the cloud giant that the code contained some sneaky data-harvesting code.…

Categories: News

Finnish govt websites knocked down as Ukraine President addresses MPs

The Register - Sat, 09/04/2022 - 02:09
Online attacks follow suspected airspace violation by Russian aircraft

Cyberattacks took down Finnish government websites on Friday while Ukrainian President Volodymyr Zelenskyy addressed Finland's members of parliament (MPs).…

Categories: News

Microsoft dogs Strontium domains to stop attacks on Ukraine

The Register - Fri, 08/04/2022 - 21:29
Software giant sinkholes systems used by Russian gang

Microsoft this week seized seven internet domains run by Russia-linked threat group Strontium, which was using the infrastructure to target Ukrainian institutions as well as think tanks in the US and EU, apparently to support Russian's invasion of its neighbor.…

Categories: News

Zero days are for life, not just for Christmas. Here’s how to deal with them

The Register - Fri, 08/04/2022 - 18:15
Learn from the best in this session

Webinar  The Log4j vulnerability put everyone in cybersecurity through the mill last December. So, is it OK to relax now?…

Categories: News

China accused of cyberattacks on Indian power grid

The Register - Fri, 08/04/2022 - 08:58
Beijing may have had a hand in attacks in Ukraine, too

China has been accused of conducting a long-term cyber attack on India's power grid, and has been implicated in cyber attacks against targets in Ukraine.…

Categories: News

What’s it like on the cyber frontline? Find out in this online session

The Register - Fri, 08/04/2022 - 00:16
UK NCSC founder in conversation with Rubrik EMEA CTO

Paid post  When’s the ideal time to reexamine your cybersecurity and data-protection guidelines?…

Categories: News

FIN7 crime-gang pen tester headed to US prison for five years

The Register - Fri, 08/04/2022 - 00:06
He's the third FIN7 gangster to face time behind bars

Another member of notorious cybercrime ring FIN7 is headed to jail after the gang breached major companies' networks across the US and stole more than $1 billion from these businesses' customers.…

Categories: News

Russia (still) trying to weaponize Facebook for spying, Ukraine-war disinfo

The Register - Thu, 07/04/2022 - 22:08
Plus more financially motivated miscreants try to monetize invasion

Facebook is fighting a surge in cyber-espionage attempts and misinformation campaigns related to the Russian invasion of Ukraine, according to a new report by parent group Meta.…

Categories: News

Adobe Creative Cloud Experience makes it easier to run malware

The Register - Thu, 07/04/2022 - 19:42
Bundled version of Node.js simplifies executing downloaded code

Adobe Creative Cloud Experience, a service installed via the Creative Cloud installer for Windows, includes a Node.js executable that can be abused to infect and compromise a victim's PC.…

Categories: News

Fintech platform flaw could have allowed bank transfers, exposed data

The Register - Thu, 07/04/2022 - 16:30
Fintech provider flaw could have hit dozens of U.S. banks, says Salt Security

Salt Security spotted a vulnerability in a large fintech company's digital platform that would have granted attackers admin access to banking systems in addition to allowing them to transfer funds to their own accounts.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News