News

US Army soldier linked to Snowflake extortion rampage admits breaking the law

The Register - Thu, 20/02/2025 - 03:01
That's the way the cookie melts

A US Army soldier suspected of hacking AT&T and Verizon has admitted leaking online people's private call records.…

Categories: News

Trump’s DoD CISO pick previously faced security clearance suspension

The Register - Wed, 19/02/2025 - 22:00
Hey, at least Katie Arrington brings a solid resume

Donald Trump's nominee for a critical DoD cybersecurity role sports a resume that outshines many of his past picks, despite previously suspended security clearance.…

Categories: News

Check out this free automated tool that hunts for exposed AWS secrets in public repos

The Register - Wed, 19/02/2025 - 20:45
You can find out if your GitHub codebase is leaking keys ... but so can miscreants

A free automated tool that lets anyone scan public GitHub repositories for exposed AWS credentials has been released.…

Categories: News

Hundreds of Dutch medical records bought for pocket change at flea market

The Register - Wed, 19/02/2025 - 13:01
15GB of sensitive files traced back to former software biz

Typically shoppers can expect to find tie-dye t-shirts, broken lamps and old disco records at flea markets, now it seems storage drives filled with huge volumes of sensitive data can be added to that list.…

Categories: News

London celebrity talent agency reports itself to ICO following Rhysida attack claims

The Register - Wed, 19/02/2025 - 09:30
Showbiz members' passport scans already plastered online

A London talent agency has reported itself to the UK's data protection watchdog after the Rhysida ransomware crew last week claimed it had attacked the business, which represents luminaries of stage and screen.…

Categories: News

Healthcare outfit that served military personnel settles allegations it faked infosec compliance for $11 million

The Register - Wed, 19/02/2025 - 01:14
If this makes you feel sick, knowing this happened before ransomware actors started targeting medical info may help

An alleged security SNAFU that occurred during the Obama administration has finally been settled under the second Trump administration.…

Categories: News

Palo Alto firewalls under attack as miscreants chain flaws for root access

The Register - Wed, 19/02/2025 - 00:15
If you want to avoid urgent patches, stop exposing management consoles to the public internet

A flaw patched last week by Palo Alto Networks is now under active attack and, when chained with two older vulnerabilities, allows attackers to gain root access to affected systems.…

Categories: News

Snake Keylogger slithers into Windows, evades detection with AutoIt-compiled payload

The Register - Tue, 18/02/2025 - 20:41
Because stealing your credentials, banking info, and IP just wasn’t enough

A new variant of Snake Keylogger is making the rounds, primarily hitting Windows users across Asia and Europe. This strain also uses the BASIC-like scripting language AutoIt to deploy itself, adding an extra layer of obfuscation to help it slip past detection.…

Categories: News

US newspaper publisher uses linguistic gymnastics to avoid saying its outage was due to ransomware

The Register - Tue, 18/02/2025 - 17:00
Called it an 'incident' in SEC filing, but encrypted apps and data exfiltration suggest Lee just can’t say the R word

US newspaper publisher Lee Enterprises is blaming its recent service disruptions on a "cybersecurity attack," per a regulatory filing, and is the latest company to avoid using the dreaded R word.…

Categories: News

FreSSH bugs undiscovered for years threaten OpenSSH security

The Register - Tue, 18/02/2025 - 15:30
Exploit code now available for MitM and DoS attacks

Researchers can disclose two brand-new vulnerabilities in OpenSSH now that patches have been released.…

Categories: News

Time to make C the COBOL of this century

The Register - Tue, 18/02/2025 - 14:01
Lions juggling chainsaws are fun to watch, but you wouldn't want them trimming your trees

Opinion  Nobody likes The Man. When a traffic cop tells you to straighten up and slow down or else, profound thanks are rarely the first words on your lips. Then you drive past a car embedded in a tree, surrounded by blue lights and cutting equipment. Perhaps Officer Dibble had a point.…

Categories: News

Indian authorities seize loot from collapsed BitConnect crypto scam

The Register - Tue, 18/02/2025 - 05:29
Devices containing crypto wallets tracked online, then in the real world

Indian authorities seize loot from BitConnect crypto-Ponzi scheme Devices containing crypto wallets tracked online, then in the real world India’s Directorate of Enforcement has found and seized over $200 million of loot it says are the proceeds of the BitConnect crypto-fraud scheme.…

Categories: News

XCSSET macOS malware returns with first new version since 2022

The Register - Mon, 17/02/2025 - 13:43
Known for popping zero-days of yesteryear, Microsoft puts Apple devs on high alert

Microsoft says there's a new variant of XCSSET on the prowl for Mac users – the first new iteration of the malware since 2022.…

Categories: News

Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps

The Register - Mon, 17/02/2025 - 02:25
PLUS: DOGE web design disappoints; FBI stops crypto scams; Zacks attacked again; and more!

Infosec In Brief  A security researcher has found that Google could leak the email addresses of YouTube channels, which wasn’t good because the search and ads giant promised not to do that.…

Categories: News

Fujitsu worries US tariffs will see its clients slow digital spend

The Register - Sun, 16/02/2025 - 23:59
PLUS: Pacific islands targeted by Chinese APT; China’s new rocket soars; DeepSeek puts Korea in a pickle; and more

Asia In Brief  The head of Fujitsu’s North American operations has warned that the Trump administration’s tariff plans will be bad for business.…

Categories: News

This open text-to-speech model needs just seconds of audio to clone your voice

The Register - Sun, 16/02/2025 - 18:58
El Reg shows you how to run Zypher's speech-replicating AI on your own box

Hands on  Palo Alto-based AI startup Zyphra unveiled a pair of open text-to-speech (TTS) models this week said to be capable of cloning your voice with as little as five seconds of sample audio. In our testing, we generated realistic results with less than half a minute of recorded speech.…

Categories: News

Nearly 10 years after Data and Goliath, Bruce Schneier says: Privacy’s still screwed

The Register - Sat, 15/02/2025 - 15:44
'In 50 years, I think we'll view these business practices like we view sweatshops today'

Interview  It has been nearly a decade since famed cryptographer and privacy expert Bruce Schneier released the book Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World - an examination of how government agencies and tech giants exploit personal data. Today, his predictions feel eerily accurate.…

Categories: News

If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish

The Register - Sat, 15/02/2025 - 00:02
Roses aren't cheap, violets are dear, now all your access token are belong to Vladimir

Digital thieves – quite possibly Kremlin-linked baddies – have been emailing out bogus Microsoft Teams meeting invites to trick victims in key government and business sectors into handing over their authentication tokens, granting access to emails, cloud data, and other sensitive information.…

Categories: News

SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN

The Register - Fri, 14/02/2025 - 22:53
Roses are red, violets are blue, CVE-2024-53704 is sweet for a ransomware crew

Miscreants are actively abusing a high-severity authentication bypass bug in unpatched internet-facing SonicWall firewalls following the public release of proof-of-concept exploit code.…

Categories: News

Critical PostgreSQL bug tied to zero-day attack on US Treasury

The Register - Fri, 14/02/2025 - 14:19
High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further

A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US Treasury in December, researchers say.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News