News

Officials warn of Russia's tech-for-troops deal with North Korea amid Ukraine conflict

The Register - Thu, 07/11/2024 - 02:30
10,000 of Kim Jong Un's soldiers believed to be headed for front line

The EU has joined US and South Korean officials in expressing concern over a Russian transfer of technology to North Korea in return for military assistance against Ukraine.…

Categories: News

Cybercrooks are targeting Bengal cat lovers in Australia for some reason

The Register - Wed, 06/11/2024 - 21:47
In case today’s news cycle wasn’t shocking enough, here’s a gem from Sophos

Fresh from a series of serious reports detailing its five-year battle with Chinese cyberattackers, Sophos has dropped a curious story about users of a popular infostealer-cum-RAT targeting a niche group of victims.…

Categories: News

Operation Synergia II sees Interpol swoop on global cyber crims

The Register - Wed, 06/11/2024 - 15:25
22,000 IP addresses taken down, 59 servers seized, 41 arrests in 95 countries

Interpol is reporting a big win after a massive combined operation against online criminals made 41 arrests and seized hardware thought to be used for nefarious purposes.…

Categories: News

Cyberattackers stole Microlise staff data following DHL, Serco disruption

The Register - Wed, 06/11/2024 - 12:06
Experts say incident has 'all the hallmarks of ransomware'

Telematics tech biz Microlise says an attack that hit its network likely did not expose customer data, although staff aren't so lucky.…

Categories: News

China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks

The Register - Wed, 06/11/2024 - 02:30
Alleged intrusion spotted in June

Chinese government cyberspies Volt Typhoon reportedly breached Singapore Telecommunications over the summer as part of their ongoing attacks against critical infrastructure operators.…

Categories: News

Scumbag puts 'stolen' Nokia source code, SSH and RSA keys, more up for sale

The Register - Wed, 06/11/2024 - 00:01
Data pinched from pwned outside supplier, thief claims

IntelBroker, a notorious peddler of stolen data, claims to have pilfered source code, private keys, and other sensitive materials belonging to Nokia.…

Categories: News

Schneider Electric ransomware crew demands $125k paid in baguettes

The Register - Tue, 05/11/2024 - 21:51
Hellcat crew claimed to have gained access via the company's Atlassian Jira system

Schneider Electric confirmed that it is investigating a breach as a ransomware group Hellcat claims to have stolen more than 40 GB of compressed data — and demanded the French multinational energy management company pay $125,000 in baguettes or else see its sensitive customer and operational information leaked.…

Categories: News

A Kansas pig butchering: CEO who defrauded bank, church, friends gets 24 years

The Register - Tue, 05/11/2024 - 20:30
FBI recovers just $8M after scam crashes Heartland Tri-State Bank

The FBI has recovered $8 million in funds from a cryptocurrency scam that netted $47 million and devastated the Kansas city of Elkhart.…

Categories: News

Criminals open DocuSign's Envelope API to make BEC special delivery

The Register - Tue, 05/11/2024 - 18:34
Why? Because that's where the money is

Business email compromise scammers are trying to up their success rate by using a DocuSign API.…

Categories: News

Ongoing typosquatting campaign impersonates hundreds of popular npm packages

The Register - Tue, 05/11/2024 - 16:28
Puppeteer or Pupeter? One of them will snoop around on your machine and steal your credentials

An ongoing typosquatting campaign is targeting developers via hundreds of popular JavaScript libraries, whose weekly downloads number in the tens of millions, to infect systems with info-stealing and snooping malware.…

Categories: News

Washington courts grapple with statewide outage after 'unauthorized activity'

The Register - Tue, 05/11/2024 - 14:29
Justice still being served, but many systems are down

A statewide IT outage attributed to "unauthorized activity" is affecting the availability of services provided by all courts in Washington.…

Categories: News

Google claims Big Sleep 'first' AI to spot freshly committed security bug that fuzzing missed

The Register - Tue, 05/11/2024 - 06:38
You snooze, you lose, er, win

Google claims one of its AI models is the first of its kind to spot a memory safety vulnerability in the wild – specifically an exploitable stack buffer underflow in SQLite – which was then fixed before the buggy code's official release.…

Categories: News

Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack

The Register - Mon, 04/11/2024 - 17:01
Victims were placed in serious danger following highly sensitive data dump

The City of Columbus, Ohio, has confirmed half a million people's data was accessed and potentially stolen when Rhysida's ransomware raided its systems over the summer.…

Categories: News

Why the long name? Okta discloses auth bypass bug affecting 52-character usernames

The Register - Mon, 04/11/2024 - 11:28
Mondays are for checking months of logs, apparently, if MFA's not enabled

In potentially bad news for those with long names and/or employers with verbose domain names, Okta spotted a security hole that could have allowed crims to pass Okta AD/LDAP Delegated Authentication (DelAuth) using only a username.…

Categories: News

Public sector cyber break-ins: Our money, our lives, our right to know

The Register - Mon, 04/11/2024 - 10:27
Is that a walrus in your server logs, or aren't you pleased to see me?

Opinion  At the start of September, Transport for London was hit by a major cyber attack. TfL is the public body that moves many of London's human bodies to and from work and play in the capital, and as the attack didn't hit power, signaling, or communications systems, most of the effects went unnoticed by commuters. The organization downplayed the damage done to back office ticketing, billing, and other systems. Everything was in hand.…

Categories: News

6 IT contractors arrested for defrauding Uncle Sam out of millions

The Register - Sun, 03/11/2024 - 18:30
Also, ecommerce fraud ring disrupted, another Operation Power Off victory, Sino SOHO botnet spotted, and more

in brief  The US Department of Justice has charged six people with two separate schemes to defraud Uncle Sam out of millions of dollars connected to IT product and services contracts. …

Categories: News

Financial institutions told to get their house in order before the next CrowdStrike strikes

The Register - Sat, 02/11/2024 - 09:30
Calls for improvements will soon turn into demands when new rules come into force

The UK's finance regulator is urging all institutions under its remit to better prepare for IT meltdowns like that of CrowdStrike in July.…

Categories: News

UK councils bat away DDoS barrage from pro-Russia keyboard warriors

The Register - Fri, 01/11/2024 - 10:58
Local authority websites downed in response to renewed support for Ukraine

Multiple UK councils had their websites either knocked offline or were inaccessible to residents this week after pro-Russia cyber nuisances added them to a daily target list.…

Categories: News

Hack Nintendo's alarm clock to show cat pics? Let's-a-go!

The Register - Fri, 01/11/2024 - 08:32
How 'Gary' defeated Bowser broke into the interactive alarm clock

A hacker who uses the handle GaryOderNichts has found a way to break into Nintendo's recently launched Alarmo clock, and run code on the device.…

Categories: News

Gang gobbles 15K credentials from cloud and email providers' garbage Git configs

The Register - Thu, 31/10/2024 - 23:59
Emeraldwhale gang looked sharp – until it made a common S3 bucket mistake

A criminal operation dubbed Emeraldwhale has been discovered after it dumped more than 15,000 credentials belonging to cloud service and email providers in an open AWS S3 bucket, according to security researchers.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News