Java security plagued by crappy docs, complex APIs, bad advice

Boffins bash stale Stack Overflow fixes and lazy developers

Relying on search engines to find answers to coding problems has become so common that two years ago it was suggested computer programming be renamed “googling Stack Overflow,” in reference to the oft-visited coding community website.…

The Register – Security
Secure Hunter Anti -Malware

The post Java security plagued by crappy docs, complex APIs, bad advice appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2xNx5r9
Secure Hunter

Citrix patches Netscaler hole, ARM TrustZone twisted, Android Dirty COW exploited – and more security fails

The good, the bad and the weird from this week

Roundup  As ever, it has been a busy week on the security front with good news, some very bad reports, corporate failings all round and troubling signs ahead for those worried about government intrusion in the online world.…

The Register – Security
Secure Hunter Anti -Malware

The post Citrix patches Netscaler hole, ARM TrustZone twisted, Android Dirty COW exploited – and more security fails appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2x1JgNa
Secure Hunter

Microsoft downplays alarm over Windows Defender ‘flaw’

Says you’d hafta click through a *boatload* of warnings

Security researchers have uncovered what they believe is a vulnerability that allows malware to completely bypass Windows Defender. Microsoft dismissed the report as of “limited practical applicability” in practice (i.e. a low-risk threat).…

The Register – Security
Secure Hunter Anti -Malware

The post Microsoft downplays alarm over Windows Defender ‘flaw’ appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2yagrDx
Secure Hunter

Have MAC, will hack: iThings have trivial-to-exploit WiFi bug

Project Zero reveal you really shouldn’t skip the upgrade to iOS 11

iThing owners, do not skip iOS 11: it plugs a dead-easy-to-exploit drive-by WiFi bug.…

The Register – Security
Secure Hunter Anti -Malware

The post Have MAC, will hack: iThings have trivial-to-exploit WiFi bug appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2xB8W5w
Secure Hunter

Docs ran a simulation of what would happen if really nasty malware hit a city’s hospitals. RIP :(

Equipment still taking too long to patch, leaving systems exposed

DerbyCon  Electronic medical equipment is supposed to help humans save lives, but their lamentable security could result in considerable death, we were warned over the weekend.…

The Register – Security
Secure Hunter Anti -Malware

The post Docs ran a simulation of what would happen if really nasty malware hit a city’s hospitals. RIP :( appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2fuX5kU
Secure Hunter

Pesky users! They’re always compromising endpoints! Security baked into silicon helps

Intel chippery tech mitigates the most careless of workers

Sponsored  We can all agree that endpoint security is important – and also that it is a pain to enforce. Because of people. Worker carelessness is the most potent threat to endpoint security, according to US IT decision makers.…

The Register – Security
Secure Hunter Anti -Malware

The post Pesky users! They’re always compromising endpoints! Security baked into silicon helps appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2htOBY6
Secure Hunter

Want to get around app whitelists by pretending to be Microsoft? Of course you can…

…And here’s how

DerbyCon  A sprinkle of code and an understanding of the Windows digital certificate process is all that’s needed for a miscreant to sneak malware past Microsoft’s application whitelist within a corporate environment.…

The Register – Security
Secure Hunter Anti -Malware

The post Want to get around app whitelists by pretending to be Microsoft? Of course you can… appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2wLwF5C
Secure Hunter

Don’t fear the software shopkeeper: T&Cs banning bad reviews aren’t legal in America

Doesn’t stop them trying to put the frighteners, tho

DerbyCon  Security vendors are inserting language into their products’ terms and conditions that attempt to silence critics, folks attending this year’s DerbyCon conference were told on Friday.…

The Register – Security
Secure Hunter Anti -Malware

The post Don’t fear the software shopkeeper: T&Cs banning bad reviews aren’t legal in America appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2hqaffZ
Secure Hunter

Mini-Heartbleed info leak bug strikes Apache, airborne malware, NSA algo U-turn, and more

The security week in review

Roundup  As ever, it’s been a doozy of a week for cybersecurity, or lack thereof. The Equifax saga just keeps giving, the SEC admitted it was thoroughly pwned, and Slack doesn’t bother to sign its Linux versions. We do spoil you so, Reg readers. And that was only yesterday. Here’s the rest of the week’s shenanigans we didn’t get round to.…

The Register – Security
Secure Hunter Anti -Malware

The post Mini-Heartbleed info leak bug strikes Apache, airborne malware, NSA algo U-turn, and more appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2jQrThe
Secure Hunter

You lost your ballpoint pen, Slack? Why’s your Linux version unsigned?

No digital signature on hipster collab app means it’s easy to make dangerous fakes

Slack is distributing open Linux-based versions of its technology that are not digitally signed, contrary to industry best practice.…

The Register – Security
Secure Hunter Anti -Malware

The post You lost your ballpoint pen, Slack? Why’s your Linux version unsigned? appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2yrTFUu
Secure Hunter

More data lost or stolen in first half of 2017 than the whole of last year

That’s 1.9 BEEELLION records – and just you wait till GDPR

More data records have been lost or stolen during the first half of 2017 (1.9 billion) than all of 2016 (1.37 billion).…

The Register – Security
Secure Hunter Anti -Malware

The post More data lost or stolen in first half of 2017 than the whole of last year appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2f9YTf4
Secure Hunter

What’s that, Equifax? Most people expect to be notified of a breach within hours?

Go on, you’re the breach expert

Equifax hasn’t found time for a houseclean and is making claims of authority and competence about security breaches that, following its own recent high profile breach, come off as pretty cringeworthy.…

The Register – Security
Secure Hunter Anti -Malware

The post What’s that, Equifax? Most people expect to be notified of a breach within hours? appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2wtkYQM
Secure Hunter

Equifax’s IT leaders ‘retire’ as company says it knew about the bug that brought it down

Company tried to find and patch vulnerable systems, but we know what happened next

Equifax’s chief information officer and chief security officer “are retiring” and the company has admitted it knew Apache Struts needed patching in March, but looks to have fluffed attempts to secure the software.…

The Register – Security
Secure Hunter Anti -Malware

The post Equifax’s IT leaders ‘retire’ as company says it knew about the bug that brought it down appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2xK8K6G
Secure Hunter

Equifax mega-breach: Security bod flags header config conflict

Help wanted at Equifax. Badly

Further evidence has emerged regarding the insecurity of Equifax’s web setup, as independent security researcher Scott Helme reports having uncovered all manner of problems with Equifax’s security header configuration.…

The Register – Security
Secure Hunter Anti -Malware

The post Equifax mega-breach: Security bod flags header config conflict appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2wyrrFw
Secure Hunter

Equifax UK admits: 400,000 Brits caught up in mega-breach

UK dedicated systems not affected

Equifax UK has surfaced to say that British systems were not affected by a recently disclosed megahack, however 400,000 UK people were affected due to a “process failure.”…

The Register – Security
Secure Hunter Anti -Malware

The post Equifax UK admits: 400,000 Brits caught up in mega-breach appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2x7KLLK
Secure Hunter

NCC hires three Bank of England cyber experts to beef up assurance business

Intros CENTA – that new money smell

Three of the Bank of England’s cyber specialists have joined NCC Group to lead a newly established threat assurance unit at the UK-based security consultancy firm.…

The Register – Security
Secure Hunter Anti -Malware

The post NCC hires three Bank of England cyber experts to beef up assurance business appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2eZCHEj
Secure Hunter

Protect your business from ransomware robbers

The inevitable kick in the arse

Promo  Two much-publicised ransomware attacks earlier this year, including one on the NHS, have raised the profile of the ransomware menace that hangs over businesses of all sizes.…

The Register – Security
Secure Hunter Anti -Malware

The post Protect your business from ransomware robbers appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2x23pEA
Secure Hunter

Kaspersky shrugs off government sales ban proposal

It’s not like we sell to the Feds, so go ahead and ban us!

Kaspersky Lab has laughed off attempts to have its wares banned from US government computers by saying it hardly sold to the Feds anyway.…

The Register – Security
Secure Hunter Anti -Malware

The post Kaspersky shrugs off government sales ban proposal appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2xYZTtY
Secure Hunter

Another reason to hate Excel: its Macros can help pivot attacks

From Excel.Application to remote code execution. Lovely

A white-hat has taken a good look at whether you can pivot an attack from one machine to others using Microsoft Excel, and you probably won’t like what he found.…

The Register – Security
Secure Hunter Anti -Malware

The post Another reason to hate Excel: its Macros can help pivot attacks appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2vRVAzU
Secure Hunter

42: The answer to life, the universe and how many Cisco products have Struts bugs

Borg starts appraising its exposure to Apache problem

More than 42 Cisco products might inherit the Apache Struts bug that emerged last week.…

The Register – Security
Secure Hunter Anti -Malware

The post 42: The answer to life, the universe and how many Cisco products have Struts bugs appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2xqQM99
Secure Hunter

Scotiabank internet whizzkids screw up their HTTPS security certs

Not exactly a move designed to inspire confidence

The team behind Scotiabank’s Digital Banking Unit isn’t impressing some customers, after forgetting to renew the security certificates for their own website.…

The Register – Security
Secure Hunter Anti -Malware

The post Scotiabank internet whizzkids screw up their HTTPS security certs appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2wSxBBY
Secure Hunter

Red panic: Best Buy yanks Kaspersky antivirus from shelves

That gives me a great idea, says Putin – payback

Updated  US big box retailer Best Buy has pulled from its shelves Kaspersky Lab’s PC security software amid fears of Kremlin spies using the antivirus tool to snoop on Americans.…

The Register – Security
Secure Hunter Anti -Malware

The post Red panic: Best Buy yanks Kaspersky antivirus from shelves appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2xkR1T5
Secure Hunter

Stand up who HASN’T been hit in the Equifax mega-hack – whoa, whoa, sit down everyone

143m in US, unknown number in UK, Canada – gulp!

Vid  Global credit reporting agency Equifax admitted today it suffered a massive breach of security that could affect almost half of the US population.…

The Register – Security
Secure Hunter Anti -Malware

The post Stand up who HASN’T been hit in the Equifax mega-hack – whoa, whoa, sit down everyone appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2jb7xPv
Secure Hunter

.UK domains left at risk of theft in Enom blunder

Registrar finally plugs web address hijacking vulnerability

Thousands of UK companies were at risk of having their .uk domain names stolen for more than four months by a critical security failure at domain registrar Enom.…

The Register – Security
Secure Hunter Anti -Malware

The post .UK domains left at risk of theft in Enom blunder appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2gK06ue
Secure Hunter

Aw, bless EU! Give staff privacy at work, human rights court tells bosses

Can’t fire folk for using personal comms at work. Another great reason for Brexit, eh?

Companies operating in the European Union must balance workplace surveillance with employees’ privacy rights, the European Court of Human Rights has ruled.…

The Register – Security
Secure Hunter Anti -Malware

The post Aw, bless EU! Give staff privacy at work, human rights court tells bosses appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2eFwRYF
Secure Hunter

UK not as keen on mobile wallets as mainland Europe and US

Banks vs fintech war looms. But for now, let’s pop the kettle on

The UK is lagging behind other countries in mobile wallet adoption, according to a new survey out today.…

The Register – Security
Secure Hunter Anti -Malware

The post UK not as keen on mobile wallets as mainland Europe and US appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2wBvUdI
Secure Hunter

Crypto-busters reverse nearly 320 MEELLION hashed passwords

Researchers reverse hashes in Troy Hunt’s password release. PS, don’t forget the salt

The anonymous CynoSure Prime “cracktivists” who two years ago reversed the hashes of 11 million leaked Ashley Madison passwords have done it again, this time untangling a stunning 320 million hashes dumped by Australian researcher Troy Hunt.…

The Register – Security
Secure Hunter Anti -Malware

The post Crypto-busters reverse nearly 320 MEELLION hashed passwords appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2eCvwpp
Secure Hunter

‘Independent’ gov law reviewer wants users preemptively identified before they’re ‘allowed’ to use encryption

UK watchdog echoes Home Sec in anti-crypto comments

The UK’s “independent reviewer of terrorism legislation” appears to have gone rogue, saying that encryption should be withheld from people who don’t verify their identities on social media.…

The Register – Security
Secure Hunter Anti -Malware

The post ‘Independent’ gov law reviewer wants users preemptively identified before they’re ‘allowed’ to use encryption appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2euRXsG
Secure Hunter

US cops can’t keep license plate data scans secret without reason

California’s Supreme Court rules authorities must justify denying data requests

Police departments cannot categorically deny access to data collected through automated license plate readers, California’s Supreme Court said on Thursday – a ruling that may help privacy advocates monitor government data practices.…

The Register – Security
Secure Hunter Anti -Malware

The post US cops can’t keep license plate data scans secret without reason appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2gshMdz
Secure Hunter

China’s cybersecurity law grants government ‘unprecedented’ control over foreign tech

Relinquish your IP or lose one of the world’s largest markets

China’s new cybersecurity law will enable its government to discover potential security vulnerabilities of any company doing business in the country, threat intelligence firm Recorded Future warns.…

The Register – Security
Secure Hunter Anti -Malware

The post China’s cybersecurity law grants government ‘unprecedented’ control over foreign tech appeared first on Secure Hunter Anti-Malware.

http://ift.tt/2euJ861
Secure Hunter