This week, we give thanks to Fortinet for reminding us what awful crypto with hardcoded keys looks like

Plus more from the world of infosec

Roundup  Here’s a summary of recent infosec news beyond what we’ve already covered – earlier than usual because some of us have Thanksgiving to get through in the US. By the way, watch out for hackers taking advantage of IT teams suffering turkey comas.…

The Register – Security
Secure Hunter Anti -Malware

The post This week, we give thanks to Fortinet for reminding us what awful crypto with hardcoded keys looks like appeared first on Secure Hunter Anti-Malware.

https://ift.tt/37QdUg9
Secure Hunter

Google caught a Russian state hacker crew uploading badness to the Play Store

Adtech firm also sent 12k phishing warnings to users of its services

Google has said it fired off 12,000 warnings to unlucky users of its GMail, Drive and YouTube services telling them that they’re being phished by state-backed hackers.…

The Register – Security
Secure Hunter Anti -Malware

The post Google caught a Russian state hacker crew uploading badness to the Play Store appeared first on Secure Hunter Anti-Malware.

https://ift.tt/34rQNqh
Secure Hunter

Cloudy biz Datrix locks down phishing attack in 15 mins after fat thumb triggers email badness

You can be fast but they’re always faster

Cloud-‘n’-comms biz Datrix has suffered a phishing attack that resulted in some customers’ contact details being compromised – though the company reckons it contained the attack within 15 minutes.…

The Register – Security
Secure Hunter Anti -Malware

The post Cloudy biz Datrix locks down phishing attack in 15 mins after fat thumb triggers email badness appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2L0fX7R
Secure Hunter

Bon sang! French hospital contracts 6,000 PC-locking ransomware infection

Good news? They’re not paying the ransom

A French hospital has suffered a ransomware attack that reportedly caused the lockdown of 6,000 computers.…

The Register – Security
Secure Hunter Anti -Malware

The post Bon sang! French hospital contracts 6,000 PC-locking ransomware infection appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2qGuheO
Secure Hunter

Stop us if you’ve heard this one: Facebook and Twitter profiles silently slurped by shady code

Rogue SDKs covertly harvested personal info, it is claimed

Twitter and Facebook on Monday claimed some third-party apps quietly collected swathes of personal information from people’s accounts without permission.…

The Register – Security
Secure Hunter Anti -Malware

The post Stop us if you’ve heard this one: Facebook and Twitter profiles silently slurped by shady code appeared first on Secure Hunter Anti-Malware.

https://ift.tt/37C1it2
Secure Hunter

Get ahead of the cyber-criminals using training and advice from SANS Manchester in 2020

Keep up with the latest threats – and learn how to stop them

Promo  The IT security landscape changes by the second, as organisations move to new technologies and data thieves devise increasingly ingenious ways to penetrate systems. It’s no surprise that IT security leaders feel the constant need to shore up their defenses.…

The Register – Security
Secure Hunter Anti -Malware

The post Get ahead of the cyber-criminals using training and advice from SANS Manchester in 2020 appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2KSWlSO
Secure Hunter

RDP loves company: Kaspersky finds 37 security holes in VNC remote desktop software

BlueKeep isn’t the only bug in town, plenty to go round

VNC remote desktop software has no shortage of potentially serious memory-corruption vulnerabilities, you’ll no doubt be shocked to hear.…

The Register – Security
Secure Hunter Anti -Malware

The post RDP loves company: Kaspersky finds 37 security holes in VNC remote desktop software appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2pHtnxU
Secure Hunter

T-Mobile US hacked, Monero wallet app infected, public info records on 1.2bn people leak from database…

…OnePlus also compromised, and much more

Roundup  Time for another roundup of all the security news that’s fit to print and that we haven’t covered yet.…

The Register – Security
Secure Hunter Anti -Malware

The post T-Mobile US hacked, Monero wallet app infected, public info records on 1.2bn people leak from database… appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2Ob0zr3
Secure Hunter

Bad news: ‘Unblockable’ web trackers emerge. Good news: Firefox with uBlock Origin can stop it. Chrome, not so much

Ad-tech arms race continues: DNS system exploited to silently follow folks around the web

Developers working on open-source ad-blocker uBlock Origin have uncovered a mechanism for tracking web browsers around the internet that defies today’s blocking techniques.…

The Register – Security
Secure Hunter Anti -Malware

The post Bad news: ‘Unblockable’ web trackers emerge. Good news: Firefox with uBlock Origin can stop it. Chrome, not so much appeared first on Secure Hunter Anti-Malware.

https://ift.tt/37qh4Ho
Secure Hunter

UK tax collectors warn contractors about being ripped-off – and not by HMRC for a change

Self-assessment phishing and phone scam alert raised

The UK’s tax authorities have issued an official warning to contractors to watch out for self-assessment scams – and they don’t mean IR35 for a change.…

The Register – Security
Secure Hunter Anti -Malware

The post UK tax collectors warn contractors about being ripped-off – and not by HMRC for a change appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2XETO3V
Secure Hunter

Interpol: Strong encryption helps online predators. Build backdoors

Multinational cop agency reportedly set to issue statement

Multinational police agency Interpol is due to say that tech companies deploying strong encryption helps paedophiles – unless they build backdoors for police workers.…

The Register – Security
Secure Hunter Anti -Malware

The post Interpol: Strong encryption helps online predators. Build backdoors appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2KAzN9A
Secure Hunter

Pemex hit by ransomware, US Postal Service gets a copycat and new WhatsApp bugs

Plus, 1Password gets a boatload of cash

It’s time for another Register security roundup of the week’s smaller stories you may have missed.…

The Register – Security
Secure Hunter Anti -Malware

The post Pemex hit by ransomware, US Postal Service gets a copycat and new WhatsApp bugs appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2XlVyis
Secure Hunter

1Password hopes to cross some items off its todo list with help from $200m in venture capital

Though not much detail on said list, except security and privacy

Some 14 years after it was founded and with no external funding taken in during that time, 1Password has finally succumbed to the charms – and $ 200m in cash – of venture cap biz Accel.…

The Register – Security
Secure Hunter Anti -Malware

The post 1Password hopes to cross some items off its todo list with help from $200m in venture capital appeared first on Secure Hunter Anti-Malware.

https://ift.tt/33Ut4yT
Secure Hunter

Denial of service kingpin hit with 13 months denial of freedom and a massive bill to pay

Illinois man gets more than a year in the slammer for $ 550K DDoS scheme

A US court has sentenced the operator of a massive DDoS service to 13 months in prison.…

The Register – Security
Secure Hunter Anti -Malware

The post Denial of service kingpin hit with 13 months denial of freedom and a massive bill to pay appeared first on Secure Hunter Anti-Malware.

https://ift.tt/32V6yo2
Secure Hunter

Try as they might, ransomware crooks can’t hide their tells when playing hands

Sophos sees common behavior across various infections

Common behaviors shared across all families of ransomware are helping security vendors better spot and isolate attacks.…

The Register – Security
Secure Hunter Anti -Malware

The post Try as they might, ransomware crooks can’t hide their tells when playing hands appeared first on Secure Hunter Anti-Malware.

https://ift.tt/358t7av
Secure Hunter

UK Info Commish quietly urged court to swat away 100k Morrisons data breach sueball

Supermarket says it’s innocent and we don’t need more than that, ICO told judges

The UK’s Information Commissioner urged the Court of Appeal to side with Morrisons in the supermarket’s battle to avoid liability for the theft and leaking of nearly 100,000 employees’ payroll details – despite not having read the employees’ legal arguments.…

The Register – Security
Secure Hunter Anti -Malware

The post UK Info Commish quietly urged court to swat away 100k Morrisons data breach sueball appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2NLfjfY
Secure Hunter

Londoner accused of accessing National Lottery users’ accounts

Case to be heard in full next year

A man will appear at Crown court in December to answer charges that he used hacking program Sentry MBA to access and take money from online UK National Lottery gambling accounts.…

The Register – Security
Secure Hunter Anti -Malware

The post Londoner accused of accessing National Lottery users’ accounts appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2CDJ24f
Secure Hunter

BlueKeep freakout had little to no impact on patching, say experts

Admins snoozing on patching despite reports of active attacks

The flurry of reports in recent weeks of in-the-wild exploits for the Windows RDP ‘BlueKeep’ security flaw had little impact among those responsible for patching, it seems.…

The Register – Security
Secure Hunter Anti -Malware

The post BlueKeep freakout had little to no impact on patching, say experts appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2NEgrSz
Secure Hunter

Hate hub hacked, Cisco bugs squished, Bluekeep attacks begin, and much, much more

Plus, rConfig flaw raises alarms

Roundup  Time for a look at some of the other security stories making the rounds in the past week.…

The Register – Security
Secure Hunter Anti -Malware

The post Hate hub hacked, Cisco bugs squished, Bluekeep attacks begin, and much, much more appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2X4sAn4
Secure Hunter

What do you get when you allegedly mix Wireshark, a gumshoe child molester, and a court PC? A judge facing hacking charges

Beak denies wrongdoing in baffling malware probe case

A judge in the US state of Georgia is facing hacking charges after she allegedly hired private investigators to look into what she believed was a spyware infection on her office computer.…

The Register – Security
Secure Hunter Anti -Malware

The post What do you get when you allegedly mix Wireshark, a gumshoe child molester, and a court PC? A judge facing hacking charges appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2Q5rCW4
Secure Hunter

Morrisons is to blame for 100k payroll theft and leak, say 9,000 workers

Supreme Court wraps up legal submissions from supermarket and breach victims

“Cutting to the chase, it’s not a case where the office cleaner finds a thumb drive, picks it up and takes the opportunity to make some use of it,” barrister Jonathan Barnes told the Supreme Court as he urged judges to dismiss Morrisons’ appeal against liability for its 2014 payroll data breach.…

The Register – Security
Secure Hunter Anti -Malware

The post Morrisons is to blame for 100k payroll theft and leak, say 9,000 workers appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2p64TOK
Secure Hunter

Surveillance kit slinger accused of slapping ‘Made in America’ on Chinese gear, selling it to the US government

But sure, it’s Huawei that’s the big security threat

Staff were cuffed in a police raid on Thursday at the offices of US surveillance equipment vendor Aventura Technologies. The workers are now facing criminal charges for allegedly passing off Chinese-made gear as stuff built in America, and selling it to Uncle Sam and its military.…

The Register – Security
Secure Hunter Anti -Malware

The post Surveillance kit slinger accused of slapping ‘Made in America’ on Chinese gear, selling it to the US government appeared first on Secure Hunter Anti-Malware.

https://ift.tt/33u24WF
Secure Hunter

We’re almost into the third decade of the 21st century and we’re still grading security bugs out of 10 like kids. Why?

Infosec veteran Marc Rogers on why we need a better system to rate vulnerabilities

Disclosure  The way we rate the severity of computer security vulnerabilities and bugs needs to change if people and businesses want to be better protected from malware and cyber-crime.…

The Register – Security
Secure Hunter Anti -Malware

The post We’re almost into the third decade of the 21st century and we’re still grading security bugs out of 10 like kids. Why? appeared first on Secure Hunter Anti-Malware.

https://ift.tt/36JclQQ
Secure Hunter

Before you high-five yourselves for setting up that bug bounty, you’ve got the staff in place to actually deal with security, right?

Katie Moussouris speaks out on modern-day flaw finding and infosec jobs

Disclosure  Bug-bounty pioneer Katie Moussouris has urged companies to hire the necessary staff to handle vulnerability disclosures before diving headlong into handing out rewards.…

The Register – Security
Secure Hunter Anti -Malware

The post Before you high-five yourselves for setting up that bug bounty, you’ve got the staff in place to actually deal with security, right? appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2rblMYP
Secure Hunter

PSA: Turning off silent macros in Office for Mac leaves users wide open to silent macro attacks

Microsoft seems a bit hazy on what ‘disable’ actually means

A security hole in Office for Mac can be exploited by miscreants to potentially run malicious code on victims’ shiny computers without anyone noticing.…

The Register – Security
Secure Hunter Anti -Malware

The post PSA: Turning off silent macros in Office for Mac leaves users wide open to silent macro attacks appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2WIoReI
Secure Hunter

Chrome bug squashed, QNAP NAS nasty hits, BlueKeep malware spreads, and more

Including Spanish camgirl sites spill info, domain registrars hacked

Roundup  Let’s check out some of the more recent security happenings beyond what we’ve already covered.…

The Register – Security
Secure Hunter Anti -Malware

The post Chrome bug squashed, QNAP NAS nasty hits, BlueKeep malware spreads, and more appeared first on Secure Hunter Anti-Malware.

https://ift.tt/2oOat8i
Secure Hunter

Move along, nothing to see here: Auditors say £100k grant to Hacker House was ‘appropriate’

UK.gov handout scrutinised due to boss’s friendship with PM

A £100,000 government grant to Jennifer Arcuri’s infosec training business, Hacker House, has been flagged as “appropriate” following an investigation.…

The Register – Security
Secure Hunter Anti -Malware

The post Move along, nothing to see here: Auditors say £100k grant to Hacker House was ‘appropriate’ appeared first on Secure Hunter Anti-Malware.

https://ift.tt/33bwA7F
Secure Hunter

Are you as handy with privacy certs as you are with a screwdriver? Ikea has the perfect vacancy

Disposable furniture flogger seeks data wranglers

Scandi furniture emporium Ikea is seeking privacy specialists to join its office in Malmö, Sweden.…

The Register – Security
Secure Hunter Anti -Malware

The post Are you as handy with privacy certs as you are with a screwdriver? Ikea has the perfect vacancy appeared first on Secure Hunter Anti-Malware.

https://ift.tt/36tsgTe
Secure Hunter

US Air Force inks deal with Raytheon on Windows 10 (and other) support for ARSE

Two countries separated by a common language

The US Air Force (USAF) has declared it is awarding a contract to Raytheon thanks to its pressing need for “full ARSE compatibility”, including Windows 10 support, with equipment designed for maintaining fighter jet missiles.…

The Register – Security
Secure Hunter Anti -Malware

The post US Air Force inks deal with Raytheon on Windows 10 (and other) support for ARSE appeared first on Secure Hunter Anti-Malware.

https://ift.tt/324ziKJ
Secure Hunter