The Register - Anti-Virus

Syndikovat obsah
Biting the hand that feeds IT — Enterprise Technology News and Analysis
Aktualizace: 26 min 7 sek zpět

Frustrated dev drops three zero-day vulns affecting Apple iOS 15 after six-month wait

24 Září, 2021 - 21:43
Security Bounty program slammed over 'broken promises'

Upset with Apple's handling of its Security Bounty program, a bug researcher has released proof-of-concept exploit code for three zero-day vulnerabilities in Apple's newly released iOS 15 mobile operating system.…

Kategorie: Viry a Červi

Stop worrying that crims could break the 'net, say cyber-diplomats – only nations have tried

24 Září, 2021 - 09:28
Global Commission on the Stability of Cyberspace is a bit miffed its 'Don't attack the internet core' norm is misunderstood

The Global Commission on the Stability of Cyberspace (GCSC) is worried its guidance on preventing the internet and all it connects becoming a casualty of war is being misinterpreted, perhaps wilfully.…

Kategorie: Viry a Červi

Apple warns of arbitrary code execution zero-day being actively exploited on Macs

24 Září, 2021 - 07:01
Remember iPods? The same bug can bite them, and plenty of older iPhones and iPads too

Apple has warned iPhone and Mac users it's aware of security bugs in its software that are being actively exploited.…

Kategorie: Viry a Červi

UK Ministry of Defence apologises – again – after another major email blunder in Afghanistan

23 Září, 2021 - 15:00
This time affecting candidates for potential relocation

A second leak of personal data was reportedly committed by the Ministry of Defence, raising further questions about the ministry's commitment to the safety of people in Afghanistan, some of whom are its own former employees.…

Kategorie: Viry a Červi

Researchers finger new APT group, FamousSparrow, for hotel attacks

23 Září, 2021 - 12:00
Espionage motive mooted in attacks which hit industry, government too

Researchers at security specialist ESET claim to have found a shiny new advanced persistent threat (APT) group dubbed FamousSparrow - after discovering its custom backdoor, SparrowDoor, on hotels and government systems around the world.…

Kategorie: Viry a Červi

Zoom's $15bn merger with Five9 probed by Uncle Sam for national security risks

23 Září, 2021 - 01:46
Vid-chat giant's ties to China under the microscope by AG-led panel

Zoom’s ties to China are at the center of a US government investigation into the video-conferencing giant's $15bn plan to take over Five9, a California call-center-in-the-cloud.…

Kategorie: Viry a Červi

Apple tried to patch this security hole in macOS Finder but didn't consider upper and lowercase characters

23 Září, 2021 - 01:07
file:// is blocked? Oh OK, we'll just use File:// or fiLE://...

Apple's macOS Finder application is currently vulnerable to a remote code execution bug, despite an apparent attempt to fix the problem.…

Kategorie: Viry a Červi

Lithuania tells its citizens to throw Xiaomi mobile devices in the bin

22 Září, 2021 - 22:36
Baltic state's cyber security centre uncovers remote censorship blocklist function in Mi 10T handset

Updated  Lithuania's National Cyber Security Centre has told its citizens to get rid of Xiaomi-made mobile devices amid fears that the Chinese company could remotely enable censorship tools.…

Kategorie: Viry a Červi

Microsoft Exchange Autodiscover protocol found leaking hundreds of thousands of credentials

22 Září, 2021 - 15:00
Email clients fail over to unexpected domains if they can't find the right resources

A flaw in Microsoft's Autodiscover protocol, used to configure Exchange clients like Outlook, can cause user credentials to leak to miscreants in certain circumstances.…

Kategorie: Viry a Červi

Break out your emergency change process and patch this ransomware-friendly bug ASAP, says VMware

22 Září, 2021 - 02:45
File upload vuln lets miscreants hijack vCenter Server - and is being exploited in the wild

Update  VMware has disclosed a critical bug in its flagship vSphere and vCenter products and urged users to drop everything and patch it. The virtualization giant also offered a workaround.…

Kategorie: Viry a Červi

Database containing personal info on 106m people who traveled to Thailand found open to the internet – report

22 Září, 2021 - 01:36
Misconfigured Elasticsearch server blamed

A database containing personal information on 106 million international travelers to Thailand was exposed to the public internet this year, a Brit biz claimed this week.…

Kategorie: Viry a Červi

Suex to be you: Feds sanction cryptocurrency exchange for handling payments from 8+ ransomware variants

21 Září, 2021 - 21:59
Russia-based biz targeted in Uncle Sam's crack down on cyber-extortion

The US Treasury on Tuesday sanctioned virtual cryptocurrency exchange Suex OTC for handling financial transactions for ransomware operators, an intervention that's part of a broad US government effort to disrupt online extortion and related cyber-crime.…

Kategorie: Viry a Červi

Fix network printing or keep Windows secure? Admins would rather disable PrintNightmare patch

21 Září, 2021 - 15:00
'Our >3,000 customers had to print again'

Microsoft's Patch Tuesday update last week was meant to fix print vulnerabilities in Windows but also broke network printing for many, with some admins disabling security or removing the patch to get it working.…

Kategorie: Viry a Červi

UK Ministry of Defence apologises after Afghan interpreters' personal data exposed in email blunder

21 Září, 2021 - 13:30
We joke about lethal consequences of failure but this isn't funny

The UK's Ministry of Defence has launched an internal investigation after committing the classic CC-instead-of-BCC email error – but with the names and contact details of Afghan interpreters trapped in the Taliban-controlled nation.…

Kategorie: Viry a Červi

Mafia works remotely, too, it seems: 100+ people suspected of phishing, SIM swapping, email fraud cuffed

21 Září, 2021 - 07:16
Dare we say, these Euro cops ran mobprobe

Police arrested 106 people suspected of carrying out online fraud for an organized crime gang linked to the Italian Mafia, Europol said on Monday.…

Kategorie: Viry a Červi

You’ve trained at the cutting edge, here’s how to keep your DFIR skills razor sharp

21 Září, 2021 - 06:00
Sometimes the most important tool is a bookmark

Sponsored  There’s nothing like five or six days of in-depth training with SANS Institute to develop cutting-edge Digital Forensics and Incident Response security skills.…

Kategorie: Viry a Červi

Apache OpenOffice can be hijacked by malicious documents, fix still in beta

20 Září, 2021 - 22:52
If you need another reason to try an alternative software suite

Apache OpenOffice (AOO) is currently vulnerable to a remote code execution vulnerability and while the app's source code has been patched, the fix has only been made available as beta software and awaits an official release.…

Kategorie: Viry a Červi

Ransomware recovery: Start getting back up before you’re even hit

20 Září, 2021 - 19:30
Here’s how to put your plan together

Sponsored  What’s the first step to recovering from a ransomware attack? Making sure you have a recovery plan in place well before you get attacked.…

Kategorie: Viry a Červi

Tick, tick, tick … TikTok China just limited kids to 40 minutes' use each day

20 Září, 2021 - 03:14
And added a bug bounty program to detect any holes in its 'youth mode'

Douyin, the Chinese app known as TikTok outside the Middle Kingdom, has imposed limits on usage time for kids.…

Kategorie: Viry a Červi

Yes, of course there's now malware for Windows Subsystem for Linux

18 Září, 2021 - 00:06
Once dismissed proof-of-concept attack on Microsoft OS through WSL detected in the wild

Updated  Linux binaries have been found trying to take over Windows systems in what appears to be the first publicly identified malware to utilize Microsoft's Windows Subsystem for Linux (WSL) to install unwelcome payloads.…

Kategorie: Viry a Červi