The Register - Anti-Virus

Syndikovat obsah
Biting the hand that feeds IT — Enterprise Technology News and Analysis
Aktualizace: 25 min 22 sek zpět

JavaScript-based address bar spoofing vulns patched in Safari, Yandex, Opera

24 Říjen, 2020 - 08:14
Are you where you think you are, or are you where I want you to think you are?

Rapid7 found Apple’s Safari browser, as well as the Opera Mini and Yandex browsers, were vulnerable to JavaScript-based address bar spoofing.…

Kategorie: Viry a Červi

Palo Alto Networks threatens to sue security startup for comparison review, says it breaks software EULA

23 Říjen, 2020 - 18:58
'I'm not going to be bullied by someone with deeper pockets' vows Orca boss

Palo Alto Networks has threatened a startup with legal action after the smaller biz published a comparison review of one of its products.…

Kategorie: Viry a Červi

EU slaps extra sanctions on Russian spy chief and APT28 malware dev over 2015 Bundestag hack

23 Říjen, 2020 - 17:20
Better late than never, eh

The European Union has imposed sanctions on a Russian military malware developer and the commander of Russia’s MI6 equivalent, a mere five years after the two targeted Germany's parliament with a cyberattack.…

Kategorie: Viry a Červi

Ed Snowden doesn’t need to worry about being turfed out of Russia any more

23 Říjen, 2020 - 07:34
Immigration reforms allowing more skilled workers to stay seem to have resulted in permanent residency

Russia has apparently given super-leaker and former NSA sysadmin Edward Snowden de facto permanent residence.…

Kategorie: Viry a Červi

After Dutch bloke claims he hacked Trump's Twitter by guessing password, web biz says there's 'no evidence'

23 Říjen, 2020 - 06:36
It's saying something when it's easy to believe the US President's passphrase was maga2020!

Donald Trump's Twitter password was easily guessed, and he still isn't using multi-factor authentication, claims a Dutch hacker who on Thursday bragged he broke into the President's account last week. Twitter says it has "no evidence" this claim is true.…

Kategorie: Viry a Červi

China reveals audit of 320,000 local apps, with 34 booted from app stores and hundreds of devs warned they could suffer same fate

23 Říjen, 2020 - 05:27
Privacy crackdown in the land of ubiquitous surveillance, where 5G now blankets all cities

Through most of 2020 bans on Chinese apps have meant geopolitical strife, but China yesterday revealed it has started banning some of its own apps.…

Kategorie: Viry a Červi

After first floating $20bn penalty, DoJ suggests $60m fine for UMC's theft of Micron’s DRAM secrets

23 Říjen, 2020 - 03:58
Taiwanese chipmaker promises ‘substantial assistance’ in ongoing China IP theft action

Taiwanese chip-maker United Microelectronics Corporation (UMC) will plead guilty to theft of trade secrets from Micron Technologies and pay a $60m fine to the USA.…

Kategorie: Viry a Červi

Is it Iran or Russia's hackers we need to worry about? The Russians, definitely the Russians, says US intelligence

23 Říjen, 2020 - 00:39
Energetic Bear team caught breaking into govt systems, no harm done to Nov 3 elections

The FBI and the US government's Cybersecurity and Infrastructure Security Agency on Thursday issued a joint warning that a Kremlin hacking crew is probing or breaking into systems belonging to the US government and aviation industry.…

Kategorie: Viry a Červi

French IT outsourcer Sopra Steria hit by 'cyberattack', Ryuk ransomware suspected

22 Říjen, 2020 - 15:37
You know, the firm that runs half of NHS Business Services

French-headquartered IT outsourcer Sopra Steria has been struck by a “cyberattack,” reportedly linked to the Ryuk ransomware gang.…

Kategorie: Viry a Červi

Samsung to introduce automatic call blocking on Android 11-capable flagships

22 Říjen, 2020 - 12:44
Yeah I've heard you were in a car accident that wasn't your fault. Is that right? *Click*

Samsung phones will soon come with automatic spam call blocking. The feature, which is part of Samsung Smart Call, will debut on the Galaxy Note20 and will roll out to all new devices released after 2020.…

Kategorie: Viry a Červi

Iran sent threatening pro-Trump emails to American Democrats, Russia close behind, says US intelligence

22 Říjen, 2020 - 03:03
No, say it ain't so,

Updated  Menacing emails to Democratic voters, telling them to vote for Donald Trump in the upcoming US elections or else, were sent by Iran, US intelligence claimed on Wednesday night.…

Kategorie: Viry a Červi

Thought the FBI were the only ones able to unlock encrypted phones? Pretty much every US cop can get the job done

22 Říjen, 2020 - 00:34
Massive public records request reveals scale of warrantless surveillance

Never mind the Feds. American police forces routinely "circumvent most security features" in smartphones to extract mountains of personal information, according to a report that details the massive, ubiquitous cracking of devices by cops.…

Kategorie: Viry a Červi

Coronavirus outbreak triggered a rush of online attacks against retail loyalty schemes, Akamai reckons

21 Říjen, 2020 - 21:25
Digital souks are sitting ducks for identity fraudsters

Hackers are breaking into online loyalty card accounts using stolen credentials or easily obtainable information, and then not only ransacking the profiles' balances but also harvesting victims' personal data for subsequent identity theft, Akamai has warned.…

Kategorie: Viry a Červi

How much does Oracle love you? Thiiiis much: Latest patch bundle has 402 fixes

21 Říjen, 2020 - 19:32
How many times do you want to read the CVSS rating 9.8 today?

Oracle has released its final quarterly batch of patches for the year for security flaws in its products. The total this time? 402 fixes, the bulk of which are rated critical in terms of severity.…

Kategorie: Viry a Červi

How cybercriminals play the domain game

21 Říjen, 2020 - 07:00
And why AI tools will make you less vulnerable

Sponsored  Conventional email security tools are losing the battle against phishing attacks. The cause? Instead of registering a handful of domains from which to conduct their phishing campaigns, many cybercriminals now buy them by the thousand. This approach makes it harder for traditional email protection tools to spot phishing emails among the ‘noise’. Thanks to bulk domain registration services, malicious spammers can tip the balance in their favour through sheer volume.…

Kategorie: Viry a Červi

OpenStack haven OpenDev yanks Gerrit code review tool after admin account compromised for two weeks

21 Říjen, 2020 - 03:08
Source warehouse asks users to verify recent project commits to ensure they’re not malicious, which hosts the official OpenStack source code, on Tuesday tore down its Gerrit deployment after realizing it had been secretly hacked two weeks ago.…

Kategorie: Viry a Červi

Top tip, everyone: Chinese hackers are hitting these 25 vulns, so make sure you patch them ASAP, says NSA

21 Říjen, 2020 - 00:40
Plus this Chrome one being exploited in the wild, we note

The NSA has blown the lid off 25 computer security vulnerabilities Chinese government hackers are using to break into networks, steal data, and so on. The US super-spies said they went public with their list to help IT staff prioritize bug fixing. That is to say: if you're unsure of which patches to apply, do these first.…

Kategorie: Viry a Červi

VMware patches, among other things, ESXi flaw that can be abused by miscreants on the network to hijack hosts

20 Říjen, 2020 - 21:14
Adobe issues out-of-band patches, too, for Photoshop, Illustrator, InDesign, After Effects, etc

Sysadmins responsible for VMware deployments should test and apply the latest security updates for the software.…

Kategorie: Viry a Červi

Remember insider threat? Old news now. Focus on malware detection, says EU infosec agency

20 Říjen, 2020 - 16:25
ENISA annual report also calls for better use of threat intel by frontline bods

Insider threats, ransomware and cyber espionage were all in decline in the early part of 2020, according to the EU’s cybersecurity agency – though the risk of an “uncontrolled cyber arms race” among nation states is growing.…

Kategorie: Viry a Červi

You’ve open sourced your relational database manager with PostgreSQL – but how can you keep it secure?

20 Říjen, 2020 - 07:00
We'll help you manage risk while chasing your RDBMS dreams

Webcast  There was a time when open source was still – no matter how many decades it had driven software projects – regarded as the playground of hippies and utopians. Bold and brave, yet thrown together, inconsistent and unsecured when compared to more established products.…

Kategorie: Viry a Červi