The Register - Security
Biting the hand that feeds IT
Copyright: Copyright 2018, Situation Publishing
Fri, 20 Apr 2018 15:06:09 GMT
Plenty of laser research already going on – but there's more than one way to melt a drone
The EU is planning to build a laser cannon with double the power of Britain's under-construction Dragonfire zapper, according to reports – but the general state of the tech doesn't automatically mean Europe will be trying to snaffle Brit raygun smarts.…
Thu, 19 Apr 2018 22:07:34 GMT
Java fixes lobbed out, Spectre Solaris patches issued
Oracle this week emitted its April security update, addressing a total of 254 security vulnerabilities across dozens of products.…
Thu, 19 Apr 2018 18:25:50 GMT
Prosecutors ask judge to give Baratov 94 months for stealing accounts on behalf of FSB
The Canadian hacker who helped Russian agents by breaking into more than 11,000 Yahoo email accounts could spend the next eight years behind bars, if American prosecutors get their way.…
Thu, 19 Apr 2018 16:39:11 GMT
I'm fsck-ed off it took this long, rages affected Reg reader
Some of the 15 million Britons affected by the Equifax mega-hack are only now receiving letters notifying them that they were affected by the breach, eight months after the event.…
Thu, 19 Apr 2018 15:00:07 GMT
Poorly configured cloud buckets strike again – this time, Localbox fingered
US social network data aggregator LocalBlox has been caught leaving its AWS bucket of 48 million records – harvested in part from public Facebook, LinkedIn and Twitter profiles – available to be viewed by anyone who stopped by.…
Thu, 19 Apr 2018 08:02:07 GMT
Home Office admits national and local databases don't talk to each other, so everything is manual
The UK government has admitted it can only delete custody images from its massive database through a complex manual process, and that it would cost too much to weed out all the images of innocent people by hand.…
Thu, 19 Apr 2018 05:58:09 GMT
First word on how card security for containers, VDI, SDN and web apps
The Payment Card Industry Security Standards Council (PCI SSC) has issued a big update to its guidance on using payment cards with cloud computing services.…
Thu, 19 Apr 2018 01:58:04 GMT
How trackers can snatch private info from people's profiles
Updated It's possible for miscreants to secretly extract people's personal information via Facebook's Login service – the tool that lets you sign into websites using just a Facebook ID.…
Thu, 19 Apr 2018 00:12:47 GMT
Cisco issues critical patch to stop in-meeting attacks
Cisco has patched a serious vulnerability in its WebEx software that lets an attacker remotely execute code on target machines via poisoned Adobe Flash files.…
Wed, 18 Apr 2018 20:26:36 GMT
Don't panic… until you finish reading
RSA 2018 The iTunes Wi-Fi sync feature in Apple's iOS can be potentially abused by cops, snoops, and hackers to remotely extract information from, and control, iPhones and iPads.…
Wed, 18 Apr 2018 18:57:27 GMT
Science-fiction horror trope now a reality in 2018
Scientists in Belgium have tested the security of a wireless brain implant called a neurostimulator – and found that its unprotected signals can be hacked with off-the-shelf equipment.…
Wed, 18 Apr 2018 13:02:04 GMT
Less checked online services bear brunt
Identity fraud in Blighty hit a record high of 174,523 incidents last year – and the vast majority of it happened online.…
Wed, 18 Apr 2018 08:03:06 GMT
Cyber resiliency of the UK's health service still in disarray
Nearly a year has passed since the unprecedented WannaCry cyber attack and the UK's NHS has yet to agree an action plan, according to a report by MPs.…
Wed, 18 Apr 2018 06:57:11 GMT
No roadmap. No timeframe. No success metrics. Not much grip on reality, either
Analysis Thirty-four technology companies inked a "Cybersecurity Tech Accord" on Tuesday which they said represents "a public commitment … to protect and empower civilians online and to improve the security, stability and resilience of cyberspace".…
Wed, 18 Apr 2018 04:57:04 GMT
Repeat after The Vultures: don't re-use passwords
IKEA's TaskRabbit app and Website, which links buyers with people skilled with Allen key experts and other errand-runners, remain offline a day after the company announced a data breach.…
Wed, 18 Apr 2018 03:59:45 GMT
Hacking charge for twiddling URL – O Canada!?
Comment There's a curious legal situation developing in Nova Scotia, Canada, right now.…
Wed, 18 Apr 2018 00:45:24 GMT
Cough, cough, EternalBlue, cough, cough Wannacry, splutter, Stuxnet
RSA 2018 "You don't launch a cyber weapon, you share it."…
Tue, 17 Apr 2018 19:52:00 GMT
Crypto expert panel tackles the big stories of the year
RSA 2018 Speaking at the 2018 RSA conference, a board of some of the most respected names in security spoke on Tuesday and were scathing about Facebook – and the industry's response to the Spectre processor bug.…
Tue, 17 Apr 2018 14:58:04 GMT
And I 'could' sing a duet with Taylor Swift
Comment The British Army's troubled Watchkeeper drones "could still be deployed on operations", a defence minister has insisted.…
Tue, 17 Apr 2018 10:12:07 GMT
Train to outwit the cyber criminals
Promo Even as IT systems grow and become more complex, so new and ingenious methods for stealing vital data or holding organisations to ransom proliferate at an increasingly rapid pace.…
Tue, 17 Apr 2018 05:53:12 GMT
Oh that snitch-code? It's just a little thing to make the web more convenient ... for Facebook and its advertisers
Facebook's apology-and-explanation machine grinds on, with The Social Network™ posting detail on one of its most controversial activities – how it tracks people who don't use Facebook.…
Tue, 17 Apr 2018 03:00:09 GMT
Coprocessors drafted for threat detection duties
Updated Having weathered revelations in January that its chips can be attacked through a novel class of side-channel vulnerabilities – mostly addressed through microcode fixes – Intel is adding broader silicon-level security improvements to its processors.…
Tue, 17 Apr 2018 00:58:22 GMT
And it talks to Azure. Cortana probably spotted lurking nearby
Microsoft has designed a family of Arm-based system-on-chips for Internet-of-Things devices that runs its own flavor of Linux – and securely connects to an Azure-hosted backend.…
Mon, 16 Apr 2018 21:00:41 GMT
After all, it's where all your data is flowing through
American and British crimefighters have launched another round of pin-the-tail-on-the-Russians – with a warning that Moscow-backed hackers are trying to subvert the world's network devices.…
Mon, 16 Apr 2018 20:37:56 GMT
Wants to make money and ignore end-to-end encryption
Comment Google is planning to add several new security features to its ubiquitous email service, Gmail, but they will come with a cost – literally and figuratively.…
Mon, 16 Apr 2018 19:06:01 GMT
HTTP 404: Secure programming not found
Automated source code analysis of 33 web applications has found that 94 per cent of them have at least one high-severity vulnerability, according to security biz Positive Technologies.…
Mon, 16 Apr 2018 14:55:08 GMT
GCHQ's cyber guys don't say why...
GCHQ's cyber security advice group has formally warned of the risk of using ZTE equipment and services for the UK's telco infrastructure.…
Mon, 16 Apr 2018 05:58:09 GMT
Borg helps Isara's post-quantum PKI cert test in the hope it future-proofs TLS
Cisco and quantum security outfit Isara reckon they've got at least as far as alpha stage in one problem of the future: securing public key certificates against quantum computers.…
Mon, 16 Apr 2018 03:58:12 GMT
Miscreants' command and control network traffic sent down sinkhole
One of the world's longest-lived malware networks, EITest, has gone offline.…
Mon, 16 Apr 2018 00:58:09 GMT
And password crackers are getting a lot smarter
Bsides SF An analysis of free Android apps has shown that developers are leaving their crypto keys embedded in applications, in some cases because the software developer kits install them by default.…
Mon, 16 Apr 2018 00:07:02 GMT
'We can see you everywhere and so can our friends in the UK', says Border Force
Australia’s Border Force (ABF) has warned that “people shouldn’t assume the dark web is invisible to Australian agencies” after cuffing a woman who bought illicit drugs using Bitcoin and had them shipped from the UK to Australia.…
Sun, 15 Apr 2018 23:05:14 GMT
Bug bounty sales are getting very complicated, financially and morally
Bsides SF Barely a decade ago the mere idea of selling vulnerabilities was highly controversial. Today the market is mature, but increasingly complicated - researchers can now choose between making lots of money, being moral and making less, or going fully black.…
Sat, 14 Apr 2018 14:04:11 GMT
The wacky week in security
Roundup It has been a busy week for security, with the CYBERUK 2018 conference in the UK and the industry gearing up for BSides and the RSA conference in San Francisco next week.…
Fri, 13 Apr 2018 21:58:10 GMT
Never. Is never a good time to get vulnerability fixes? Never is OK with you? Cool, never it is
Let's nail this once and for all: Too many Android smartphone makers simply aren't rolling out Google's security bug fixes for the mobile operating system.…
Fri, 13 Apr 2018 18:27:46 GMT
Assume we're going to get hacked next time and plan for it
The UK's National Health Service has learned from last year's WannaCry attack – and started putting in place disaster recovery measures that will allow it to maintain services in the face of an even fiercer assault.…
Fri, 13 Apr 2018 18:03:46 GMT
Outfit loses 438 bitcoin in security snafu
Indian Bitcoin exchange Coinsecure has mislaid 438.318 BTC belonging to its customers.…
Fri, 13 Apr 2018 11:15:03 GMT
S3 spillage spoils included driving licences and passports
TrueMove H, the biggest 4G mobile operator in Thailand, has suffered a data breach.…
Fri, 13 Apr 2018 00:27:38 GMT
But no Daily Stormer please
Cloudflare made its name proxying traffic for web servers, on network ports 80 (HTTP) and 443 (HTTPS), as a defense against denial of service attacks and their ilk.…
Thu, 12 Apr 2018 23:57:15 GMT
If you've got an old money store, check it for hacked gaps
Concerns about a flawed crypto library that could allow Bitcoin theft have been revived following a post to a Bitcoin mailing list last week.…
Thu, 12 Apr 2018 20:51:19 GMT
The pushback against regulation starts here
IoT security regulations could stifle innovation without addressing the security problems at hand, a well-respected security researcher controversially argues.…
Thu, 12 Apr 2018 15:46:08 GMT
Kremlin 'blurring boundaries between criminal and state activity' – director
GCHQ boss Jeremy Fleming has hailed the success of a cyber-offensive against ISIS last year and warned of the growing threat posed by Russia.…
Thu, 12 Apr 2018 12:58:07 GMT
It's 2018 and previewing an email can flash your privates at the world
Microsoft emitted a patch for all supported versions of Outlook on Patch Tuesday this month to prevent attackers harvesting credentials from users who simply preview a carefully crafted Rich Text (RTF) email.…
Thu, 12 Apr 2018 11:39:11 GMT
Two months since 40k punters had payment card deets nicked
“We have been working with partners across the world and activated credit monitoring across a number of countries. We’re working to ensure it’s available to as many people as possible, and have been assured that the last customers will receive their credit monitoring in the coming days.”…
Thu, 12 Apr 2018 10:35:00 GMT
Brits revamp cyber alert framework
The UK government has launched a new cyber attack categorisation that is designed to improve response to incidents – sadly it doesn't go up to 11.*…
Thu, 12 Apr 2018 07:21:10 GMT
Malware tickles unused cores to put signals in current
If you want your computer to be really secure, disconnect its power cable.…
Wed, 11 Apr 2018 20:49:44 GMT
Well, we been having some difficulty. Ziggy, he's, uh, spitting out some wild values
A team of physicists claim to have developed a guaranteed random number generator using photons and the laws of quantum mechanics.…
Wed, 11 Apr 2018 18:23:49 GMT
Hashtag game over crooks question mark question mark
Britain's Home Secretary Amber Rudd has launched a crackdown on criminals who exploit the dark web.…
Wed, 11 Apr 2018 09:44:37 GMT
1,000 accounts compromised
Great Western Rail is urging all customers to change their GWR.com passwords after miscreants gained access to strangers' accounts over the last week.…
Wed, 11 Apr 2018 08:37:08 GMT
WannaCry was a wake-up call for healthcare, but the sector is still terribly vulnerable to attack
As memories of last May's WannaCry cyber attack fade, the healthcare sector and Britain's NHS are still deep in learning.…
Wed, 11 Apr 2018 07:06:52 GMT
Posts hit hyper-partisan r/the_donald, CEO says most crimped before 2016 election
While Facebook CEO Mark Zuckerberg testified before the US Congress, Reddit confessed to its own Russian problem.…
Privacy policy - Sitemap - Press - Terms of Service - Copyright information
Contact Us - About Us - Feedage - Search Engine Consulting
Language Detection Powered by
