Subscribe: The Register - Security: Enterprise Security
Added By: Feedage Forager Feedage Grade B rated
Language: English
agency  analytica  cambridge analytica  code  data  facebook  flaws  government  malware  ryzen  security  spy agency  state     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security: Enterprise Security

The Register - Security

Biting the hand that feeds IT

Copyright: Copyright 2018, Situation Publishing

Commonwealth Games are just the ticket for Facebook

Wed, 21 Mar 2018 00:27:46 GMT

Free Wi-Fi will be lousy without a Social Network™ login, which in this of all weeks is just dumb

Facebook may be up to its armpits in alligators, but that hasn't stopped Australia's Gold Coast Council from chumming up with the ad-farm to offer free Wi-Fi to visitors at the upcoming Commonwealth Games.…

CTS who? AMD brushes off chipset security bugs with firmware patches

Wed, 21 Mar 2018 00:25:09 GMT

Just give it a few weeks notice next time, not 24 hours

AMD has finally weighed in with its opinion of the security flaws in its Epyc, Ryzen, Ryzen Pro, and Ryzen Mobile chips, identified in a rather over-the-top fashion by CTS-Labs a week ago.…

Now that's a bad trip: 880k credit cards 'likely' stolen by Orbitz hackers

Tue, 20 Mar 2018 23:28:22 GMT

And bad news for healthy types: thoroughly pwned, too

Vacation-booking biz Orbitz has warned that sensitive details on as many as 880,000 credit cards have "likely" been stolen from its servers by hackers.…

FBI raids home of spy sat techie over leak of secret comms source code on Facebook

Tue, 20 Mar 2018 20:58:03 GMT

Ex-NRO bod also allegedly swiped $340k of espionage kit plus classified files

The FBI has raided the home of US intelligence contractor John Weed who is suspected of leaking classified blueprints online via a fake Facebook account.…

Brit police forces spend peanuts on cybercrime training

Tue, 20 Mar 2018 10:58:14 GMT

£1.3m over three years? Get with the times, plod

The police force covering the base of the UK's electronic spy agency, GCHQ, in Cheltenham, England, has admitted that it has spent nothing at all on cybercrime training over the past few years.…

Leading by example:'s secure server setup is patchy at best

Tue, 20 Mar 2018 10:46:04 GMT

Many .gov websites 'broken, misconfigured or insecure'

The security of UK government websites is inconsistent, and local authorities are among the worst offenders.…

Apple moves on HSTS abuse in Safari

Tue, 20 Mar 2018 03:54:14 GMT

WebKit updated to kill 'supercookies'

Apple has moved to block an abuse vector in the WebKit framework that underpins its Safari browser and allows HSTS to be abused to act as a 'supercookie' for user tracking.…

1 in 5 Michigan state staffers fail phishing test but that's OK apparently

Mon, 19 Mar 2018 22:57:28 GMT

IT security in America's Water Wonderland deemed so-so in tech audit

Network security for the US State of Michigan has been rated as "moderately sufficient" in an audit of its Department of Technology, Management, and Budget (DTMB).…

BOOM! Cambridge Analytica explodes following extraordinary TV expose

Mon, 19 Mar 2018 22:05:05 GMT

Undercover investigation reveals dodgy tactics and sparks search warrant

Updated Controversial data analytics firm Cambridge Analytica has been hit with an emergency data seizure order in England following an extraordinary series of events Monday night that revolved around a TV undercover expose.…

Coverity Scan code checker's systems crypto-jacked to run cheeky mining op

Mon, 19 Mar 2018 15:30:32 GMT

Freebie tool restored after 4 weeks offline

The systems of freebie open-source code scanning tool Coverity Scan were hacked and abused to run a cryptocurrency mining operation, its operator has confirmed.…

Facebook suspends account of Cambridge Analytica whistleblower

Mon, 19 Mar 2018 05:58:07 GMT

Social network plans to 'take action' against all who misused data

Updated Chris Wylie, the whistleblower who has alleged the knowingly improper use of Facebook data by Cambridge Analytica, says The Social Network™ has suspended his account.…

Facebook confirms Cambridge Analytica stole its data; it’s a plot, claims former director

Sun, 18 Mar 2018 12:49:28 GMT

50 million profiles leaked and ‘politically weaponized’ against US voters

Analysis Facebook has “suspended” any business with controversial analytics firm Cambridge Analytica (CA) and its holding company, following claims by CA’s former director that the social media ad slinger’s data was purloined and used for political dirty tricks.…

AMD security flaw saga, browsers broken, Lamo dead at 37, and more

Sat, 17 Mar 2018 09:14:12 GMT

It's the week in security

Roundup The lingering fallout of security flaws in AMD processor chipsets has dominated the news this week, and it ain't over yet.…

Crooks opt for Monero as crypto of choice to launder ill-gotten gains

Fri, 16 Mar 2018 16:09:13 GMT

Study examines the cutting edge of cybercrime

Crooks are increasingly turning to Monero over Bitcoin, according to a new study on the economics of cybercrime.…

Ugh, of course Germany trounces Blighty for cyber security salaries

Fri, 16 Mar 2018 06:04:06 GMT

Britons never, never, never shall be wage slaves. Oh wait

Cyber security professionals in Germany earn on average 17 per cent more than their UK counterparts.…

FYI: There's a cop tool called GrayKey that force unlocks iPhones. Let's hope it doesn't fall into the wrong hands!

Fri, 16 Mar 2018 00:05:14 GMT

And how it works doesn't leak. Gulp!

A secretive unlocking tool offered to cops and government agents has some computer security bods worried over its privacy implications.…

We're Putin our foot down! DHS, FBI blame Russia for ongoing infrastructure hacks

Thu, 15 Mar 2018 23:30:09 GMT

Alert adds detail to 'Dragonfly' cyber-attack disclosed last year

The US Department of Homeland Security and the Federal Bureau of Investigation on Thursday issued an alert warning of ongoing cyber-attacks against the West's energy utilities and other critical infrastructure by individuals acting on behalf of the Russian government.…

Intel: Our next chips won't have data leak flaws we told you totally not to worry about

Thu, 15 Mar 2018 18:28:41 GMT

Meltdown, Spectre-free CPUs coming this year, allegedly

Intel has claimed its future processors – shipping as early as the second half of this year – will be free of the security design flaws it totally told you not to fret about.…

Researchers slap SAP CRM with vuln combo for massive damage

Thu, 15 Mar 2018 13:38:07 GMT

Directory traversal + log injection = I can see your privates

A pair of recently patched security vulnerabilities in SAP NetWeaver Application Server Java* could have been combined to hack customer relationship management (CRM) systems.…

MailChimp 'working' to stop hackers flinging malware-laced spam from accounts

Thu, 15 Mar 2018 11:56:10 GMT

What can you do about it for now? Sweet 2FA

Email newsletter distribution service MailChimp has promised to act on the abuse of accounts to send (frequently) malware-tainted spam.…

VPN tests reveal privacy-leaking bugs

Thu, 15 Mar 2018 08:27:06 GMT

Hotspot Shield patched; Zenmate and VPN Shield haven't ... yet?

A virtual private network recommendation site decided to call in the white hats and test three products for bugs, and the news wasn't good.…

Microsoft starts buying speculative execution exploits

Thu, 15 Mar 2018 07:01:06 GMT

Adds bug bounty class for Meltdown and Spectre attacks on Windows and Azure

Microsoft has created a new class of bug bounty specifically for speculative execution bugs like January's Meltdown and Spectre processor CPU design flaws.…

Transport for NSW scrambles to patch servers missing fixes released in 2007

Wed, 14 Mar 2018 21:47:26 GMT

But IBM Australia has only a ‘skeleton crew’ on duty, missed deadlines, will move people from other projects for fix

Around a third of servers at Transport for New South Wales, the public transport department in Australia’s largest most populous state, need security patches, some dating back to 2007. But IBM, which provides IT services to the agency, doesn’t have enough people dedicated to the job to get it done in the planned time frame or in a manner that will let the agency operate as it desires.…

Ex-Equifax exec charged with insider trading after bagging 1 MEEELLION dollars in stock sale

Wed, 14 Mar 2018 17:00:12 GMT

Jun Ying 'dumped' shares before megabreach went public

A former Equifax exec was today charged with insider trading for offloading almost $1m of shares before the company went public about the scandalous mass data breach.…

WhatsApp agrees not to share user info with the Zuckerborg… for now

Wed, 14 Mar 2018 15:58:06 GMT

ICO probe: No legal basis for Facebook slurps

WhatsApp has agreed not to share users' data with parent biz Facebook after failing to demonstrate a legal basis for the ad-fuelling data slurp in the EU.…

Ex-GCHQ boss: All the ways to go after Russia. Why pick cyberwar?

Wed, 14 Mar 2018 12:41:12 GMT

Adds his 2 cents as PM, security council meet about Salisbury poisoning

Former boss at Brit electronic spy agency GCHQ, Robert Hannigan, has called for the application of "unexplained wealth orders" and economic sanctions against Russia rather than cyber attacks.…

Samba settings SNAFU lets any user change admin passwords

Wed, 14 Mar 2018 06:02:10 GMT

Patch or risk Revenge Of The Users

Samba admins: get patching and/or updating. Unless you’re content to have your admin passwords overwritten by, well, anyone else using Samba.…

Let's Encrypt updates certificate automation, adds splats

Wed, 14 Mar 2018 01:58:08 GMT

ACME v2 and Wildcard Certificates now live

Let's Encrypt has updated its certificate automation support and added Wildcard Certificates to its system.…

Russian anti-antivirus security tester pleads guilty to certifying attack code

Wed, 14 Mar 2018 00:10:49 GMT

Crim cops to running illegal testbed

A Russian coder who ran and franchised a dark web service that optimized malware and checked it against antivirus engines has pled guilty to one charge of conspiracy and one charge of aiding and abetting computer intrusion.…

OK, deep breath, relax... Let's have a sober look at these 'ere annoying AMD chip security flaws

Tue, 13 Mar 2018 22:47:06 GMT

Holes useful for malware on completely pwned PCs, servers

Analysis CTS-Labs, a security startup founded last year in Israel, sent everyone scrambling and headlines flying today – by claiming it has identified "multiple critical security vulnerabilities and manufacturer backdoors in AMD’s latest Epyc, Ryzen, Ryzen Pro, and Ryzen Mobile processors."…

It's March 2018, and your Windows PC can be pwned by a web article (well, none of OURS)

Tue, 13 Mar 2018 21:03:10 GMT

Plus plenty of other Microsoft and Adobe bugs to fix

Patch Tuesday Microsoft delivered another hefty bundle of patches with its scheduled monthly update.…

SecurEnvoy SecurMail, you say? Only after this patch is applied, though

Tue, 13 Mar 2018 16:38:05 GMT

Flaws meant others could read, meddle with encrypted emails

Recently resolved vulnerabilities in SecurEnvoy's encrypted email transfer SecurMail created a way for encrypted emails in users' inboxes to be read, overwritten and deleted by others.…

Mozilla wants to seduce BOFHs with button-down Firefox

Tue, 13 Mar 2018 15:41:14 GMT

Control. Control. Control

The Mozilla Foundation has released a Firefox for Enterprise with sysadmin controls to manage deployment. F4E arrives in beta form today.…

CEO of smartmobe outfit Phantom Secure cuffed after cocaine sting, boast of murder-by-GPS

Tue, 13 Mar 2018 06:01:11 GMT

No 'legitimate users' of modded Blackberries, says FBI

An arrest by US authorities last week has brought to light alleged associations between encrypted phone supplier Phantom Secure and international drug trafficking.…

Yahoo! Can't! Toss! Hacking! Lawsuit!

Mon, 12 Mar 2018 23:45:14 GMT

Judge Koh trims class-action complaint, but suit will proceed

The remains of Yahoo! will be forced to defend the class action complaint filed by customers whose data was exposed in the 2014 megahack.…

Air gapping PCs won't stop data sharing thanks to sneaky speakers

Mon, 12 Mar 2018 20:00:39 GMT

Boffins shows that sound output devices secretly capture audio

Computer speakers and headphones make passable microphones and can be used to receive data via ultrasound and send signals back, making the practice of air gapping sensitive computer systems less secure.…

China ALTERED its public vuln database to conceal spy agency tinkering – research

Mon, 12 Mar 2018 17:02:05 GMT

Report claims vuln-botherers share building with Ministry of State Security

China has altered public vulnerability data to conceal the influence of its spy agency in the country's national information security bug reporting process.…

UK's air accident cops are slurping data from pilots' fondleslabs

Mon, 12 Mar 2018 15:26:05 GMT

'We need the families' assistance' says AAIB

A British government agency has been downloading data from iPads and similar devices used by pilots of crashed aircraft, it has emerged.…

Cavalry riding to the rescue of DDoS-deluged memcached users

Mon, 12 Mar 2018 05:55:10 GMT

Attacks tapering, as experts argue over 'kill switch'

DDoS attacks taking advantage of ill-advised use of memcached have begun to decline, either because sysadmins are securing the process, or because people are using a potentially-troublesome “kill switch”.…

Suspicious cert-sellers give badware a good name for just a few thousand bucks

Mon, 12 Mar 2018 02:00:09 GMT

Researchers unmask trade in code-signing certs

There's a flourishing trade in illicit code-signing certificates, and even extended validation certificates can be purchased for a few thousand dollars.…

Auto manufacturers are asleep at the wheel when it comes to security

Sat, 10 Mar 2018 08:30:08 GMT

And rising car thefts suggest the criminals are taking advantage

Cars are getting smarter every year but their increasing computational power isn’t being backed up by good IT security practices – hacking them is child’s play.…

Less than half of paying ransomware targets get their files back

Fri, 09 Mar 2018 22:41:39 GMT

Shock revelation: criminals prove to be untrustworthy

Paying off a ransomware demand is a great way to end up losing both your money and your files.…

Slingshot malware uses cunning plan to find a route to sysadmins

Fri, 09 Mar 2018 22:26:36 GMT

Advanced router code has been in circulation for six years

If you’re trying to hack an organization then pwning the sysadmin's machine gives you the keys to the kingdom, and an advanced malware writer has found a clever way to do just that.…

Citizen Lab says Sandvine network gear aids government spyware

Fri, 09 Mar 2018 20:53:37 GMT

Sandvine insists report is inaccurate and misleading

Internet users in Turkey, Egypt and Syria who attempted to download legitimate Windows applications have been redirected to nation-state spyware through deep-packet inspection boxes placed on telecom networks in Turkey and Egypt, according to a report issued Friday by security research group Citizen Lab.…

Unidentified hax0rs told not to blab shipping biz Clarksons' stolen data

Fri, 09 Mar 2018 14:11:57 GMT

Fat lot of good an injunction will do against unknown cybercrims

British shipping company Clarkson plc has obtained an injunction against hackers who broke into its IT systems, slurped a load of data and then tried to blackmail the business.…

DVLA denies driving licence processing site is a security 'car crash'

Fri, 09 Mar 2018 11:34:09 GMT

PCI compliance? Yep, we've heard of it too

A UK government agency has disputed complaints from security pros that its website involved in the processing of driving licence applications is insecure and otherwise unfit for purpose.…

Carnegie Mellon makes network security guru Jahanian president

Thu, 08 Mar 2018 23:55:04 GMT

Chalk one up for the infosec nerds: Arbor founder takes top uni post

Carnegie Mellon University has named computer science professor and Arbor Networks founder Farnam Jahanian as its new president.…

Hansa down, this is cool: How Dutch cops snatched the wheel of dark web charabanc

Thu, 08 Mar 2018 22:32:10 GMT

Presumably while singing 'takedowns from Amsterdam'

The takedown of the Hansa dark web marketplace, done live on national TV by Dutch police, was possible because officers had been running the site themselves – and on Thursday they detailed how they did it.…

Will the defendant please rise? Utah State Bar hunts for sender of topless email

Thu, 08 Mar 2018 20:30:01 GMT

Mormons miffed by mammary missive

The Utah State Bar in America is investigating how a picture of a topless woman appeared in an email sent to all its members earlier this week.…

Surprise: Norks not actually behind Olympic Destroyer malware outbreak – Kaspersky

Thu, 08 Mar 2018 18:49:10 GMT

Who framed Pyongyang, then, we wonder

A close analysis of the code that took down part of the 2018 Winter Olympics computer network reveals a cunning plan to seemingly falsely pin the blame on North Korea.…