Security News • The Register

Security

'We're finding bugs way faster than we can fix them': Google sponsors 2 full-time devs to improve Linux security

Plus: Why the Chocolate Factory only uses code it builds from source

24 Feb 16:01 | 1

Think you know all about security pen-testing in the cloud? Here’s how to prove it

New GIAC qual shows you can put the Sec into DevSecOps and quantify the risk in SRE

Mozilla Firefox keeps cookies kosher with quarantine scheme, 86s third-party cookies in new browser build

Hey man, are your cookies trackin' me? Take 'em out. You gotta keep 'em separated

24 Feb 07:02 | 19

What's CNAME of your game? This DNS-based tracking defies your browser privacy defenses

Study sees increasing adoption of cloaking to bypass cookie barriers

24 Feb 06:11 | 34

Indian Railways suffers unspecified security 'breaches in various IT applications'

13m passengers a day, a million tickets bought on digital platforms, and yet few details offered on what went wrong

24 Feb 03:13 | 9

Microsoft president asks Congress to force private-sector orgs to publicly admit when they've been hacked

Senate intelligence committee hears ideas in light of SolarWinds disaster

24 Feb 00:53 | 23

VMware warns of critical remote code execution flaw in vSphere HTML5 client

If you don't patch, the hosts driving all your virty servers are at risk. So maybe your to-do list needs a tickle?

23 Feb 23:35 | 7

They break into your network but do nothing themselves: 'Initial access brokers' resell stolen creds for $7k a pop

So says Digital Shadows as it puts a price on illicit access methods

23 Feb 22:53 | 1

Clop ransomware gang leaks online what looks like stolen Bombardier blueprints of GlobalEye radar snoop jet

And what may be CAD drawing of a military radar antenna

23 Feb 21:22 | 25

Linux Mint users in hot water for being slow with security updates, running old versions

Automatic updates? 'We have ideas on how to improve this,' says founder

23 Feb 13:33 | 65

The perils of non-disclosure? China 'cloned and used' NSA zero-day exploit for years before it was made public

Check Point says Beijing 'reconstructed' Equation Group's hacking tool long before leak

23 Feb 00:50 | 34

NurseryCam hacked, company shuts down IoT camera service

Real names, usernames, and what appears to be SHA-1 hashed passwords exposed

22 Feb 17:30 | 27

Planespotters’ weekends turn traumatic as engine pieces fall from the sky in the Netherlands and the US

It’s a bird, it’s a plane… holy crap there’s a nacelle in my kitchen

22 Feb 13:03 | 101

Brave browser leaks visited Tor .onion addresses in DNS traffic, fix released after bug hunter raises alarm

Plus: IBM's lawyers hacked, Kia denies ransomware hit, France declares war on hackers, and more

22 Feb 07:14 | 12

Malware monsters target Apple’s M1 silicon with ‘Silver Sparrow’

Behaves like a legit software installer and phones home for instructions, but lacks a payload

22 Feb 00:00 | 41

Happy birthday, Python, you're 30 years old this week: Easy to learn, and the right tool at the right time

Popular programming language, at the top of its game, still struggles to please everyone

20 Feb 13:10 | 77

Atheists warn followers of unholy data leak, hint dark deeds may have tried to make it go away

Rival atheists accused of not believing in privacy law

19 Feb 06:04 | 106

Microsoft admits some Azure, Exchange, Intune source code snaffled in SolarWinds schemozzle

We’ll be fine, says Redmond security crew. No word on whether you will be too once crims analyse their haul

19 Feb 02:32 | 4

Just 2.6% of 2019's 18,000 tracked vulnerabilities were actively exploited in the wild

So says Kenna Security in a refreshing piece of counter-FUD analysis

18 Feb 18:00 | 11

Nurserycam horror show: 'Secure' daycare video monitoring product beamed DVR admin creds to all users

Company has a habit of reacting badly to vuln disclosures

18 Feb 12:01 | 52

Popular

NASA sends nuclear tank 293 million miles to Mars, misses landing spot by just five metres. Now watch its video

See how plucky Perseverance touched down on the unforgiving dust world

Whistleblowers: Inflexible prison software says inmates due for release should be kept locked up behind bars

It's not a bug, it's a feature you need to put in a change request to alter, says developer

SpaceX small print on Starlink insists no Earth government has authority or sovereignty over Martian activities

Isn't this a subplot from those James S A Corey novels?

Clop ransomware gang leaks online what looks like stolen Bombardier blueprints of GlobalEye radar snoop jet

And what may be CAD drawing of a military radar antenna

Linux Mint users in hot water for being slow with security updates, running old versions

Automatic updates? 'We have ideas on how to improve this,' says founder

The perils of non-disclosure? China 'cloned and used' NSA zero-day exploit for years before it was made public

Check Point says Beijing 'reconstructed' Equation Group's hacking tool long before leak

VMware warns of critical remote code execution flaw in vSphere HTML5 client

If you don't patch, the hosts driving all your virty servers are at risk. So maybe your to-do list needs a tickle?

Does Samsung want you to buy new phones? Asking 'cos Galaxies now get four years of security updates

Even kit from 2019 is covered and so are the modestly priced A and M series

Microsoft president asks Congress to force private-sector orgs to publicly admit when they've been hacked

Senate intelligence committee hears ideas in light of SolarWinds disaster

Apache foundation ousts TinkerPop project co-founder for tweeting 'offensive humor that borders on hate speech'

ASF board member resigns in protest of org's online chatter 'policing'

MORE
STORIES

Has your cloud app suite left you feeling insecure? There’s a reason for that

Tune in next week and discover how to tighten that gap in your remote worker security

Cred-stealing trojan harvests logins from Chromium browsers, Outlook and more, warns Cisco Talos

Masslogger evolution rears its ugly head, $30 gets you three month license to cause carnage

18 Feb 07:25 | 8

Uncle Sam accuses three suspected North Korean govt hackers of stealing $1.3bn+ from banks, crypto orgs

Oh yes, and hacking Hollywood, allegedly

17 Feb 22:22 | 7

You’ve got millions of open-source software components to choose from... and so do cybercriminals

Just who is running your favourite project these days?

You don't have clearance for that: Microsoft ups the paranoia with a preview of Azure Firewall Premium

Reassuring the regulators

17 Feb 16:30 | 7

Think your backups will protect you from ransomware? What do you think the malware attacked first?

Immutablity or vulnerability – it’s your choice

Soviet 'Enigma' cipher machine sells for $22k at collapsed museum's exhibits auction

James Bond? Inspector Gadget? Yup, all here

17 Feb 12:44 | 49

Palo Alto Networks drops $156m to absorb DevSecOps firm Bridgecrew

Open-source stuff stays for now, company promises

17 Feb 11:20 | 1

LastPass to limit fans of free password manager to one device type only – computer or mobile – from next month

Cough up if you want to use it with your laptop and phone

16 Feb 23:27 | 81

SHAREit app for Android said to share way too much: Billion-download code with holes no one wants to fix

Trend Micro claims software is full of security flaws that allow data out and malware in

16 Feb 20:25 | 6

France's cyber-agency says Centreon IT management software sabotaged by Russian Sandworm

Web hosts infiltrated for up to three years in attack that somewhat resembles SolarWinds mess

16 Feb 08:02 | 15

UK watchdog fines two firms £270k for cold-calling 531,000 people who had opted out

Ah, the old 'liquidate your company' trick. Classic

15 Feb 15:32 | 109

Let's Encrypt completes huge upgrade, can now rip and replace 200 million security certs in 'worst case scenario'

Plus: SentinelOne picks up Scalyr, fatal flaws in TCP, and a view on Supermicro

15 Feb 11:41 | 22

Microsoft says it found 1,000-plus developers' fingerprints on the SolarWinds attack

As FireEye reveals how suspicious second phone signed up for 2FA gave the game away

15 Feb 05:57 | 77

Supermicro spy chips, the sequel: It really, really happened, and with bad BIOS and more, insists Bloomberg

Server maker says latest article is 'a mishmash of disparate allegations'

12 Feb 23:28 | 124

Footfallcam kerfuffle: Firm apologises, promises to fix product after viral Twitter thread, infoseccer backlash

Accusations of grey hat infosec consultancy extortion ring drop away after El Reg intervenes

12 Feb 15:21 | 31

Apple iOS 14.5 will hide Safari users' IP addresses from Google's Safe Browsing

Another privacy improvement from Cupertino, just a small one

12 Feb 02:20 | 39

Phishing awareness gone wrong: Facebook tries to seize websites set up for staff security training

Antisocial network sued by Proofpoint in scrap over domain names

11 Feb 20:42 | 44

Dev creeped out after he fired up Ubuntu VM on Azure, was immediately approached by Canonical sales rep

I always feel like somebody's watching me

11 Feb 14:14 | 123

ABOUT US

MORE CONTENT

SITUATION PUBLISHING

The Register - Independent news and views for the tech community. Part of Situation Publishing

SIGN UP TO OUR DAILY NEWSLETTER

Biting the hand that feeds IT © 1998–2021

Do not sell my personal information Cookies Privacy Ts&Cs