Security
Qualys hit with ransomware: Customer invoices leaked on extortionists' Tor blog
Ace infosec biz aware and investigating, we're told
03 Mar 17:00 | 2
Security
Security
Proof of concept code published for latest Saltstack CVE: Don't be an update laggard
Any user could become root, warns Immersive Labs researcher
03 Mar 16:47 |
Webcast
Cybersecurity threats aren't getting any smaller. Could big data help?
Spend a little time with our Tim and Nutanix’s Kong Yang – and learn how to crack the conundrum
03 Mar 16:00 |
Security
It's not easy being green: EV HTTPS cert seller Sectigo questions Chrome's logic in burying EV HTTPS cert info
Seeing as Google thinks no one cares about location records, we'll remove street addresses from all our sites, says compliance chief
03 Mar 11:45 | 16
Register debate
Hacking is not a crime – and the media should stop using 'hacker' as a pejorative
Hackers are friends not foes, says Alyssa Miller in this opening argument for our latest debate
03 Mar 11:00 | 84
Security
TPG buys Thycotic, immediately merges it with Centrify to create ~$230m access management monster
Product consolidation roadmap? Not yet. But all involved say the combo will work out just fine
03 Mar 07:58 | 1
Ignite
Microsoft promises end-to-end encrypted Teams calls for some, invites you to go passwordless with Azure AD
When there are passphrases, there is inherent risk, says Redmond
03 Mar 07:24 | 17
Security
Eugene Kaspersky says cyber-crooks coined it during COVID and will take a break to spend their loot
Not so fast, says infosec boffin, because crims know returning workers will be easy prey
03 Mar 05:58 | 2
Security
Microsoft fixes four zero-day flaws in Exchange Server exploited by China's ‘Hafnium’ spies to steal victims' data
Patch ASAP: Holes used to raid top-tier targets and stash info in Kim Dotcom's old cloud file locker
03 Mar 00:10 | 5
Security
Gootkit malware crew using SEO to get pwned websites in front of unwitting marks
And they're getting into the ransomware game too, warns Sophos
02 Mar 09:30 | 3
Security
Perl.com theft blamed on social engineering attack: Registrar 'convinced' to alter DNS records by miscreants
Network Solutions hasn't confirmed what happened, though
02 Mar 08:25 | 20
Security
Chinese businessman plotted with GE insider to steal transistor secrets, say Feds
Hong Kong-based suspect wanted to create rival startup using pilfered silicon carbide MOSFET blueprints – claim
01 Mar 20:06 | 7
Security
Malware attack that crippled Mumbai's power system came from China, claims infosec intel outfit Recorded Future
The fun started at the same time as border skirmishes
01 Mar 16:05 | 15
Promo
Cyber-attackers work 24/7 … but what about your security team?
If you want the lowdown on managed detection and response, clock this
01 Mar 07:30 |
In Brief
Mobile spyware fan Saudi Crown Prince accused by US intel of Khashoggi death
Plus: Critical Cisco flaw, NSA advice, and someone hacked Gab?
01 Mar 06:40 | 21
Security
Imperva pretty adamant that security analytics aggregator product Sonar is not 'one dashboard to rule them all'
Uh huh... it's a good time to be in enterprise security analytics
26 Feb 21:48 | 2
Security
Google looks at bypass in Chromium's ASLR security defense, throws hands up, won't patch garbage issue
Engineers write off GC abuse because Spectre broke everything anyway
26 Feb 11:58 | 33
Something for the Weekend, Sir?
Half a million stolen French medical records, drowned in feeble excuses
A bitter pill best swallowed with eight gallons of swimming pool water
26 Feb 09:30 | 85
Security
India's demand to identify people on chat apps will 'break end-to-end encryption', say digital rights warriors
Announced rules also require fast takedowns of content, online profile verification, and more
26 Feb 02:10 | 32
Security
1Password has none, KeePass has none... So why are there seven embedded trackers in the LastPass Android app?
Third-party code in security-critical apps is obviously suboptimal, but company says you can opt out
25 Feb 18:39 | 85
Popular
Applications
Brave buys a search engine, promises no tracking, no profiling – and may even offer a paid-for, no-ad version
Pitches pro-privacy platform with customizable results filter dubbed Goggles
On-Prem
Flagship Chinese chipmaker collapses before it makes a single chip or opens a factory
Wuhan Hongxin Semiconductor’s 7nm ambitions are dust
Applications
Netflix reveals massive migration to new mix of microservices, asynchronous workflows and serverless functions
Goes deep on Docker and adopts ‘strangler fig’ pattern to replace legacy platform
Ignite
Microsoft previews Windows Server 2022: Someone took a spanner to core plumbing features
New Windows Server ahoy - but the company would rather talk about Azure
Networks
Pressure builds on Nominet as members demand to know leadership's contingency plans for when they’re fired
Special vote to sack UK internet registry's CEO and chairman coming later this month
Security
Perl.com theft blamed on social engineering attack: Registrar 'convinced' to alter DNS records by miscreants
Network Solutions hasn't confirmed what happened, though
Ignite
Excel-lent: Microsoft debuts low-code Power Fx language... but it is not really new
Citizen development platform where everything looks like Excel
OSes
Linux Mint emits fix for memory-gobbling Cinnamon – and future version may insist on some updates
It's your computer, not ours – but we may go ahead and update it for you, says team
Security
Microsoft fixes four zero-day flaws in Exchange Server exploited by China's ‘Hafnium’ spies to steal victims' data
Patch ASAP: Holes used to raid top-tier targets and stash info in Kim Dotcom's old cloud file locker
Devops
Python Package Index nukes 3,653 malicious libraries uploaded soon after security shortcoming highlighted
Unauthorized versions of CuPy and other projects flood PyPI
STORIES
Security
UK's National Cyber Security Centre sidles in to help firm behind hacked NurseryCam product secure itself
Plus: User passwords were stored in plain text after all
25 Feb 13:07 | 14
Security
Ever felt that a few big tech companies are following you around the internet? That's because ... they are
Experimental blocking of sites that load resources from four big companies makes the web unusable
25 Feb 12:04 | 68
Security
Alexa, swap out this code that Amazon approved for malware... Installed Skills can double-cross their users
Boffins find those developing apps for the chatty AI assistant can bypass security measures
25 Feb 07:04 | 16
Security
Revealed: The military radar system swiped from aerospace biz, leaked online by Clop ransomware gang
Not a great day for Bombardier, Leonardo and Seaspray customers
24 Feb 20:04 | 25
Interview
'We're finding bugs way faster than we can fix them': Google sponsors 2 full-time devs to improve Linux security
Plus: Why the Chocolate Factory only uses code it builds from source
24 Feb 16:01 | 33
Promo
Think you know all about security pen-testing in the cloud? Here’s how to prove it
New GIAC qual shows you can put the Sec into DevSecOps and quantify the risk in SRE
24 Feb 08:00 |
Security
Mozilla Firefox keeps cookies kosher with quarantine scheme, 86s third-party cookies in new browser build
Hey man, are your cookies trackin' me? Take 'em out. You gotta keep 'em separated
24 Feb 07:02 | 23
Security
What's CNAME of your game? This DNS-based tracking defies your browser privacy defenses
Study sees increasing adoption of cloaking to bypass cookie barriers
24 Feb 06:11 | 57
Security
Indian Railways suffers unspecified security 'breaches in various IT applications'
13m passengers a day, a million tickets bought on digital platforms, and yet few details offered on what went wrong
24 Feb 03:13 | 14
Security
Microsoft president asks Congress to force private-sector orgs to admit when they've been hacked
Senate intelligence committee hears ideas in light of SolarWinds disaster
24 Feb 00:53 | 27
Security
VMware warns of critical remote code execution flaw in vSphere HTML5 client
If you don't patch, the hosts driving all your virty servers are at risk. So maybe your to-do list needs a tickle?
23 Feb 23:35 | 7
Security
They break into your network but do nothing themselves: 'Initial access brokers' resell stolen creds for $7k a pop
So says Digital Shadows as it puts a price on illicit access methods
23 Feb 22:53 | 1
Security
Clop ransomware gang leaks online what looks like stolen Bombardier blueprints of GlobalEye radar snoop jet
And what may be CAD drawing of a military radar antenna
23 Feb 21:22 | 27
OSes
Linux Mint users in hot water for being slow with security updates, running old versions
Automatic updates? 'We have ideas on how to improve this,' says founder
23 Feb 13:33 | 76
Security
The perils of non-disclosure? China 'cloned and used' NSA zero-day exploit for years before it was made public
Check Point says Beijing 'reconstructed' Equation Group's hacking tool long before leak
23 Feb 00:50 | 39
Updated
NurseryCam hacked, company shuts down IoT camera service
Real names, usernames, and what appeared to be SHA-1 hashed passwords* exposed
22 Feb 17:30 | 28
Security
Planespotters’ weekends turn traumatic as engine pieces fall from the sky in the Netherlands and the US
It’s a bird, it’s a plane… holy crap there’s a nacelle in my kitchen
22 Feb 13:03 | 104
In brief
Brave browser leaks visited Tor .onion addresses in DNS traffic, fix released after bug hunter raises alarm
Plus: IBM's lawyers hacked, Kia denies ransomware hit, France declares war on hackers, and more
22 Feb 07:14 | 12
Security
Malware monsters target Apple’s M1 silicon with ‘Silver Sparrow’
Behaves like a legit software installer and phones home for instructions, but lacks a payload
22 Feb 00:00 | 43
