Security
Australian government wants power to run cyber-response for businesses under attack
Ponders giving 'em immunity too for countermeasures up to hacking back.
14 Aug 02:55 | 7
Security
Security
This NSA, FBI security advisory has four words you never want to see together: Fancy Bear Linux rootkit
From Russia, with love
13 Aug 23:48 | 19
Security
Vivaldi composes sweet ad-blocking symphony for users of browser's Android version
Oslo outfit ups ante to show off privacy prowess in 3.2
13 Aug 18:02 | 5
Security
You weren't hacked because you lacked space-age network defenses. Nor because cyber-gurus picked on you. It's far simpler than that
Three little words: Patches, passwords, policies
13 Aug 07:06 | 28
Updated
Irony, thy name is SANS: 28k records nicked from infosec training org after staffer's email account phished
Names, email addresses, phone numbers, job titles, company names, country of residence etc. pinched
12 Aug 14:13 | 17
Security
If you haven't yet patched this critical hole in SAP NetWeaver Application Server, today is not your day
Full details of security vuln plus proof-of-concept exploits revealed
12 Aug 09:59 | 4
Security
This is node joke. Tor battles to fend off swarm of Bitcoin-stealing evil exit relays making up about 25% of outgoing capacity at its height
Cash-strapped privacy devs face determined miscreants who keep coming back for more
12 Aug 06:14 | 35
Security
Citrix warns of patch-ASAP-grade bugs in its working-from-home products, just as we're all working from home
Expect Citrix Endpoint Management gear to come under attack soon
12 Aug 01:24 | 4
Patch Tuesday
We spent way too long on this Microsoft, Intel, Adobe, SAP, Red Hat Patch Tuesday article. Just click on it, pretend to read it, apply updates
Please, thanks, good show, cheers, ta
11 Aug 23:02 | 16
Exclusive
NCC Group admits its training data was leaked online after folders full of CREST pentest certification exam notes posted to GitHub
'Inhouse crt rigs to solve... book before ur exam' as firm claims 'some' of the content wasn't theirs
11 Aug 14:58 | 30
Security
Police face-recog tech use in Welsh capital of Cardiff was unlawful – Court of Appeal
Judges went out of their way not to set a nationwide precedent, though
11 Aug 11:53 | 33
Security
China now blocking ESNI-enabled TLS 1.3 connections, say Great-Firewall-watchers
And needs a very blunt instrument to do the job, because the protocol works as planned
11 Aug 05:53 | 55
DEF CON
Peer-to-peer takes on a whole new meaning when used to spy on 3.7 million or more cameras, other IoT gear
In-depth dive into protocols exposing countless gadgets to miscreants
10 Aug 21:28 | 27
Security
Brit bank Barclays probed amid claims bosses used high-tech to spy on staff, measure productivity
Now that's a stretch: 'Work Yoga' memo tells folks to ignore calls, emails to 'stay in the zone'
10 Aug 19:06 | 17
DEF CON
Pen Test Partners: Boeing 747s receive critical software updates over 3.5" floppy disks
Industry binning old aircraft is an opportunity for aviation infosec
10 Aug 14:01 | 91
In brief
Pay ransomware crooks, or restore the network? Guess which way this city chose after weighing up the costs
Plus: Sec wizard shows another way to pwn Mac users
10 Aug 10:04 | 41
DEF CON
What happens when holes perfect for spyware are found in the engine room of millions of Qualcomm-based phones? Let's find out
Start the clock on those patches – they'll be coming any day, week, month soon
07 Aug 23:46 | 55
DEF CON
How did you spend your time at university? Pizza, booze, sleeping? This Oxford student is snooping on satellites
Bug-hunter details how his team slurped data… IN SPAAAAACE
07 Aug 22:01 | 22
Security
Android user chucks potential $10bn+ sueball at Google over 'spying', 'harvesting data'... this time to build supposed rival to TikTok called 'Shorts'
These are the class-action-suit-joining 'droids lawyers are looking for. (We'll get our coats)
07 Aug 12:23 | 41
DEF CON
So you've decided you want to write a Windows rootkit. Good thing this chap's just demystified it in a talk
Demirkapi shows how drivers can be misused for deep pwnage
07 Aug 08:15 | 6
Popular
Networks
Cisco to sell everything-as-a-service – even core networking hardware – and cut costs by a billion bucks
Q4 revenue took a nasty kick in the COVIDs, but profit bounced anyway
Updated
Irony, thy name is SANS: 28k records nicked from infosec training org after staffer's email account phished
Names, email addresses, phone numbers, job titles, company names, country of residence etc. pinched
Pic
America's largest radio telescope blind after falling cable slashes 100-foot gash in reflector dish
Venerable Arecibo Observatory showing its age
Software
Splunk sales ace wins sex discrimination case after new boss handed her key accounts to blokes deemed 'flight risks'
UK sales chief treated her unequally, rules Employment Tribunal
Security
You weren't hacked because you lacked space-age network defenses. Nor because cyber-gurus picked on you. It's far simpler than that
Three little words: Patches, passwords, policies
Cloud
Sources: Oracle Commerce Cloud devs laid off as platform struggles to gain traction, move to modern architecture
Big Red: Everything's fine
Exclusive
What looks like a global pay freeze, sounds like a global pay freeze, but isn't a global pay freeze? Ask IBM
HR boss warns staff Big Blue will 'suspend' salary reviews, shunt rises into 2021
Personal Tech
ZX Spectrum reboot promising – steady now – 28MHz of sizzling Speccy speed now boasts improved Wi-Fi
Heir to 2017’s successful Spectrum Next hits target in minutes
Security
If you haven't yet patched this critical hole in SAP NetWeaver Application Server, today is not your day
Full details of security vuln plus proof-of-concept exploits revealed
Networks
Texas jury: Apple on the hook for half a billion dollars after infringing 4G LTE patents
Famed IP holder pops champers as Cupertino plots appeal
STORIES
Security
Chrome Web Store slammed again after 295 ad-injecting, spammy extensions downloaded 80 million times
Not exactly the first time this has happened, by a very long chalk
07 Aug 06:02 | 12
Security
Trump administration labels WeChat, TikTok ‘threats’ to national security, bans transactions with both
On grounds that they can track users, conduct corporate espionage and oppress Chinese-Americans
07 Aug 03:32 | 72
Security
Capital One fined $80m for shoddy public cloud security. Yeah, same bank in that 106m customer-record hack
All that money must be wired to the US Treasury immediately
07 Aug 01:22 | 4
Security
Foreshadow returns to the foreground: Secrets-spilling speculative-execution Intel flaw lives on, say boffins
A misunderstanding about the vulnerability means defenses fall short
07 Aug 00:00 | 8
Black Hat
When it comes to hacking societies, Russia remains the master at sowing discord and disinformation online
China can't hold a candle to GRU's shenanigans, says expert
06 Aug 21:49 | 52
Updated
Intel NDA blueprints – 20GB of source code, schematics, specs, docs – spill onto web from partners-only vault
Leaker only 'a bit concerned' about getting sued
06 Aug 19:31 | 37
Security
Think carefully about cyber insurance, says NCSC. But don't worry about buying off ransomware crooks
Should your policy cover that? Well that's up to you
06 Aug 14:00 | 9
Security
National Crime Agency says Brit teen accused of Twitter hack has not been arrested
Bognor Regis man still faces 20 years in clink, though
06 Aug 09:10 | 30
Security
USA decides to cleanse local networks of anything Chinese under new five-point national data security plan
‘Clean Network’ initiative bans use of Chinese clouds, names Alibaba, Baidu, and Tencent as compromised
06 Aug 03:31 | 148
Security
Canon not firing on all cylinders: Fledgling cloud loses people's pics'n'vids, then 'Maze ransomware' hits
'We are investigating the situation'
06 Aug 02:18 | 16
Black Hat
US voting hardware maker's shock discovery: Security improves when you actually work with the community
ES&S takes the bold step of not ignoring vulnerability reports
06 Aug 01:09 | 18
Black Hat
Ever wonder how a pentest turns into felony charges? Coalfire duo explain Iowa courthouse arrest debacle
Get. The. Terms. Of. The. Audit. In. Writing
05 Aug 23:08 | 49
Black Hat
America was getting on top of its electronic voting machine security – then suddenly... A wild pandemic appears
'We need to prepare for a number of scenarios that may not come to fruition' says Prof Blaze
05 Aug 21:06 | 12
Updated
UK data watchdog having a hard time making GDPR fines stick: Marriott scores another extension, BA prepares to pay 11% of £183m penalty threat
COVID-battered businesses win reprieve from Information Commissioner's Office
05 Aug 11:25 | 41
Security
NSA warns that mobile device location services constantly compromise snoops and soldiers
It might be best not to ask how the NSA knows this and why it advises most mitigations don’t help
05 Aug 07:29 | 87
Security
China slams President Trump's TikTok banned-or-be-bought plan in the US
Beijing accuses America of working to destroy businesses it doesn't like
05 Aug 06:27 | 74
Security
Chinese debt collectors jailed for cyberbullying under ‘soft violence’ laws
Threatening and insulting WeChat messages and worse earn time inside
05 Aug 02:31 | 13
Security
Microsoft forked out $13.7m in bug bounties. The reward program's architect thinks the money could be better spent
'A secure dev lifecycle has a much higher ROI than letting the public do the bug detection work for you'
04 Aug 23:43 | 20
Security
As the world descends into madness, it's good to see some things never change: Monthly Android patches
Qualcomm bugs among the worst – including a critical hole in wireless networking
04 Aug 20:15 | 16
