Kaspersky Lab autopsies evidence on SolarWinds hack In a brave move, Russian firm fingers its own govt as one possible source of cyber badness 12 Jan 2021 | 21
How I found a bug in YouTube that let me watch private videos I wasn't allowed to, says compsci student Theft-by-a-thousand-cuts flaw fixed 12 Jan 2021 | 9
Ubiquiti iniquity: Wi-Fi box slinger warns hackers may have peeked at customers' personal information Salted password hashes, addresses, phone numbers may have been exposed in cloud security snafu 12 Jan 2021 | 27
That's it. It's over. It's really over. From today, Adobe Flash Player no longer works. We're free. We can just leave Post-Flashpocalypse, we stumble outside, hoping no one ever creates software as insecure as that ever again 12 Jan 2021 | 141
Thou shalt not hack indiscriminately, High Court of England tells Britain's spy agencies Choke chain tightened on 'general warrants' after Privacy International wins judicial review 11 Jan 2021 | 32
Unauthorised RAC staffer harvested customer details then sold them to accident claims management company 8-month suspended sentence for conspiracy to secure unauthorised access to computer data 11 Jan 2021 | 46
SolarWinds takes a leaf out of Zoom's book, hires A-Team of Stamos and Krebs to sort out its security woes In Brief The week's other security news 11 Jan 2021 | 9
US courts system fears SolarWinds snafu could have let state hackers poke about in sealed case documents Problems for charging spies in future? Probably not, says ex-NCSC chief 08 Jan 2021 | 15
How good are you at scoring security vulnerabilities, really? Boffins seek infosec pros to take rating skill survey Real-world CVSS figures are a little variable, or so these folks reckon 08 Jan 2021 | 10
Intel wheels out new face authentication product that works a lot like Apple's FaceID Chipzilla joins facial-recog race 07 Jan 2021 | 9
What happens when a Chrome extension with 2m+ users changes hands, raises red flags, doesn't document updates? Let's find out Analysis Oh yes, I'm the Great Suspender, pretending I'm doing well 07 Jan 2021 | 35
JetBrains' build automation software eyed as possible enabler of SolarWinds hack Maker of developer tools says it played no role in the attack, hasn't heard from investigators 07 Jan 2021 | 18
United States Congress stormed by violent followers of defeated president, Biden win confirmation halted Updated Images of evacuated and invaded offices, Senate PCs still left switched on shared online 06 Jan 2021 | 303
Are security and connectivity on your 2021 to do list, yes? Here’s what to do first Webcast With Fortinet, we'll help you weigh up your SASE options 06 Jan 2021 |
Trump administration bans eight Chinese apps Alipay, WeChat and friends ‘threaten national security, foreign policy, and economy of the United States’ 06 Jan 2021 | 17
Ah, right on time: Hacker-slammed SolarWinds sued by angry shareholders Plus: US intelligence names and shames Russia as probable culprit 05 Jan 2021 | 27
Blackberry Cylance's consumer antivirus product won't work with macOS Big Sur until end of January Only three months after latest OS version released 05 Jan 2021 | 12
Bug? No, Telegram exposing its users' precise location is a feature working as 'expected' Messaging app makes inadvertent oversharing too easy 05 Jan 2021 | 16
Scotland waves £15m around to tempt low-code partner to help with social security overhaul as technical debt mounts Though that might not be the workaround it needs 05 Jan 2021 | 14
Think you’re hot stuff when it comes to infosec? Prove it Promo This year’s New Year Resolution: Update your GIAC certs 05 Jan 2021 |
Singapore changes the rules and will now use COVID-19 contact-tracing app data in criminal cases Privacy policy re-written, which is somewhat scary given Singapore has made trackers just-about-mandatory 05 Jan 2021 | 26
Happy New Year: Jan 1, 2021 security cert expiration causes havoc for some Check Point VPN users Outdated clients stop working, organizations with thousands of end-points told to switch out .sys files 05 Jan 2021 | 15
New year, new rant: Linus Torvalds rails at Intel for 'killing' the ECC industry Updated Why do most PCs not support error-correcting code? Chipzilla is to blame, says Linux don 04 Jan 2021 | 93
Julian Assange will NOT be extradited to the US over WikiLeaks hacking and spy charges, rules British judge But it's not over yet: Next step is Uncle Sam's appeal to London's High Court 04 Jan 2021 | 145
SolarWinds mess that flared in the holidays: Biz confirms malware targeted crocked Orion product CISA flags ‘further hardening’ advice as Microsoft reveals internal account compromises 04 Jan 2021 | 9
The curse of knowing a bit about IT: 'Could you just...?' and 'No I haven't changed anything' 12BoC Two firewalls are better than one, right? 30 Dec 2020 | 104
US Department of Homeland Security warns American business not to use Chinese tech or let data behind the Great Firewall Even fitness trackers ruled a big risk due to potential for record-matching identifying your family 23 Dec 2020 | 78
UK firm NOW: Pensions tells some customers a 'service partner' leaked their data all over 'public software forum' Updated Compromised info include names, email addresses, DoBs, and National Insurance numbers 22 Dec 2020 | 37
Dell Wyse Thin Client scores two perfect 10 security flaws Come on in and enjoy our unprotected FTP server and unsigned configuration files 21 Dec 2020 | 34
SolarWinds releases known attack timeline, new data suggests hackers may have done a dummy run last year In brief And SS7 telco hack rears its ugly head yet again 21 Dec 2020 | 20
'Best tech employer of the year' threatened trainee with £15k penalty fee for quitting to look after his sick mum Updated And Sparta Global then didn't bother turning up to the Employment Tribunal 21 Dec 2020 | 158
Well, on the bright side, the SolarWinds Sunburst attack will spur the cybersecurity field to evolve all over again Column We have to be smarter than the baddies and expect the unexpected 21 Dec 2020 | 66
Trump administration says Russia behind SolarWinds hack. Trump himself begs to differ Microsoft’s analysis of hack suggests someone else had a crack at SolarWinds in 2019 when next-level 'DLL hell' followed likely developer pipeline compromise 20 Dec 2020 | 124
Unsecured Azure blob exposed 500,000+ highly confidential docs from UK firm's CRM customers Exclusive Medical records, insurance claim docs, promotion process feedback... you name it, Probase bared it 18 Dec 2020 | 75
'Long-standing vulns' in 5G protocols open the door for attacks on smartphone users Plus: EU agrees that security could be better and calls for bigger role for itself 18 Dec 2020 | 23