Linux kernel logic allowed Spectre attack on 'major cloud provider'
Kernel 6.2 ditched a useful defense against ghostly chip design flaw
Security14 Apr 2023 | 19
Security
To improve security, consider how the aviation world stopped blaming pilots
When admitting to an error isn't seen as a failure, improvement easy to achieve, says pilot-turned-CISO
Security14 Apr 2023 | 69
Pentagon super-leak suspect cuffed: 21-year-old Air National Guardsman
When bragging about your job on Discord gets just a little out of hand?
Cyber-crime13 Apr 2023 | 96
How insecure is America's FirstNet emergency response system? Seriously, anyone know?
Senator Wyden warns full probe needed into vital comms network
Security12 Apr 2023 | 9
FBI: How fake Xi cops prey on Chinese nationals in the US
你好 [insert name], 我在 Ministry of Public Security 工作 [insert shakedown]
Cyber-crime12 Apr 2023 | 17
3CX teases security-focused client update, plus password hashing
As Mandiant finds more evidence it was North Korea wot done it
Security12 Apr 2023 | 4
US cyber chiefs warn AI will help crooks, China develop nastier cyberattacks faster
It's not all doom and gloom because ML also amplifies defensive efforts, probably
CSO12 Apr 2023 | 13
Another zero-click Apple spyware maker just popped up on the radar again
Pegasus, pssh, you so 2000-and-late
Research12 Apr 2023 | 8
April Patch Tuesday: Ransomware gangs already exploiting this Windows bug
Plus Google, SAP, Adobe and Cisco emit fixes
Patches11 Apr 2023 | 9
Azure admins warned to disable shared key access as backdoor attack detailed
The default is that sharing is caring as Redmond admits: 'These permissions could be abused'
CSO11 Apr 2023 | 10
40% of IT security pros say they've been told not to report a data leak
In Brief Plus: KFC, Pizza Hut owner spills more beans on ransomware hit... latest critical flaws... and more
Cyber-crime11 Apr 2023 | 16
How much to infect Android phones via Google Play store? How about $20k
Or whatever you managed to haggle with these miscreants
Cyber-crime10 Apr 2023 | 9
Inside FTX: Jokes about misplaced funds, diabolical IT, poor oversight, and worse
How's the saying go? $50m here, $50m there, pretty soon you're talking real money
Cyber-crime10 Apr 2023 | 22
Apple squashes iOS, macOS zero-day bugs already exploited by snoops
Keep calm and install patches before abuse becomes widespread
Patches10 Apr 2023 | 1
Google to kill Dropcam, Nest Secure hardware next year
Great, more company for Stadia, Duo and pals in the graveyard
Security10 Apr 2023 | 43
Microsoft, Fortra are this fed up with cyber-gangs abusing Cobalt Strike
Oh, sure, let's play a game of legal and technical whack-a-mole
Cyber-crime10 Apr 2023 | 8
When it comes to technology, securing your future means securing your present
How to build cyber resiliency in the face of complexity
Sponsored Feature
MSI hit in cyberattack, warns against installing knock-off firmware
1.5TB of databases, source code, BIOS tools said to be stolen
Cyber-crime07 Apr 2023 | 8
Welcome to open source, Elon. Your Twitter code just got a CVE for shadow ban bug
Plus: Substack shanked by bitter Twitter?
Research07 Apr 2023 | 14
It's this easy to seize control of someone's Nexx 'smart' home plugs, garage doors
Netizens urged to disconnect kit after 40,000-plus devices found riddled with dumb bugs
Security07 Apr 2023 | 41
With ICMP magic, you can snoop on vulnerable HiSilicon, Qualcomm-powered Wi-Fi
WPA stands for will-provide-access, if you can successfully exploit a target's setup
Security07 Apr 2023 | 19
CAN do attitude: How thieves steal cars using network bus
It starts with a headlamp and fake smart speaker, and ends in an injection attack and a vanished motor
Research06 Apr 2023 | 198
Criminal records office yanks web portal offline amid 'cyber security incident'
ACRO says payment data safe, other info may have been snaffled
Cyber-crime06 Apr 2023 | 20
Cops cuff teenage 'Robin Hood hacker' suspected of peddling stolen info
Luxury cars and designer duds don't seem very prince of thieves
Cyber-crime06 Apr 2023 | 25
Cops put the squeeze on Genesis crime souk denizens, not just the admins this time
Feds managed to image entire backend server with full details
Cyber-crime05 Apr 2023 | 1
Microsoft tells admins to autoreview your Autopatch alerts or autolose the service
And you wouldn't want that ... would you?
Security05 Apr 2023 | 20
Notorious stolen credential warehouse Genesis Market seized by FBI
Operation Cookie Monster crumbles stolen data-as-a-service vendor
Cyber-crime05 Apr 2023 | 12
Feds seize $112m in cryptocurrency linked to 'pig-butchering' finance scams
Thieves go nose-to-tail stripping cash from victims
Cyber-crime04 Apr 2023 | 13
Can ChatGPT bash together some data-stealing code? With the right prompts, sure
But nothing a keen beginner couldn't do, anyway
Security04 Apr 2023 | 12
UK data watchdog fines TikTok £12.7M for failing to protect kids
Some 1.4 million under-13s used the app in 2020 by the ICO's estimates
Security04 Apr 2023 | 10
Bank rewrote ads for infosec jobs to stop scaring away women
Blokes happily bluffed; women played it by the book, leaving the bank struggling to hire
Security04 Apr 2023 | 111
Hey Siri, use this ultrasound attack to disarm a smart-home system
We speak to the boffins behind latest trick to fool Google Assistant, Cortana, Alexa
Security04 Apr 2023 | 61
Uber driver info stolen yet again: This time from law firm
Never mind software supply chain attacks, lawyers are the new soft target?
Cyber-crime03 Apr 2023 | 14
April brings tulips, taxes ... and phisherfolk scammers
Tactical#Octopus: Don't let users click on that zip file
Research03 Apr 2023 | 6
Western Digital confirms digital burglary, calls the cops
Thinks info from internal systems 'obtained' by miscreant, unsure of nature or scope data
Cyber-crime03 Apr 2023 | 10
3CX thought supply chain attack was a false positive
Updated 'It's not unusual for VoIP apps' says CEO
Cyber-crime03 Apr 2023 | 23
Vietnam threatens to cut off two million mobile subscribers
To scupper scams, account-holders must hand over personal info or else
Security03 Apr 2023 | 7
School principal resigns after writing $100,000 check to Elon Musk impersonator
In Brief ALSO: DJI forgets the 'B' in 'BCC,' and this week's critical known exploits
Security03 Apr 2023 | 90
Ukrainian cops nab suspects accused of stealing $4.3m from victims across Europe
If the price looks too good to be true, it probably is
Cyber-crime01 Apr 2023 | 13
NYPD blues: Cops ignored 93 percent of surveillance law rules
Who watches the watchmen? The Office of the Inspector General
Security31 Mar 2023 | 17
Psst! Infosec bigwigs: Wanna be head of security at HM Treasury for £50k?
Juicy private sector job vs … money off a season travel ticket
Security31 Mar 2023 | 77
NHS Highland 'reprimanded' by data watchdog for BCC blunder with HIV patients
'Serious breach of trust' says ICO, 'stakes too high' for mistakes in cases like this
Security31 Mar 2023 | 26
Pro-Russia cyber gang Winter Vivern puts US, Euro lawmakers in line of fire
Winter is coming for NATO countries
Security31 Mar 2023 | 9
Leaked IT contractor files detail Kremlin's stockpile of cyber-weapons
Snowden-esque 'Vulkan' dossier links Moscow firm to FSB, GRU, SRV
Defense Tech Week31 Mar 2023 | 28
Azure blunder left Bing results editable, MS 365 accounts potentially exposed
'BingBang' boo-boo affected other internal Microsoft apps, too
Security30 Mar 2023 | 12
AlienFox malware caught in the cloud hen house
Malicious toolkit targets misconfigured hosts in AWS and Office 365
Security30 Mar 2023 |
Do you use comms software from 3CX? What to do next after biz hit in supply chain attack
Miscreants hit downstream customers with infostealers
Cyber-crime30 Mar 2023 | 25
Microsoft uses carrot and stick with Exchange Online admins
If you need extra time to dump RPS, OK, but email from unsupported Exchange servers is blocked till they’re up to date
Spotlight on RSA30 Mar 2023 | 16
Warning: Your wireless networks may leak data thanks to Wi-Fi spec ambiguity
How someone can nab buffered info, by hook or by kr00k
Spotlight on RSA30 Mar 2023 | 15
Another year, another North Korean malware-spreading, crypto-stealing gang named
Mandiant identifies 'moderately sophisticated' but 'prolific' APT43 as global menace
Spotlight on RSA30 Mar 2023 | 2
Smugglers busted sneaking tech into China
'Intel inside' a suspiciously baggy t-shirt gave the game away – as did a truckload of parts
Security30 Mar 2023 | 27
Malware disguised as Tor browser steals $400k in cryptocash
Beware of third party downloads
Security30 Mar 2023 |
Microsoft Defender shoots down legit URLs as malicious
Updated Those hoping to use nefarious websites like, er, Zoom are overrun by alerts. Redmond 'investigating'
Security29 Mar 2023 | 25
EU mandated messaging platform love-in is easier said than done: Cambridge boffins
Digital Market Act interoperability requirement a social challenge as well as a technical one
Security29 Mar 2023 | 56
FTX cryptovillain Sam Bankman-Fried charged with bribing Chinese officials
Court gives him new rules: Use one laptop, while living with the 'rents.
Cyber-crime29 Mar 2023 | 52
DDoS DNS attacks are old-school, unsophisticated … and they’re back
So why would you handle them on your own?
Sponsored Feature
China urges Apple to improve security and privacy
It's a juicy market that welcomes foreign investment, National development boss reminds Tim Cook
Security29 Mar 2023 | 7
Apple patches all the iThings, including iOS 15 hole under attack right now
Issue identified in February but owners of older kit weren't warned
Patches28 Mar 2023 | 11
Google again accused of willfully destroying evidence in Android antitrust battle
Updated Starting to see a pattern here? Judge seems to think so
Security28 Mar 2023 | 35
President Biden kind of mostly bans commercial spyware from US govt
Executive order has loopholes for Uncle Sam's snoop tools and American-made code
Cyber-crime28 Mar 2023 | 15
Biting the hand that feeds IT
