Alien versus Predator? No, this Android spyware works together Phone-hugging code can record calls, read messages, track geolocation, access camera, other snooping Research27 May 2023 |
US govt pushes spyware to other countries? Senator Wyden would like a word Uncle Sam confirms it's saying nothing Security26 May 2023 | 2
BlackByte ransomware crew lists city of Augusta after cyber 'incident' Mayor promises to comment on Friday Cyber-crime26 May 2023 | 2
It's 2023 and Sri Lanka doesn't have a cyber security authority All should change this year as the country passes its Cyber Security Bill Security26 May 2023 | 1
Spotted: Suspected Russian malware designed to disrupt Euro, Asia energy grids For simulation or for real, we don't like the vibes from this CosmicEnergy Research25 May 2023 | 6
So the FBI 'persistently' abused its snoop powers. What's to worry about? Register Kettle When is warrantless surveillance warranted? Security25 May 2023 |
Facial recog system used by Met Police shows racial bias at low thresholds Tech used at King's Coronation employs higher thresholds on once-only watch-lists, Met tells MPs Security25 May 2023 | 18
Five Eyes and Microsoft accuse China of attacking US infrastructure again Defeating Volt Typhoon will be hard, because the attacks look like legit Windows admin activity Cyber-crime25 May 2023 | 9
This legit Android app turned into mic-snooping malware – and Google missed it File-stealing nasty in my Play store? Preposterous!!1 Cyber-crime24 May 2023 | 18
Philly Inquirer says Cuba ransomware gang's data leak claims are fake news Now that's a Rocky relationship Cyber-crime24 May 2023 |
IT security analyst admits hijacking cyber attack to pocket ransom payments Ashley Liles altered blackmail emails in bid to make off with £300,000 in Bitcoin Cyber-crime24 May 2023 | 20
US bans North Korean outsourcer and its feisty freelancers They do your work – usually from Russia and China – then send their wages home to pay for missiles Cyber-crime24 May 2023 | 3
Apria Healthcare says potentially 2M people caught up in IT security breach Took two years to tell us 'small number of emails' accessed Cyber-crime23 May 2023 | 4
Dish confirms 300,000 people's data was exposed in February's attack But don't worry – we know it was deleted. Hmm. How would you know that? Cyber-crime23 May 2023 | 4
TikTok to let Oracle view source code, algorithm, and content moderation It's all in the name of national security as Trump-era collab continues in Project Texas Security23 May 2023 | 10
Ads for lucrative jobs in Asia fail to mention chance of slavery as crypto-scammer FBI warns jobseekers to be very skeptical of working holidays in Cambodia Cyber-crime23 May 2023 | 15
China hasn't told Micron why it failed security review, or what its ban means US memory-maker forecasts single-digit revenue impact, and ongoing gloom in PC and smartmobe markets Security23 May 2023 | 6
Uncle Sam strangles criminals' cashflow by reining in money mules Tech support scammer among those targeted by recent crackdowns Cyber-crime23 May 2023 | 6
Google settles location tracking lawsuit for only $39.9M in brief Also, more OEM Android malware, Google's bug reports (mostly) ditch CVEs, and this week's critical vulns Security22 May 2023 | 7
More UK councils caught by Capita's open AWS bucket blunder As for March megabreach? M&S and Guinness maker Diageo warn pension members about data risks Cyber-crime22 May 2023 | 33
Windows XP activation algorithm cracked, keygen now works on Linux The unkillable OS rises from the grave… Again
Intel mulls cutting ties to 16 and 32-bit support Hypothetical x86S architecture would boot straight into 64-bit mode
Europe’s biggest city council faces £100M bill in Oracle ERP project disaster Doubts over Birmingham’s decision to replace SAP in plan once hailed an exemplar win by Larry Ellison
PyPI subpoenaed: US govt demands data on developers Python package packhouse ponders privacy position
That old box of tech junk you should probably throw out saves a warehouse On Call When all seemed lost, here comes the Sun … workstation
Facial recog system used by Met Police shows racial bias at low thresholds Tech used at King's Coronation employs higher thresholds on once-only watch-lists, Met tells MPs
Microsoft has made Azure Linux generally available. Repeat, Azure Linux Come for the Kubernetes, stay for the containers
BlackByte ransomware crew lists city of Augusta after cyber 'incident' Mayor promises to comment on Friday
BOFH: Get me a new data file or your manager finds out exactly what you think of him Episode 10 A developer in sales? You poor, poor creature
Fighting the five Hear SANS cyber security experts share advice on how to defend your organization against the latest threats Sponsored Post
Rigorous dev courageously lied about exec's NSFW printouts – and survived long enough to quit with dignity Who, Me? Log files don't lie and in this case one nasty incident spoke to a far deeper malaise Security22 May 2023 | 82
Teen in court after '$600K swiped from DraftKings gamblers' Bet he didn't expect these computer hacking charges Cyber-crime19 May 2023 | 17
Russian IT guy sent to labor camp for DDoSing Kremlin websites Pro-Ukraine techie gets hard time Cyber-crime19 May 2023 | 25
UK's GDPR replacement could wipe out oversight of live facial recognition Question not whether UK police should use facial recog, but how, says surveillance chief Security19 May 2023 | 101
Apple warns of three WebKit vulns under active exploitation, dozens more CVEs across its range High school student and Amnesty International named among bug-finders Security19 May 2023 | 13
Cisco squashes critical bugs in small biz switches You'll want to patch these as proof-of-concept exploit code is out there already Patches18 May 2023 |
Microsoft decides it will be the one to choose which secure login method you use Certificate-based authentication comes first and phones last CSO18 May 2023 | 55
Six million patients' data feared stolen from PharMerica Cue the inevitable class action lawsuit Cyber-crime18 May 2023 | 5
'Strictly limit' remote desktop – unless you like catching BianLian ransomware Do it or don't. We're not cops. But the FBI are, and they have this to say CSO17 May 2023 | 32
Another security calamity for Capita: An unsecured AWS bucket Colchester City Council says it and others caught up in new incident, reckons benefits data of local citizens exposed Security17 May 2023 | 31
Don't panic. Google offering scary .zip and .mov domains is not the end of the world Comment Did we forget about .pl, .sh and oh yeah, .com ? CSO17 May 2023 | 80
Upstart encryption app walks back privacy claims, pulls from stores after probe Try not leaving a database full of user info, chats, keys exposed, eh? Research17 May 2023 | 40
Ransomware-as-a-service groups rain money on their affiliates Qilin gang crims can earn up to 85 percent of extortion cash, or jail Cyber-crime17 May 2023 | 4
Feds offer $10m reward for info on alleged Russian ransomware crim Infecting cops' computers is one way to put a target on your back Cyber-crime17 May 2023 | 1
US Dept of Transport security breach exposes info on a quarter-million people Not the first time Uncle Sam has had the wheels come off its IT systems Security16 May 2023 | 4
Compliance automation to confound cyber criminals How you can streamline the auditing process while improving compliance and security Sponsored Post
Cops crack gang that used bots to book and resell immigration appointments Keeping files that mention 'robot rental' may not have been the best way to cover their tracks Cyber-crime16 May 2023 | 24
FTC sues VoIP provider over 'billions of illegal robocalls' XCast knew it was breaking the law and didn't hold back, watchdog says Cyber-crime16 May 2023 | 39
Intel says Friday's mystery 'security update' microcode isn't really a security update We're all for encouraging people to squash bugs but this is an odd way to do it Patches15 May 2023 | 5
Extra! Extra! Don’t quite read all about it: Cyber attack hits Philadelphia Inquirer Breaking news, literally Cyber-crime15 May 2023 |
Some potential: How bad software updates could over-volt, brick remote servers Video PMFault – from the eggheads who brought you Plundervolt and Voltpillager Cyber-crime15 May 2023 | 3
No more macros? No problem, say miscreants, we'll adapt Microsoft blocking 'net scripts sparked 'monumental shift' in attacks CSO15 May 2023 | 10
An important system on project [REDACTED] was all [REDACTED] up Who Me? Luckily, [REDACTED] was there to save the day Security15 May 2023 | 45
Ransomware corrupts data, so backups can be faster and cheaper than paying up Smash and grab raids don’t leave time for careful encryption Cyber-crime15 May 2023 | 31
Arm acknowledges side-channel attack but denies Cortex-M is crocked Black Hat Asia Spectre-esque exploit figures out when interesting info might be in memory Security15 May 2023 | 7
Toyota's bungling of customer privacy is becoming a pattern in brief Also: 3D printing gun mods = jail time; France fines Clearview AI for ignoring fine; this week's critical vulns, and more Security15 May 2023 | 33
'Top three Balkans drug kingpins' arrested after cops crack their Sky ECC chats Maybe try carrier pigeons instead Cyber-crime13 May 2023 | 27
Why Microsoft just patched a patch that squashed an under-attack Outlook bug Let's take a quick dive into Windows API Patches12 May 2023 | 44
Ex-Ubiquiti dev jailed for 6 years after stealing internal corp data, extorting bosses Momentary lapse in VPN led to stretch in the cooler, $1.6m bill Cyber-crime12 May 2023 | 8
Britain's largest private pension scheme reveals scale of Capita break-in USS says burgled biz reckons data on 470,000 'active, deferred and retired' members may have been accessed Cyber-crime12 May 2023 | 37
Activists gatecrash Capita's AGM to protest GPS tracking contract Outsourcer asked to take 'principled stance' Security12 May 2023 | 23
UK cops score legal win in EncroChat snooping op But tribunal punts on whether data was intercepted in transit Cyber-crime12 May 2023 | 11
India to send official whassup to WhatsApp after massive spamstorm In a weird way, we can blame this on AI being a better bet than blockchain Security12 May 2023 | 4
Let white-hat hackers stick a probe in those voting machines, say senators HAVA go at breaking electronic ballot box security Research11 May 2023 | 47
Millions of mobile phones come pre-infected with malware, say researchers Black Hat Asia The threat is coming from inside the supply chain Cyber-crime11 May 2023 | 49
ENISA leans into EU-based clouds with draft cybersecurity label Time for AWS and pals to start thinking about JVs? Security11 May 2023 | 8
Sonatype axes 14 percent of staff, reminds them not to talk to the press Exclusive Workers slam 'horrendous' handling of layoffs that left even 'engineering managers in the dark' CSO10 May 2023 | 41
Twitter adds new DM features, and Musk claims encryption is here, starting today Updated We'll believe our DMs are secure when someone provides proof, thanks Security10 May 2023 | 18
23-year-old Brit linked to 2020 Twitter attack and SIM-swap scheme pleads guilty Admits to cyberstalking, wire fraud charges as Feds take $700k off him Cyber-crime10 May 2023 | 12
Capita looking at a bill of £20M over breach clean-up costs Analyst says expense 'no small drop in ocean' but reputational damage could be 'far greater' Cyber-crime10 May 2023 | 9
Japan's ubiquitous convenience stores now serving up privacy breaches Fujitsu in the frame for foul up with government document dispersal app Security10 May 2023 | 10
Two Microsoft Windows bugs under attack, one in Secure Boot with a manual fix Patch Tuesday On the plus side, this month's update batch is a bit smaller than usual Patches09 May 2023 | 20
FBI-led Op Medusa slays NATO-bothering Russian military malware network Perseus to the rescue as Snake eats itself Cyber-crime09 May 2023 | 9
Microsoft disarms push notification bombers with number matching in Authenticator Mandatory measure against attackers who spam MFA folks into submission Security09 May 2023 | 18
EU proposes spyware Tech Lab to keep Big Brother governments in check Potential roles for IT pros and lawyers, European city location included Security09 May 2023 | 7
Beijing raids consultancy, State-sponsored media warns more to come Retaliation or national security? Security09 May 2023 | 7
FYI: Intel BootGuard OEM private keys leak from MSI cyber heist Updated Plus: Court-ordered domain seizures of DDoS-for-hire sites Cyber-crime09 May 2023 | 13
Western Digital: Customer info stolen in that IT attack Hard times for buyers of these hard drives Cyber-crime08 May 2023 | 8
Twitter admits 'security incident' made private Circles not so much Perhaps one of the thousands of people laid off from the biz could have fixed it, just a thought Security08 May 2023 | 5
Modern Auth comes to on-prem Exchange Server gear Guess this'll have to do while we wait for *checks notes* ES 2025 CSO08 May 2023 | 2
T-Mobile US suffers second data theft within months in brief Also, Capita's buckets are leaking, ransomware attackers deliver demands via emergency alert, and this week's critical vulns Security08 May 2023 | 6
DEF CON to set thousands of hackers loose on LLMs Can't wait to see how these AI models hold up against a weekend of red-teaming by infosec's village people Research06 May 2023 | 27
Dump these insecure phone adapters because we're not fixing them, says Cisco Security hole ranks 9.8 out of 10 in severity, 0 out of 10 in patch availability CSO05 May 2023 | 90
A right Royal pain in the Dallas: City IT systems crippled by ransomware Texas officials preach limited government ... but not this limited Cyber-crime05 May 2023 | 21
Capita admits some pension data 'likely' to have been accessed in March breach Weeks after outsourcer admits 'cyber incident' more warnings issued Cyber-crime05 May 2023 | 23
Users complain over UK state-owned bank's services as Atos eyes the exit Updated National Savings & Investment contracting for massive tech deals as customers complain of 2FA failure Security05 May 2023 | 44
China labels USA 'Empire of hacking' based on old Wikileaks dumps Pot, meet kettle, both containing weak sauce Security05 May 2023 | 38
Ex-Uber CSO gets probation for covering up theft of data on millions of people Exec begged judge for leniency – and it worked Cyber-crime04 May 2023 | 18
Strike three: FTC says Meta still failing to protect user privacy Deals between Zuckercorp + FTC in 2012 and 2020 are being ignored, so time to get stricter, says commish Security04 May 2023 | 21
Go ahead, forget that password. Use a passkey instead, says Google 'But they're gonna take my thumbs' hits different in 2023 Security04 May 2023 | 50
Meta does the 'We found baddies and crushed them' thing again – this time for AI Who would have thought crims would try using Facebook to fool people? Security03 May 2023 | 1
Insurers can't use 'act of war' excuse to avoid Merck's $1.4B NotPetya payout 'The get-out-of-jail-free card option has been removed' as one expert put it CSO03 May 2023 | 37
Chrome's HTTPS padlock heads to Google Graveyard Logowatch As blue check marks start showing up in Gmail Security03 May 2023 | 40
The importance of being certified New GIAC Security Professional and revamped GIAC Security Expert qualifications offer increased choice and flexibility for cybersecurity pros Sponsored Post
Apple pushes first-ever 'rapid' patch – and rapidly screws up Maybe you're just installing it wrong? Patches02 May 2023 | 43
Mirai botnet loves exploiting your unpatched TP-Link routers, CISA warns Oracle and Apache holes also on Uncle Sam's list of big bad abused bugs Patches02 May 2023 | 1
Apple, Google propose anti-stalking spec for Bluetooth tracker tags We moved fast and broke things, people got harassed and murdered, so let's revisit privacy Security02 May 2023 | 30
288 arrested in multinational Monopoly Market takedown US tells criminals it 'will find you' and has a particular set of skills Cyber-crime02 May 2023 | 16
Data loss costs are going up – and not just for those who choose to pay thieves Ransoms, investigations, and breach-related lawsuits are hitting companies in the wallet, law firm says Cyber-crime02 May 2023 | 6
Russia's APT28 targets Ukraine government with bogus Windows updates Nasty emails designed to infect systems with info-stealing malware Cyber-crime02 May 2023 | 4
Feds rethink warrantless search stats and – oh look, a huge drop in numbers 119,000 instances of homeland snooping as the power to do so comes under review Security02 May 2023 | 20
IT giant Bitmarck shuts down customer, internal systems after cyberattack Patient data 'was and is never endangered', says medical tech slinger Cyber-crime01 May 2023 | 6
Centralized secrets management picks up pace How cloud migration and machine identities are fueling enterprise demand for secrets management systems Sponsored Feature
Google adds account sync for Authenticator, without E2EE in brief Also: Your Salesforce Community site might be leaking; a new CPU side-channel; and this week's critical vunls Security01 May 2023 | 7
Your security failure was so bad we have to close the company … NOT! Who, Me? There are pranks, and savage pranks, and this prank when the CTO and HR ganged up on a very stressed techie Security01 May 2023 | 47
China has 50 hackers for every FBI cyber agent, says Bureau boss Combatting it is going to take more money. Lots of more money. Cyber-crime01 May 2023 | 27
Online Safety Bill age checks? We won't do 'em, says Wikipedia World's encyclopedia warns draft law could boot it offline in UK Security28 Apr 2023 | 89
Google sues CryptBot slingers, gets court order to shut down malware domains Hands off those Chrome users, they're ours! Cyber-crime27 Apr 2023 | 7