News

Supreme Court wraps up legal submissions from supermarket and breach victims

"Cutting to the chase, it's not a case where the office cleaner finds a thumb drive, picks it up and takes the opportunity to make some use of it," barrister Jonathan Barnes told the Supreme Court as he urged judges to dismiss Morrisons' appeal against liability for its 2014 payroll data breach.…

But sure, it's Huawei that's the big security threat

Staff were cuffed in a police raid on Thursday at the offices of US surveillance equipment vendor Aventura Technologies. The workers are now facing criminal charges for allegedly passing off Chinese-made gear as stuff built in America, and selling it to Uncle Sam and its military.…

Beak denies wrongdoing in baffling malware probe case

A judge in the US state of Georgia is facing hacking charges after she allegedly hired private investigators to look into what she believed was a spyware infection on her office computer.…

Mobile app SDKs sport dodgy crypto defaults, set bad examples – updates available

It has been revealed that Adobe's Experience Platform mobile SDKs, used to create apps that interact with the company's cloud services, until recently contained sample configuration files that created insecure default settings.…

Tales from the coal face as experts reflect on what can possibly go wrong on the job

Analysis  It has been six weeks since Coalfire's Gary Demercurio and Justin Wynn were arrested in Dallas County, Iowa, while performing a paid-for security penetration test at a courthouse. Despite everyone acknowledging there was no foul play, the pair still face criminal charges. They deny any wrongdoing.…

Supermarket takes appeal to most senior legal eagles

Brit supermarket Morrisons is arguing in the Supreme Court that it shouldn't be held vicariously liable for the actions of a rogue employee who stole and leaked the company's payroll.…

Infosec veteran Marc Rogers on why we need a better system to rate vulnerabilities

Disclosure  The way we rate the severity of computer security vulnerabilities and bugs needs to change if people and businesses want to be better protected from malware and cyber-crime.…

Your guide to some of the security enhancements announced this week

Ignite  Amid the flood of news from Microsoft's Ignite conference in Florida this week, Redmond dropped word of several new features and additions to its cloud services aimed at protecting user data.…

One cuffed by Feds this week

Two now-ex Twitter employees have been charged with spying on behalf of Saudi Arabia – after they allegedly leaked internal records for accounts linked to critics of the Saudi royal family, including the assassinated journalist Jamal Khashoggi, while working for the social network.…

The App Defense Alliance posse will scrutinize Android app code before release

Google, after more than a decade of dealing with Android malware, has formed an alliance with three security companies to help it defend its mobile platform.…

Senators: Um, no.

The NSA was unable to give a single example of how one of its most controversial spying programs has been useful in the fight against terrorism in a Congressional hearing on Wednesday morning.…

Insider sold 120,000 customer records to scammers

Trend Micro today revealed one of its staff went rogue and illegally sold the personal information of roughly 120,000 of its customers.…

737 NG and 787 Dreamliner hit with safety flaw allegations

Ailing Boeing has been hit with a double whammy of recent controversies alleging safety flaws with its 737 NG (not the fatally flawed Max) and the 787 Dreamliner.…

27-year-old 'fessed up to 8 offences

Exclusive  A man has pleaded guilty to hacking low-cost airline Jet2, including an attempt to compromise the CEO's email account.…

Katie Moussouris speaks out on modern-day flaw finding and infosec jobs

Disclosure  Bug-bounty pioneer Katie Moussouris has urged companies to hire the necessary staff to handle vulnerability disclosures before diving headlong into handing out rewards.…

MoD offshoot names winners who dipped into £2m anti-drone ideas pot o' gold

The British government has funded 18 anti-drone projects as part of its £2m push to stop a repeat of the Gatwick drone fiasco of 2018 – including a friendly drone swarm that will employ "peregrine falcon attack strategies" to down errant unmanned flying things.…

Plans to aggregate it with other databases should be discussed, says ethics group

Updated  An independent ethical advice group has raised concerns about the UK Home Office's £842m Biometrics programme, which will store millions of people's highly sensitive biometric data, due to go live next year.…

Once is an unfortunate cockup. Twice needs stamping on

British telco Three UK has once again let random people viewing its homepage view its customers' account details as if they were logged in, exposing personal and billing data to casual browsing.…

Microsoft seems a bit hazy on what 'disable' actually means

A security hole in Office for Mac can be exploited by miscreants to potentially run malicious code on victims' shiny computers without anyone noticing.…

As US picks up its game, scumbags seek new targets

A malware infection has crippled the IT operations in the remote Canadian territory of Nunavut.…