News

Manufacturers seem not to care – some routers still awaiting patches

DSL modems and Wi-Fi routers from D-Link and Comba have been found to be leaving owners' passwords out in the open.…

Alleged whaling crooks cuffed in global crime crackdown

US prosecutors say 281 suspected criminal hackers around the world have been arrested as part of a massive takedown operation against so-called business email compromise operations. That's the type of caper in which crooks hijack executives' email accounts, or impersonate the staffers, to trick colleagues into wiring funds to fraudsters' accounts.…

Microsoft joins Adobe and SAP in cleaning up security bugs, two of which are under active attack

Patch Tuesday  Microsoft, Adobe, and SAP today delivered a load of security updates for this month's Patch Tuesday.…

Google promises it won't override your choice of DNS provider

Only days after Mozilla said it plans to make DNS-over-HTTPS (DoH) available by default gradually for Firefox users in the US, Google announced its intention to test DoH in Chrome 78, due for beta release in the next two weeks.…

Chipzilla downplays cunning data-snooping side-channel technique

Video  It is possible to discern someone's SSH password as they type it into a terminal over the network, say infosec gurus who have found an interesting side-channel vulnerability in Intel's networking technology.…

To protect query privacy, browser maker will run everything through Cloudflare

On Friday, Mozilla said it plans to implement the DNS-over-HTTPS (DoH) protocol by default in its Firefox browser, with a slow rollout starting in late September.…

Millions likely to get kicked into credit monitoring deal

It’s been a year since hapless credit-monitoring company Equifax admitted hackers gained access to the personal details of some 175 million people on its servers – and it has marked the anniversary with an extra legal hurdle for those seeking compensation.…

Infosec bod bags reward for spotting image privacy bug

VIdeo  Telegram has fixed a bug that broke one of its chat app's key privacy features: the ability to fully delete your sensitive messages on recipients' phones.…

Lights go out across Europe

Wikimedia has fingered a massive distributed-denial-of-service attack for outages at Wikipedia across Europe over the weekend.…

$16bn slapped on table by Permira and Advent – reports

Symantec shares have jumped almost 5 per cent following reports that it is close to offloading its consumer business to a pair of private equity investors.…

Also, XKCD forums hacked and Monster monstered

Roundup  Here's a look back at some of the latest security bits and bobbles.…

Install incoming update to avoid having your boxes hijacked

The widely used Exim email server software is due to be patched today to close a critical security flaw that can be exploited to potentially gain root-level access to the machine.…

Oh, so you can just do that? That's possible? Restoring from clean, good backups after an infection? Who knew?

The City of New Bedford, in Massachusetts, has found a way to deal with ransomware without paying: shoring up defenses, restoring from backups, and rebuilding systems.…

Except one – a 'your phone is now my phone' bug reported months ago and still not fixed

Google this week emitted the September edition of its monthly Android security updates – and has left at least one known vulnerability unpatched. Also, in case you missed it, the web giant started rolling out Android 10 a few days ago.…

SF-based continuous delivery outfit says soz

Software testing and delivery company CircleCI has apologised for exposing user data to the world and its dog.…

One moron down, two to go

The script kiddie at the center of the Satori botnet case has pleaded guilty.…

Our ads? Stomping on people's privacy? Never! Not us! sobs search giant

Brave, the maker of a Chromium-based browser with a focus on privacy, claims advertising giant Google flouts Europe's data protection rules by effectively leaking netizens' web browsing activities to advertisers.…

Machine-learning code solves image puzzles just like us netizens – claim

Video  US-based academics claim they have developed a machine-learning system that can beat Google's bot-detecting reCAPTCHA system.…

Flaws now (mostly) patched

Over-the-air provisioning is the latest attack vector threatening your innocent Android mobe, according to Check Point today.…

After 15 years, Semaphore DB that flags up persons of interest goes into extra (Brexit) time

The Home Office has inked a £45m 33-month contract extension with IBM for its creaking Semaphore border technology contract.…