News

One Irishman and one Dutchman both nicked

Two men have been arrested after Britain’s National Crime Agency and its international pals claimed the takedown of breached credentials-reselling website WeLeakInfo.…

New perspective on FBI, Interpol demands for backdoors

Vid  Police Scotland to roll out encryption bypass technology, as one publication reported this week, causing some Register readers to silently mouth: what the hell?…

Good news: There is none. Well, apart from you can at least fully patch the Microsoft blunder

Vid  Easy-to-use exploits have emerged online for two high-profile security vulnerabilities, namely the Windows certificate spoofing bug and the Citrix VPN gateway hole. If you haven't taken mitigation steps by now, you're about to have a bad time.…

Execs don't care to keep things shipshape if they don't see a return.... so let's MAKE them

Column  On New Year's Eve 2019, the good ship Travelex struck the iceberg of ransomware. That's not a good metaphor, to be honest: when the SS Titanic hit its frozen nemesis, it had the good taste to unambiguously sink in two hours and 40 minutes. Not so Travelex.…

Sign up now: The UK government's scheme to help new companies grow and scale is back

Promo  If you need to get your new IT security company noticed, the Tech Nation Cyber programme is back, opening its doors for another cohort of British infosec startups looking to scale at speed.…

Decision is preliminary and unenforced, though a good start

Analysis  In a massive win for privacy rights, a preliminary ruling from the European Court of Justice (ECJ) has made clear that national security concerns do not override citizens’ data privacy. Thus, ISPs should not be forced to hand over personal information without clear justification.…

Exposed: Intimate... personal details belonging to thousands of folks

A pair of misconfigured cloud-hosted file silos have left thousands of peoples' sensitive info sitting on the open internet.…

House of Larry delivers massive update for 93 products

Oracle has released a sweeping set of security patches across the breadth of its software line.…

EDR is an SMB's best friend, says F-Secure

Webcast  We don’t want to spook anyone, but… cyber-criminals have been busy.…

Another day, another critical set of flaws

A pair of widely used WordPress plugins need to be patched on more than 320,000 websites to close down vulnerabilities that can be exploited to gain admin control of the web publishing software.…

Grab your Microsoft, Adobe, SAP, Intel, and VMware fixes now

Patch Tuesday  In the first Patch Tuesday of the year, Microsoft finds itself joined by Adobe, Intel, VMware, and SAP in dropping scheduled security updates.…

This isn't the way to make the Cook(ie) crumble

Analysis  Apple has responded to a demand from the United States' Attorney General William Barr that it grant the FBI access to two iPhones used in a recent shooting by carefully calling bullshit on his claims.…

American security officials fly to London to 'brief' Boris

It would be "nothing short of madness" to use Huawei gear in Britain's 5G mobile networks, an American national security adviser has reportedly told UK Prime Minister Boris Johnson.…

Study shows top telcos are naff at fending off cellphone number hijackings

Four Princeton University eggheads have published a report showing that the five major US mobile carriers implement weak authentication techniques, leaving customers vulnerable to SIM-swapping attacks that transfer victims' phone numbers to devices controlled by scammers.…

FBI probes massive fraud

A miscreant managed to swipe $2.3m from a Texas school district after staff inadvertently wired large sums of public money to the crook's bank account.…

Open letter to Chocolate Factory's Sundar Pichai penned by 50 campaign groups

For much of Android's existence, Google has adopted a relatively hands-off approach that lets manufacturers ship units with pre-installed bloatware which, in many cases, cannot be easily removed. This has infuriated users and privacy advocates alike, leading 50 of the latter to pen a blistering open letter to Google and Alphabet chief Sundar Pichai urging him to take action.…

His helicopter costs £550/hour to fly, don't you know

The managing director of a Manchester-based infosec firm has been fined for flying his helicopter into an air traffic control zone without permission, having first launched a rant at air traffic controller.…

Info Commish has £2m annual legal budget to face off with multinationals

The UK Information Commissioner's Office has kicked £280m in data breach fines against British Airways and US hotel chain Marriott into the long grass.…

Plus: TikTok clocked, Honey in a sticky situation, Arm's PAN mechanisms sidestepped

Roundup  Welcome to another Register security roundup. Here are a few stories that caught our eye.…

It's got a name and logo so it's serious, you guys

A vulnerability in Broadcom's cable modem firmware has left as many as 200 million home broadband gateways in Europe, and potentially more worldwide, at risk of remote hijackings.…