News

Spreading in the wild, no vaccine, people told to distance themselves from dodgy sources... sounds familiar

Hackers are commandeering victims' Windows PCs by exploiting at least one remote-code-execution flaw in the Adobe Type Manager Library included with the Microsoft operating system. No patches are available right now.…

Suspected carriers need to stay home – and we should use their phones to monitor them, we're told

Tracking the movements of suspected COVID-19 coronavirus carriers has proved an essential tool in controlling the pandemic, according to Professor Marylouise McLaws.…

On the other hand, these Pwn2Own results are legit

Roundup  It is time for another Reg security summary.…

It's not like you can snoop on anyone right now anyway, right?

Proof-of-concept exploit code has emerged for last month's data-leaking KrØØk vulnerability present in a billion-plus Wi-Fi-connected devices and computers.…

Criminal scum use pandemic as golden business opportunity

British police are saying coronavirus-related fraud reports have spiked by 400 per cent over the past six weeks as the COVID-19 illness continues its inexorable march through humanity.…

Already sin-binned it in 2018, will keep it around in extended support until 2021, and is way behind Chrome

Firefox has decided it’s time to burn the browser’s FTP connections.…

Switchzilla says remote networking gear has a grab-bag of holes

Cisco has issued a series of security updates for its SD-WAN and Webex software, just when they're most needed.…

Artists variously known as Pawn Storm and APT28 are still at it

The Russian hacking crew known variously as APT28, Fancy Bear and Pawn Storm has been targeting defence companies with Middle Eastern outposts, according to Trend Micro.…

Don't take their word for it. Governments need to up their security game, says security firm

Updated  Ransomware operators of DoppelPaymer and Maze malware stated that they will not target medical organisations during the current pandemic.…

Government CIO promises they don’t record location, just change of location

Hong Kong has made it mandatory for all new arrivals to wear an “electronic wristband” that links to a smartphone to provide location-tracking services, so that authorities can be sure they’re observing COVID-19 quarantine requirements. And the city-state insists its privacy commissioner has signed off on the idea because it “does not pose privacy concerns.”…

Tour operator used job in America as cover while acting as a data mule for Beijing, stealing secrets from biz

An American citizen will spend the next four or so years behind bars in the US for smuggling corporate secrets out of the states to his spymasters in China.…

Genuine Integrity doesn't exactly live up to its name

A little more than a week after forgoing March's Patch Tuesday hullabaloo, Adobe has emitted fixes for dozens of security flaws in its applications.…

ICO notches up first successful FoI prosecution

A town clerk in the English county of Shropshire has been the subject of the first ever successful Freedom of Information prosecution after lying to a member of the public who made an FoI request.…

Bank info, driver's license copies and more found, report researchers

A now-defunct mobile app for loaning money to small business owners has been pinned down as the source of an exposed archive containing roughly 500,000 personal and business financial records.…

Israel is up for it. Washington, Iran and Thailand may be too. China is there already, natch

Pervasive surveillance through digital technologies is the business model of Facebook and Google. And now governments are considering the web giants' tools to track COVID-19 carriers for the public good.…

Not totally eradicated yet, ads make more dosh

Cryptojacking, the theft of computing power to mine digital currency, has been around at least since 2013 – and has shrunk in use dramatically with the death of Monero-mining service Coinhive.…

And his boss monitored him with a RAT

A most entertaining piece of threat research from Check Point gives a unique insight into the "working" life of a Nigerian email spammer who made thousands of dollars from stolen credit cards alone in recent years.…

Including: COVID-19-hit cruise giant admits it was hacked

Roundup  We hope everyone is staying healthy and safe. It's time for another Reg roundup of security news you may have missed.…

Finally, something that isn't coronavirus related [delete this – ed.]

VMware has released security patches for a trio of bugs in its desktop-class virtualization products.…

Miscreants also hammer Euro websites as well, because why not?

In an impeccable instance of horrible timing, the US government's Department of Health and Human Services (HHS) says it fended off a cyberattack by online scumbags.…