News

Half of government grant to infosec training biz suspended as MPs demand probe

Infosec training biz Hacker House has been catapulted to Parliamentary prominence after reports that co-founder Jennifer Arcuri secured government funding because of her personal relationship with now-Prime Minister Boris Johnson.…

While you're at it, fix Java too

Adobe has released an update to clean up a trio of vulnerabilities in ColdFusion, its long-running web application platform.…

Lone 'no' vote nixes renewal of W3C's Privacy Interest Group

Google has blocked a proposed revision of the charter of the Privacy Interest Group (PING), a part of the W3C web standards body, over concerns that establishing an unchecked "authoritarian review group" will create "significant unnecessary chaos in the development of the web platform."…

Hack spee included 2014 JP Morgan Chase data theft

On Monday, Andrei Tyurin, a 35-year-old Russian national, pleaded guilty in New York to charges of computer intrusion, bank and wire fraud, and online gambling in connection with a sustained hacking campaign targeting US financial institutions.…

Hackers can inject system commands via version 5 of software, no patch available

An anonymous bug hunter has publicly disclosed a zero-day flaw in the version 5 of the popular vBulletin forum software than can be exploited over the internet to hijack servers. No patch is known to be available.…

As Reg readers will know, you'll have to click a few buttons first

Firebox builder Mozilla has confirmed to UK Culture Secretary Nicky Morgan that Britons won't be getting DNS-over-HTTPS (DoH) by default once the feature is included in the next run of browser updates.…

UK.gov wants 'algorithm' to be shared with other tech firms

UK prime minister (at time of writing) Boris Johnson announced to the UN Security Council today a plan to block the sharing of violent videos on social media after terrorist attacks.…

McAfee study finds poor setups, even worse visibility

The ongoing rash of data leaks caused by misconfigured clouds is the result of companies having virtually no visibility into how their cloud instances are configured, and very little ability to audit and manage them.…

Update browser ASAP after Google gurus spot miscreants abusing bug to hijack PCs

Microsoft today issued a rare emergency security update for Internet Explorer to address a critical flaw in the browser that's being exploited right now in the wild.…

Maybe check your credit rating, says red-faced firm

T-shirt flogger CafePress has finally informed its customers about a serious data loss dating back to February and first reported last month.…

Gov.uk portal finally lurched back to life after lunch

Furious parents have lashed out at Her Majesty's Revenue and Customs after the UK tax authority let a key HTTPS certificate expire on its childcare tax credit portal.…

Plus, a Windows NTSF flaw, Fortnite hacking, and much, much more

Security roundup  Here are a handful of security happenings in the past week that are worth noting - aside from what The Reg has already covered.…

Oh no I didn't, says disgraced ex-Kaspersky guy

An accused Russian hacker has claimed Kaspersky's former head of investigations blackmailed him into stealing approximately £150,000 from local banks.…

37-year-old was extradited to Blighty to stand trial

A Bulgarian phishing criminal who created fake versions of legitimate companies' websites as part of a £40m fraud has been jailed.…

Perception is an illusion, grasshopper

Security surveys tend to confirm what we already knew a few months ago and the 2019 Global Cyber Risk Perception Survey (PDF) from Marsh and Microsoft does not disappoint.…

~~~WaRNiG!! Ur PC has THe Da Vinci m4Lw4rez!! CaLL 1-555-NOSCAM 2 f!x it~~~

Two Americans used bogus virus-infection alerts to bilk $10m out of PC owners, it is alleged.…

Patch now before miscreants sail off with your apps, data

Video  IT departments using the Harbor container registry will want to update the software ASAP, following Thursday's disclosure of a bug that can be exploited by users to gain administrator privileges.…

Shareholders NotHappy stock offloaded in NotPetya aftermath

FedEx execs not only hid the impact of the NotPetya ransomware on their business but personally profited by selling off tens of millions of dollars of their own shares before the truth came out, a lawsuit filed by the delivery business’ own shareholders claims.…

Add in Brexit outsourcing mess and it's plain to see why young international scholars get duped

Scammers are exploiting Chinese students' Brexit fears by targeting them with phishing emails claiming their visas could be revoked, threat intel researchers say.…

Two-seat jet crashed in France

A Belgian F-16 fighter jet pilot has been rescued from a power line after getting into difficulties and ejecting from his stricken aircraft.…