News

Also: Cisco and Apple push out patches

It is time once again for El Reg's weekly security roundup. Here's a look at a few of the more interesting stories making the rounds over the past seven days.…

That's Systems Operating Centre to you. Chuffed with that, says Royal Signals brigadier

The British Army has raised a new regiment that will take charge of its in-house security operations centre, a move calculated to make cyber defence a more mainstream part of all things armed and camouflaged.…

Publishing platforms, hosts being targeted by Stealthworker malware

Servers are being targeted with a malware attack that uses its infected hosts to brute-force other machines.…

Questions linger over involvement of biz linked to Dominic Cummings and Vote Leave campaign

UK government has published the contracts it holds with private tech firms and the NHS for the creation of a COVID-19 data store, just days after campaigners fired legal shots over a lack of transparency.…

Blur tool brings privacy protection to images, in these troubled times

Amid nationwide protests over the death of George Floyd, secure comms biz Signal has deployed a blur tool in its messaging and calling app to allow users to obscure faces in app-captured snapshots.…

Utility creator claims OTT security hoops are harmful to indie devs

A developer of a Windows utility has protested that "Microsoft Defender SmartScreen is hurting independent developers" because of the number of warnings and obstacles placed in front of users who download installers that are not signed or sufficiently well known.…

Leaving more room for false ads bought by local politicians, which it still allows

Facebook will hide ads bought by state-owned media outlets from its US-based users, as part of its plan “to provide an extra layer of protection against various types of foreign influence in the public debate ahead of the November 2020 election in the US.”…

Security firm's swallowing may leave many staff out in the cold

VMware is acquiring antimalware company Lastline to boost its network security offerings.…

That's one way of making people check for updates

A hapless IT bod found the Have I Been Pwned service (HIBP) answering its own question in a way he really didn’t want – after a breach report including a SQL string KO’d his company’s helpdesk ticket system.…

'Government is moving too fast, and breaking things as a result'

Open Rights Group has instructed lawyers to lodge a complaint with the UK's data watchdog over the rollout of the Test and Trace system because it says the system breaches the General Data Protection Regulation (GDPR).…

Firm denies shutdown of marketing organ but heads may well roll

Exclusive  Sophos has placed 100 staff at risk of redundancy and is said to be shutting down its Naked Security blog, sources have told The Register - although the private equity-owned biz denied this.…

'Serious threats' and references to family violence as payment descriptors turned into virtual messaging service

Creeps in Australia have given away money in order to harass people with abusive transaction descriptions that appear in online banking records.…

The Intel vPro platform aims to give businesses what they need to thrive

Sponsored  Every company these days seems to be undergoing some element of digital transformation. A phrase that has taken on a variety of meanings, but all entail more work for the IT department.…

Plus: Zoom fixes code-execution security bugs

Mozilla has emitted security updates for Firefox to address eight CVE-listed security flaws, five of them considered to be high-risk vulnerabilities.…

Electrolux, construction biz fooled into handing over money funneled out of the US to South Africa

A fraudster has admitted he tricked two suppliers into paying him more than $500,000 by impersonating staff at a subcontractor and a retail outlet via email.…

You've not heard this one before but it does sound familiar

Google has been sued for billions of dollars in a proposed class action alleging the adtech company identified and tracked users who adopted its browser's incognito mode to avoid such tracking.…

All the old lines are getting pretty darn blurred, say security experts at Euro online confab

Infosec Europe  Does your IT security model take into account things like pacemakers? According to Dr Victoria Baines, speaking at Infosec Europe, "we also perhaps neglect the idea that critical infrastructure might be inside people" as well as merely carried in their pockets.…

Latest Tor Browser iteration makes the dark web a bit more memorable

The Tor Project this week rolled out an update to its browser that attempts to make the anonymity-protecting onion routing scheme more approachable.…

Firm told customers they'd got a new Gmail address

A Brit public sector-owned office supplies company shrugged off a ransomware demand for 102 Bitcoins after a staffer opened a phishing email.…

AWS engineers given a dressing-down after proposing fix for 'paranoid' tasks

Linus Torvalds has removed a patch in the next release of the Linux kernel intended to provide additional opt-in mitigation of attacks against the L1 data (L1D) CPU cache.…