News
FireEye sold to McAfee's new owners for $1.2bn as Mandiant split into standalone firm again
FireEye has been sold for $1.2bn to the same American private equity fund that bought McAfee’s enterprise security business, severing it from infosec stablemate Mandiant.…
European Parliament's data adequacy objection: Doubts cast on UK's commitment to data protection
Comment Almost two weeks ago, the European Parliament took the step of objecting to the Commission decisions to grant the UK data adequacy.…
Antivirus that mines Ethereum sounds a bit wrong, right? Norton has started selling it
NortonLifeLock, the company that offers the consumer products Broadcom didn’t want when it bought Symantec, has started to offer Ethereum mining as a feature of its Norton 360 security suite.…
Deadline draws near to avoid auto-joining Amazon's mesh network Sidewalk
Owners of Amazon Echo assistants and Ring doorbells have until June 8 to avoid automatically opting into Sidewalk, the internet giant's mesh network that taps into people's broadband and may prove to be a privacy nightmare.…
Ahem, Huawei, your USB LTE stick has a vuln. I SAID AHEM, Huawei, are you listening?
Huawei has belatedly fixed a mild vulnerability in a USB connectivity dongle spotted by Trustwave after The Register intervened.…
JBS Foods ransomware gang: White House 'engaging directly' with Russia about attack on massive meat producer
Australian police are investigating a ransomware attack at the facilities of JBS Foods — one of the largest producers of meat in the world – as the White House fingers Russia-based cybercriminals.…
UK Special Forces soldiers' personal data was floating around WhatsApp in a leaked Army spreadsheet
Exclusive An astonishing data security blunder saw the personal data of Special Forces soldiers circulating around WhatsApp in a leaked British Army spreadsheet.…
OpenPGP library RNP updates after Thunderbird decrypt-no-recrypt bug squashed
OpenPGP project RNP has patched its flagship product after Mozilla Thunderbird, a major user, was found to be saving users’ private keys in plain text.…
Feds seize two domains used by SolarWinds intruders for malware spear-phishing op
Uncle Sam on Tuesday said it had seized two web domains used to foist malware on victims using spoofed emails from the US Agency for International Development (USAID).…
There's a lesson here for us all: A third of healthcare orgs in Sophos survey 'hit with ransomware in 2020'
Promo The thought of ransomware gripping the corporate systems we manage is enough to give any of us sleepless nights. The thought of a ransomware attack crippling the healthcare infrastructure all of us rely on is terrifying.…
Remember those wacky cyberpunk costumes in <i>Hackers</i>? They're on display in London this week
Fans of 'cyber' flick Hackers can amuse themselves by visiting an exhibition of the characters’ costumes in London – but time is running short if you want to catch a glimpse of Angelina Jolie’s bizarre getups.…
Increase confidence in public cloud security: Integrate Intel SGX, says G-Core Labs Cloud
Sponsored Cloud infrastructure has many advantages over a corporate server. It’s easier to set it up and to get access to almost any resources in a matter of minutes, and you only pay for the capacity used. However, businesses are often concerned about how secure cloud solutions are.…
Have I Been Pwned goes open source, bags help from FBI
In brief The creator of the Have I Been Pwned (HIBP) website, which alerts you if it turns out your credentials have been swiped and leaked from an account database, has open sourced the project's internals.…
Online flashcard sites spill security details of US nuclear weapon bunkers since 2013
Details of some US nuclear missile bunkers in Europe, which contain live warheads, along with secret codewords used by guards to signal that they’re being threatened by enemies, were exposed for nearly a decade through online flashcards used for education, but which were left publicly available.…
Russian gang behind SolarWinds hack returns with phishing attack disguised as mail from US aid agency
Nobelium, the Russia-aligned gang identified as the perpetrators of the supply chain attack on SolarWinds' Orion software, has struck again, Microsoft vice president Tom Burt in a blogpost Thursday.…
Hong Kong recorded phishing surge in 2020 as scum sought to cash in on viral worries
Criminals tried to exploit Hong Kong residents' COVID-related anxiety, according to new security data released yesterday by the Special Administrative Region's secretary for innovation and technology Alfred Sit.…
Fujitsu pulls ProjectWEB tool offline after apparent supply chain attack sees Japanese infosec agency data stolen
A Fujitsu project management suite is causing red faces at the Japanese company’s HQ after “unauthorised access” resulted in data being stolen from government agencies, local reports say.…
Unfixable Apple M1 chip bug enables cross-process chatter, breaking OS security model
Apple's Arm-based M1 chip, much ballyhooed for its performance, contains a design flaw that can be exploited to allow different processes to communicate with one another, in violation of operating system security principles.…
What to do about open source vulnerabilities? Move fast, says Linux Foundation expert
QCon Plus Automated testing and rapid deployment are critical to defending against vulnerabilities in open source software, said David Wheeler, director of Open Source Supply Chain Security at the Linux Foundation.…
Computer Misuse Act: Tell the Home Office infosec needs a public interest defence in law, says CyberUp campaign
Businesses operating in the word of infosec have been urged to write to the Home Office and support a public interest defence being added to the Computer Misuse Act.…
Pages
