News

Uncle Sam sounds alarm after Windows CE SMB left wide open on hospital equipment

Two security vulnerabilities in medical workstations can exploited by scumbags to hijack the devices and connected infusion pumps, potentially causing harm to patients, the US government revealed today.…

That Guns N' Roses album* might be out soon... or not

Chat app Telegram has reportedly been DDoS'd, with its downtime coinciding with protests in Hong Kong against repressive new Chinese laws.…

Immerse yourself in forensic training with autumn

Promo  If you work in digital forensics or incident response and would like to advance to a higher level, the annual Digital Forensics and Incident Response (DFIR) event staged by security training company SANS is a must.…

Sajid Javid inks court papers for hearing tomorrow

UK Home Secretary Sajid Javid revealed this morning that he has signed papers to have Julian Assange extradited to the US.…

Welcome to Vim Sh*tty 2000

Proof-of-concept text files are now available that, when opened in a vulnerable installation of the Vim and Neovim text and code editors, will execute commands on the underlying machine, or even open a backdoor.…

Kaspersky fingers pro-G filters for letting cyber-muck through

Spammers are abusing the preferential treatment Google affords its own apps to score free passes through Gmail's spam filters, it was claimed this week.…

Boffins blast boards to boost bits

Bit boffins from Australia, Austria, and the US have expanded upon the Rowhammer memory attack technique to create more dangerous variation called RAMBleed that can expose confidential system memory.…

And Google drops a zero-day on Windows after deadline miss

Patch Tuesday  Microsoft, Adobe, Intel, and SAP have all emitted their latest Patch Tuesday batch of security fixes. Users and admins are encouraged to test and install the updates as soon as humanly possible.…

'Time to grow up,' says geek behind breach database

Troy Hunt, inventor and operator of the popular security website Have I Been Pwned (HIBP), is putting the service up for sale.…

And using browser privacy extensions may just make matters worse

Boffins from Graz University of Technology in Austria have devised an automated system for browser profiling using two new side channel attacks that can help expose information about software and hardware to fingerprint browsers and improve the effectiveness of exploits.…

That story we broke in May? It is still true – and perhaps even worse than first thought

The US Customs and Border Patrol today said hackers broke into one of its bungling technology subcontractors – and made off with images of people and their vehicle license plates as they passed through America's land border.…

Wondering why your inbox was so clear? Bad news…

Symantec is working to restore its Email Security.cloud service following a major slowdown that has lasted throughout the US morning and into the afternoon.…

Welsh scumbag sent down after trying to blackmail Brit ISP's then-CEO

A Welsh man who hacked British ISP TalkTalk in 2015 and siphoned off subscribers' personal data has been sent down for four years.…

Plus, Citrix catches sueball after employee data hacked

Roundup  It wasn't just fake CIA agents, database mega-hacks and Bing flings in the security world last week. Here are a few tidbits beyond what you've read in El Reg, among them a seven-day vuln and the scummy BlackSquid.…

It isn't only birds that like nesting

Who, Me?  Ah, the sweet, sweet smell of Monday. What better way to start your week than combining it with the latest confession of wrongdoing from The Register readership in the form of our weekly Who, Me? column.…

Kaspersky warns of fake 'dirty agent' scam circulating

Fraudsters are posing as CIA investigators gone rogue in emails to marks, offering to take bribes to drop bogus investigations into the recipients and claims of online pedophilia, according to Kaspersky.…

Scam warning slipped into Blighty's favourite greasefest

Today is National Fish and Chip* Day, and tech giant Microsoft has wasted no time wading in with the police to school the UK about phishing scams.…

A rinky tinky tinky

What a wild ride, eh Komodo?

Blockchain biz Komodo this week said it had used a vulnerability discovered by JavaScript package biz NPM to take control of some older Agama cryptocurrency wallets to prevent hackers from doing the same.…

Quest gets the dreaded sternly worded letter from Washington DC

As healthcare companies come forward to confirm hackers would have been able to access millions of patients' personal information from a compromised American Medical Collections Agency (AMCA) database, US senators are demanding answers.…