News

Register readers tell of the moment online fashion souk started leaking strangers' details at random

"At the moment some stranger is in her account as they keep adding things to her basket and she keeps taking them out."…

So much for NZ as the last refuge of civilisation

New Zealand’s stock exchange (NZX) has closed for a third day thanks to a distributed denial-of-service (DDoS) attack.…

Russian charged with trying to bung staffer cash to infect own bosses' network during DDoS distraction

A Russian citizen is accused of flying to America to bribe a Nevada company employee to infect their bosses' IT network with malware.…

Speaking purely hypothetically, of course

Pawel Wylecial, a security consultant with Redteam.pl, has published a proof-of-concept exploit for stealing files from iOS and macOS devices via web application code that utilizes the Web Share API.…

Attackers aimed to steal pics, vids, and compressed files

A hacker crew targeted a luxury estate agency involved in multimillion-pound property deals by deploying malicious plugins for 3D design software Autodesk 3ds Max as part of a potential hacks-for-hire operation.…

Officials are better prepared for meddling – so attackers have had to rely on mental games

With the United States set to undertake its first Presidential election since the Russian-tinged 2016 race, state governments and social networks are upping their game.…

University of London researchers poked around in 'secure' messaging platform, but didn't like what they found

An instant messaging app whose creators promoted it as secure and end-to-end encrypted was in fact no such thing, according to researchers at Royal Holloway.…

Before you go all Colonel Blimp, remember it's budget-setting season

The British Army is looking at ditching its tank regiments and spending the money on keyboard warriors instead, according to reports.…

Click here to enable your rights... ha, GOTCHA!

Infosec biz F-Secure has uncovered a North Korean phishing campaign that targeted a sysadmin with a fake Linkedin job advert using a General Data Protection Regulation (GDPR) themed lure.…

Whereas in America spy chiefs retire on full pensions, hit the chat show circuit

Denmark’s top foreign intelligence chief has been suspended for spying on Danish citizens illegally for up to six years after a whistleblower released a trove of documents to government regulators.…

Meanwhile, Gmail finally deals with a 'confused mailman' problem

In brief  It has not been a good week for major Canadian shipping company Canpar Express.…

Plans 35 job losses and even a reduction in IT spend

The Bletchley Park Trust, the host of Britain’s National Museum of Computing and the site of critical feats of wartime code-cracking, has hit financial strife and expects to lay off around a third of its staff.…

'After careful consideration' uni decided to pay up using its insurance policy

The University of Utah has admitted to handing over a six-figure pile of cash to scumbags to undo a ransomware infection during which student and staff information was stolen by hackers.…

Plus: Sources showed us some of what was in that Dropbox leak

British infosec accreditation body CREST has appointed an ex-police officer to investigate the NCC Group exam cheat-sheet scandal as its chairman temporarily steps aside.…

Lack of protections around trace facility gives local users read and write access

A bug-hunter has uncovered a vulnerability in IBM's popular enterprise database which, if left unpatched, could allow a local user to access data and kick off a denial-of-service attack.…

On the other hand, security of cloud-controlled locks 'quite horrifying' say 'cyber-physical' engineers

A computer scientist at the National University of Singapore claims to have demonstrated how recording the sound of a lock turning can be sufficient to make working replica keys.…

Say it ain't Joe?

As Uber's chief security officer, Joe Sullivan broke the law as he bribed hackers with hush money after they stole millions of people's details from company databases, prosecutors say.…

Credit giant admits to handing over info after 'fraudulent data enquiry'

Credit reference agency Experian has suffered what it somewhat understatedly described as a "data breach" after the firm itself transferred the details of 24 million South Africans to one individual.…

I get knocked down, but I get up again... eventually

A UK cloud-based warehouse management software provider was struck by ransomware earlier this week.…

IBM's X-Force Red X-reveals X-flaw in Thales X-wireless X-module X-thing

A vulnerability in Thales' Cinterion EHS8 M2M module, a Java-powered embedded 3G system used in millions of Internet-of-Things devices for connectivity, was revealed yesterday by IBM's X-Force Red.…