News

Kill this service immediately

An infosec firm accidentally published proof-of-concept code for a critical Windows print spooler remote code execution vuln that could lead to compromise of Active Directory domain controllers.…

Now banned from using Tor or VPNs – and 'vanity' handles on social media

A British script kiddie who DDoS'd a Labour Party parliamentary candidate's website in the runup to the last general election has been banned from using the Tor browser.…

Christian org becomes latest victim of latter-day IT scourge

Exclusive  Criminals infected the Salvation Army in the UK with ransomware and siphoned the organisation's data, The Register has learned.…

Global median score jumped by ten per cent in two years — and just as well

The United Nations International Telecommunication Union (ITU) published its 2020 Global Cyber Security Index on Tuesday, and listed the US first in overall ranking, followed by a tie for second place tie between the UK and Saudi Arabia.…

Admins tend to forget that subdomains don’t inherit security controls, leaving the likes of CNN, Harvard, Cisco, and US health authorities with vulnerabilities

Abandoned or ignored subdomains often include overlooked vulnerabilities that leave organisations open to attack, according to a team of infosec researchers from the Vienna University of Technology and the Ca’ Foscari University of Venice. The team’s work will be presented at the 30th USENIX Security Symposium this August.…

An Ocean's 11 of exploitation involving guessable random numbers and hostname shenanigans

Google Compute Engine virtual machines can be hijacked and made to hand over root shell access via a cunning DHCP attack, according to security researcher Imre Rad.…

Impressive, but it's still no Apple

Samsung today committed to provide its enterprise-edition flagships with half a decade's worth of security updates.…

Plus: 10nm Sapphire Rapids Xeon chips delayed to Q1 2022

Intel has officially sounded the death knell for Transactional Synchronisation Extensions (TSX) on a selection of processors from Skylake to Coffee Lake – a security-enhancing move which will have an oversized performance impact on certain workloads.…

No indication any of it went on preventing theft of CCTV footage, though, eh Matt?

The Cabinet Office spaffed almost £300,000 on cybersecurity-related training for its staff in the last year – an eye-popping increase of almost 500 per cent on the year before.…

But Brits can seemingly keep using the website

The UK's financial watchdog has fired a warning shot across the bow of Binance, and ordered it to place a notice on binance.com scaring off Brit crypto fans.…

UK, Australia, Russia ranked in second tier. North Korea and Iran are a step down but feisty

The United States is comfortably the world’s most powerful nation when measured on “cyber capabilities that make the greatest difference to national power,” according to British think tank The International Institute for Strategic Studies.…