News

Tech exec challenges startup over default tracking

Superhuman, an email startup betting people who deal with a lot of messages will pay $30 a month for a more organized inbox, has come under fire for not providing privacy by default.…

Border cops accused of loading tourists' mobiles up with snoop app in Muslim area

Authorities in a tumultuous region of China are ordering tourists and other visitors to install spyware on their smartphones, it is claimed.…

Patch, punch, it's the first of the month

Google today posted a fresh round of Android security fixes.…

Miscreants grabbed sensitive footage belonging to officers in Miami, elsewhere, it is feared

In yet another example of absent security controls, an infosec biz claims it found a trove of sensitive law enforcement data open to public view – specifically, archives of cop body cam footage.…

Postal package triggered test equipment, buildings evacuated, no one exposed

Staff were evacuated today at Facebook's Silicon Valley headquarters after a package believed to contain the chemical weapon sarin was delivered to the antisocial network.…

Says bye to Big Blue

Infosec veteran Bruce Schneier has said he'll step down as a "special advisor" to IBM's security business to, in part, focus his time on teaching the next generation of security pros.…

Can we get a translator in here?

President Donald Trump said he plans to revoke the ban, or, er, grant some licences to American companies supplying components and services to Chinese telecoms giant Huawei.…

We'll be over there bashing our head on the wall while you read this

Roundup  As June turns over to July, here are some additional bits of security news besides our regular infosec coverage.…

Podcast series tackles hot topics from phishing and privacy to cloud services

Promo  Get up to speed with everything you need to know about keeping yourself and your business safe on the web, social media, and the cloud, without having to leave your desk, during the Sophos Security SOS Week from 8-12 July.…

Not a particularly sweet ending to the week

Health implant maker MedTronic is recalling some of its insulin pumps following the discovery of security vulnerabilities in the equipment that can be exploited over the air to hijack them.…

But just imagine Stuxnet: Consumer Edition

Comment  Iran claims that recent surges in electricity demand, leading to blackouts and brownouts, were caused by too many cryptocurrency miners’ power-hungry machines being hooked up to the national grid – though all may not be as it seems.…

... Are ... are we the baddies?

Hackers from the Five Eyes intelligence agencies have been accused of breaking into systems at Yandex, dubbed Russia's Google.…

Windows giant cheered on by Linux Foundation as it seeks membership of private security-focused message board

Microsoft's transformation into a fully paid-up member of the Linux love-train continued this week as the Windows giant sought to join the exclusive club that is the official linux-distros mailing list.…

Paul Wiles: 'Clear and publicly accepted rules' needed for common data platform

The Ministry of Defence has been searching the police national fingerprint database without a “clearly defined lawful basis,” the UK's biometrics commissioner has said.…

Not-quite-Iranian file-wiping malware emerges as Tehran blamed for rise in cyber-attacks

Not content to be the focus of the geopolitical news cycle, Iran now also finds itself in the middle of two major developments in the security world.…

Oh no Xi didn't! Fresh details emerge on mega-hack

Fresh details have emerged revealing just how deeply Chinese government hackers plundered HPE, IBM, DXC, Fujitsu, Tata, and others, stealing corporate secrets and rifling through their customers' networks.…

Too much data slurped in October, months after snoops vowed not to do that

Analysis  The NSA illegally gathered a trove of American citizens' phone and text message records just four months after it promised it had taken steps to literally not do that again.…

SEV code cracked to leak secret keys

Microchip slinger AMD has issued a firmware patch to fix the encryption in its Secure Encrypted Virtualization technology (SEV), used to defend the memory of Linux KVM virtual machines running on its Epyc processors.…

5 men, 1 woman nabbed

European cops have cuffed six people for typosquatting – in this case spoofing a well known cryptocurrency exchange – and allegedly making off with €24m worth of Bitcoin tokens.…

Thanks in large part to a counter-phishing product. Doh!

The criminals behind the Wipro phishing attack from earlier this year also targeted Western Union, Expedia, Rackspace and a whole host of other big companies, according to threat intel outfit RiskIQ.…