News

Resistance to DNS-over-HTTPS deserves investigation into info-gobbling habits

Mozilla has asked American politicians to probe the data-collecting policies of US broadband giants, claiming the ISPs made false statements to derail DNS-over-HTTPS so that they can continue to snoop on subscribers' internet activities.…

How a close-knit hero-worshiping culture can make reporting abusers difficult – and how help is at hand

Cassie was studying for the computer security industry qualification CISSP when the harassment started.…

Has collective amnesia about stance on end-to-end encryption

The British government wants your bright ideas for improving the nation's cybersecurity because it wants to "understand the apparent lack of strong commercial rationale for investment" in locking down your shizz.…

Including Spanish camgirl sites spill info, domain registrars hacked

Roundup  Let's check out some of the more recent security happenings beyond what we've already covered.…

Disposable furniture flogger seeks data wranglers

Scandi furniture emporium Ikea is seeking privacy specialists to join its office in Malmö, Sweden.…

UK.gov handout scrutinised due to boss's friendship with PM

A £100,000 government grant to Jennifer Arcuri's infosec training business, Hacker House, has been flagged as "appropriate" following an investigation.…

Two countries separated by a common language

The US Air Force (USAF) has declared it is awarding a contract to Raytheon thanks to its pressing need for "full ARSE compatibility", including Windows 10 support, with equipment designed for maintaining fighter jet missiles.…

From incident response and forensics to disassemblers and debuggers, it's all covered

Promo  No matter how thorough your security preparations, chances are that hidden threats already lurk inside your organisation's networks. Even the most advanced security and monitoring tools can’t be solely relied upon on to keep persistent adversaries out of your systems.…

Bogus charges being racked up by Android tool

Malicious code slipped into a popular Android keyboard app racked up millions of dollars in fraudulent charges for unlucky punters.…

Crook exploited security hole, went on spending spree with punter's bank account

A fraudster exploited a bizarre weakness in Amazon's handling of customer devices to hijack a netizen's account and go on multiple spending spree with their bank cards, we're told.…

What do you expect from Mister 'Truth isn't truth'?

The month after Rudy Giuliani was named the US president’s cybersecurity adviser, the former mayor of New York queued up outside an Apple Store in San Francisco to get staff to reset his iPhone because he couldn’t remember the passcode.…

Let's all have a code audi- oh, wait, they did that already

Encrypted email biz ProtonMail has open-sourced the code for its iOS app, having paid for a code audit that says there's nothing wrong with it.…

Our old friend the Investigatory Powers Act says so

A radio ham has been caught eavesdropping on NHS medics' pager messages, translating the signals into text while broadcasting them on the internet via an unencrypted webcam stream – possibly committing a crime in the process.…

Local regulator says it hasn't approved scheme. Meanwhile, Spain up to similar tricks

The Belgian city of Kortrijk in West Flanders is reportedly using data provided by a mobile phone company to count the number of people present in the town and where they come from.…

Scumbags admit extorting $100k from taxi app biz

Two men have confessed they siphoned confidential information from poorly secured databases hosted in the Amazon cloud, and then demanded payment to delete their copies of the data.…

Go Zuck yourself, fam

Facebook, Instagram, and WhatsApp are today busy deleting the personal profiles of employees at NSO Group amid an ongoing legal battle.…

RCEs and all sorts of other vulns plugged, so get installing

Apple has released patches for the hated macOS Catalina – but not to fix the operating system's UI failures. These are security updates also affecting iOS and Apple Watches, and include one that prevents a remote attacker from executing code on your iThings.…

ExplicitKeyTrustEvaluator... True, false? Who cares, just accept it anyway

Security flaws have been found in the European Union's electronic identity system that could have been exploited by miscreants to impersonate member states' citizens online.…

Please don't forget to HONK deserialize your data safely HONK

Fans of Untitled Goose Game should update their copy of the indie smash-hit following the discovery of a bug that can lead to malicious save files hijacking players' systems.…

1,400 folks, including human-rights bods, unlawfully spied on it is claimed

Updated  Facebook and its WhatsApp subsidiary on Tuesday sued NSO Group alleging the Israel-based spyware maker unlawfully hacked smartphones using a vulnerability in the popular chat app.…