News

Pentests, audits, and RAM-only servers part of lockdown plan

2019 has been a bad year for NordVPN on the security front.…

Well, their version of it won't, they claim

Chrome devs have had a little rant about "misinformation", repeating that DNS-over-HTTPS (DoH) will be supported but won't necessarily be automatically used in upcoming builds of the browser.…

Speculative execution bugs will be with us for a very long time

Linux kernel dev Greg Kroah-Hartman reckons Intel Simultaneous Multithreading (SMT) - also known as hyper-threading - should be disabled for security due to MDS (Microarchitectural Data Sampling) bugs.…

ZTE also on hit list

Ajit Pai, chairman of the US Federal Communications Commission (FCC), has devised a two-part scheme to erase Chinese hardware from American telecoms networks.…

Probing contraband mobes to reduce prison crimes

The UK Ministry of Justice is setting up a digital forensics lab to probe mobile phones seized from prisoners.…

Now why would Russian hackers want to compromise anti-doping agencies?

The Russian hacking crew known as Fancy Bear is thought to be actively targeting anti-doping sports agencies.…

Hayi wena! Jozi officials claim they'll have 80% of systems back online as deadline expires

Several hours past the payment deadline, Johannesburg has vowed not to give in to criminal hackers who demanded £29,000 (4 bitcoins) not to publish its data, four days after the South African city shut down its public sector networks in response to the breach.…

And we invite you to grab your easel and brush

A competition to produce stock pictures of infosec that does not involve hoodies or waterfalls of 0s and 1s has yielded a mixed bag of images to illustrate the industry's digital doings for the world's consumption.…

Plus, Kaspersky opens doors on its intelligence portal

Here's your Reg roundup of security news beyond all the bits and bytes we've already covered.…

Info on millions of accounts just out sitting there in the open

Adobe has pulled offline a public-facing poorly secured Elasticsearch database containing information on 7.5 million Creative Cloud customers.…

We really needed to take a look before you published

The US government has gone back to court in a bid to get a summary judgement against whistleblower Edward Snowden and Macmillan – the publisher of his memoir, Permanent Record.…

Dev may not have known code was being used for scam traffic

The iOS App Store is 18 applications lighter today after the software was caught harboring malware that secretly clicked on ads, signed up punters for premium services, or deliberately overloaded websites.…

Detailed info wound up in quarantine

Just one of Britain's 43 police forces treats online crime as a priority – while the Action Fraud organisation managed to withhold 9,000 so-called cyber-crime reports from cops thanks to badly configured antivirus on its reporting portal, according to a government watchdog.…

You'll have to tag those for cross-site use from February

Google is asking developers to get ready for more secure cookie settings to be implemented in Chrome 80 that is planned for release in February 2020.…

Censor-dodging news for those sat in ban-happy countries

The BBC has launched a .onion version of its news website on the Tor anonymising network aimed at readers based in countries that ban its services.…

Director's account hijacked in what biz believes to be an attempted ransomware attack

GP online services app Evergreen Life has been the target of a cyber-attack attempting to access the firm's corporate email accounts.…

Who wants to stop Russians from hacking Americans' votes? Not us, thank you

The US Senate on Wednesday blocked a trio of law bills that aimed to make America's elections more secure and transparent.…

National Cyber Security Centre handled 658 incidents last year

The UK's National Cyber Security Centre (NCSC) has said in its annual review (here) that Russia, China, Iran and North Korea "continue to pose strategic national security threats to the UK".…

We sat through this 90-minute committee hearing so you didn't have to

Vid  The US House Committee on Homeland Security grilled a panel of experts to understand how foreign adversaries could weaponise emerging technologies like AI and quantum computing in cybersecurity.…

Details of military personnel and trips leak online from poorly secured AWS service

A security team for review site vpnMentor, led by Israeli researchers Noam Rotem and Ran Locar, recently found a publicly accessible AWS-hosted database owned by Autoclerk, a reservation system recently acquired by Best Western Hotels and Resorts Group.…