News

Eight DDoS attacks targeted networks, virtual classrooms, say officials

A teenager in America has apparently admitted knocking virtual learning classes offline with a string of distributed denial-of-service (DDoS) attacks.…

Sites with WP File Manager should update ASAP – exploits in the wild

A critical vulnerability in a popular WordPress plugin called WP File Manager was spotted on Tuesday and was quickly patched by the plugin's developers.…

Snowden, privacy campaigners cheer ruling 7 years in the making

The United States Court of Appeals for the Ninth Circuit has ruled [PDF] that the National Security Agency's phone-call slurping was indeed naughty, seven years after former contractor Edward Snowden blew the whistle on the tawdry affair.…

Great – and who will be the first responders?

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday ordered US federal agencies outside the defense and intelligence communities to develop a working vulnerability disclosure policy.…

APT phishing crew had COVID-themed fling with the west during height of pandemic, claim researchers

Malware pathologists have noted a return to "business as usual" as groups associated with Chinese state interests turned their attentions back to Tibetan matters after a European dalliance earlier this year.…

Transaction 'disturbed the order of the capital market', claim Seoul prosecutors

South Korea has indicted Samsung Group vice chairman Lee Jae-yong over his role in a 2015 merger that made him heir apparent to the multinational's empire.…

That's certainly one way to get around COVID-19 travel restrictions

A British citizen has been extradited to the US to face charges he oversaw a series of business email compromise attacks to steal over $2m from unwary accounts departments and individuals.…

Chat app chaps, Electron security, Microsoft Teams under fire

A critical remote-code-execution vulnerability affecting past versions of the Slack desktop app was disclosed on Friday after the software maker fixed its app.…

Wait! What? Aaah ... legacy systems strike again, but won't get another bite

Microsoft has published a new security baseline for Microsoft Edge and one of the new rules is titled “Allow certificates signed using SHA-1 when issued by local trust anchors.”…

Perl clutching time again

Stop us if you've heard this one before: a remote-code execution vulnerability needs patching in Pulse Secure VPNs.…

A quick lesson in how not to deploy Sharepoint as a 'my account' file retrieval system

Southern Water - British supplier of the liquid of life - botched its internal Sharepoint implementation so badly that a customer was able to view other people’s account details.…

...read the article, of course

North Korean government hackers dubbed the BeagleBoyz are trying to electronically rob banks, the United States warned this week.…

Register readers tell of the moment online fashion souk started leaking strangers' details at random

"At the moment some stranger is in her account as they keep adding things to her basket and she keeps taking them out."…

So much for NZ as the last refuge of civilisation

New Zealand’s stock exchange (NZX) has closed for a third day thanks to a distributed denial-of-service (DDoS) attack.…

Russian charged with trying to bung staffer cash to infect own bosses' network during DDoS distraction

A Russian citizen is accused of flying to America to bribe a Nevada company employee to infect their bosses' IT network with malware.…

Speaking purely hypothetically, of course

Pawel Wylecial, a security consultant with Redteam.pl, has published a proof-of-concept exploit for stealing files from iOS and macOS devices via web application code that utilizes the Web Share API.…

Attackers aimed to steal pics, vids, and compressed files

A hacker crew targeted a luxury estate agency involved in multimillion-pound property deals by deploying malicious plugins for 3D design software Autodesk 3ds Max as part of a potential hacks-for-hire operation.…

Officials are better prepared for meddling – so attackers have had to rely on mental games

With the United States set to undertake its first Presidential election since the Russian-tinged 2016 race, state governments and social networks are upping their game.…

University of London researchers poked around in 'secure' messaging platform, but didn't like what they found

An instant messaging app whose creators promoted it as secure and end-to-end encrypted was in fact no such thing, according to researchers at Royal Holloway.…

Before you go all Colonel Blimp, remember it's budget-setting season

The British Army is looking at ditching its tank regiments and spending the money on keyboard warriors instead, according to reports.…