News

Including: Tesla and a town hit hard by spear-phish bridge scammers

Roundup  Welcome to the New Year: here are some security headlines that may have slipped past you during the gorging season.…

And now he faces up to 20 years in the slammer

A now-former senior IT exec has admitted conning his employer out of $6m – by setting up a fake tech services biz that billed his bosses for bogus services.…

Data Center Network Manager bugapalooza with three must-fix flaws

Cisco is kicking off 2020 with the release of a crop of patches for its Data Center Network Manager.…

Yorkshire and Clydesdale latest to join ongoing game of TITSUP*manship

Updated  It appears the UK banking system is playing a fiscal game of Top Trumps as both Yorkshire and Clydesdale Bank followed yesterday's example set by Lloyds by not processing payments into customer accounts.…

Redditor finds security camera capturing stills from strangers' cribs

Google has plonked Xiaomi on the naughty step, blocking the Chinese tech conglomerate's devices from its Nest Hub and Assistant, it has confirmed.…

Systems still toast since NYE compromise, manual processing only

Foreign currency mega-exchange Travelex said on Thursday it was forced offline by a "software virus" infection, bring down a number of currency-exchange websites with it.…

Cupertino says its software is being ripped off, virty cloud biz says jailbreaks are under attack

Corellium and Apple are once again trading allegations in a legal brouhaha over the former's virtual-iPhones-as-a-service operation.…

Dash 8? More like dash for the maintenance hangar

A small Alaskan airline has suffered a curiously specific "cyber attack" that mostly affected its De Havilland Dash 8 airliners.…

Guess they'll have to attract new recruits on the 'Gram

TikTok is one of the fastest growing social apps, with more than 1.5 billion downloads. However, its Chinese origins have caused controversy in the US, leading some lawmakers to declare it a threat to national security. And now the US Army has banned soldiers from downloading the app on government-issued phones.…

With great power comes great irresponsibility

Friday is upon us, and with it another On Call story from those poor souls who have to answer the phone when everything goes wrong. Not all heroes wear capes and, as we'll see, remember to ward their Linux servers from an enthusiastic boss.…

Community service for 'Turkish Crime Family' wannabe big dog

A 22-year-old Londoner has been given 300 hours of community service and a State-enforced bedtime after trying to blackmail Apple with hundreds of millions of previously compromised login credentials.…

A gentle guide to enclaves and trusted execution environments

Sponsored  Data and code are the lifeblood of digital organisations, and increasingly these are shared with others in order to achieve specific business goals. As such, data and code must be protected no matter where the workloads run, be they in on-premises data centers, remote cloud servers, or edge-of-the-network.…

Unauthorised users able to perform 'arbitrary code execution'

A critical vulnerability found in Citrix Application Delivery Controller and Citrix Gateway (formerly known as Netscaler ADC and Netscaler Gateway) means businesses with apps published using these technologies may be exposing their internal network to unauthorised access.…

Yes, people of UAE. That free govt-approved VoIP app that replaced all the banned encrypted chat apps

A popular UAE messaging app has been reportedly used by the country's government to spy on its population. This app, called ToTok, passed all the usual Google Play and Apple App Store checks. Huawei even promoted it via social media.…

Half a million docs, including patient names and medical records left at back of premises

A pharmacy that left around half a million documents, including customers' personal information and medical data, in unlocked storage at the back of its premises, has been fined £275,000 - a financial penalty the ICO has issued under the General Data Protection Regulation.…

Including: Nasty Mac malware and gas-pump infections

Roundup  Here's a catch-up of security news beyond everything else we've covered.…

They're not 'immune', they just have the 'power' to not be punished

It’s perfectly legal for British spies to break the law, Britain’s secretive spy court has ruled – making a mockery of other laws intended to keep eavesdropping agencies and others under effective control.…

Take a break from calling for the end of e2e, so they can switch encrypted chat apps

It's not just the European Union the UK's ruling party wishes to leave. According to the Guardian, the recently victorious Conservative party is switching from WhatsApp to Signal, in order to accommodate its new influx of MPs.…

Lithuanian bloke gets half a decade for the mother of all phishing schemes

A Lithuanian hacker will spend the next five years behind bars for masterminding a massive $120m (£92.05m) business email compromise involving Facebook and Google.…

Poisoned movie feeds will do more damage than an angry Dalek

Movie fans eager for an early peek at the new Star Wars installment are putting themselves at risk of malware infection.…