News

Now for deep-diving Congress hearings... LMAO JK JK they will do nothing

A US Senate probe has once again outlined the woeful state of computer and information security within Uncle Sam's civil service.…

Complaint claims rival Tanium's hires took deal data with them

McAfee is suing former senior salespeople whom it alleges stole company trade secrets when they moved to a rival security vendor.…

Heartbeat rhythms could be the next biometric authentication method

Biometric systems could use the unique patterns from a person's ECG reading for biometric sign-ons.…

Even govt rules have knock-on effects, warns Andrew Sullivan

Interview  Andrew Sullivan, chief exec of the Internet Society, has condemned governments that "interfere in underlying technologies that people are allowed to build," as regulators increasingly target net infrastructure to enforce their visions of how the online world ought to be.…

Revealed: Long-running espionage campaign targets phone carriers to snoop on VIPs' location, call records

Hackers infiltrated the networks of at least ten cellular telcos around the world, and remained hidden for years, as part of a long-running tightly targeted surveillance operation, The Register has learned. This espionage campaign is still ongoing, it is claimed.…

It's all in a lucrative day's work for Red Mosquito

A Scottish managed services provider is running a lucrative sideline in ransomware decryption – however, a sting operation by a security firm appears to show that “decryption” merely means paying off the malware's masterminds.…

Tehran's hackers are 'wiping' infected machines as tensions spike, fresh sanctions approved

Hackers operating on behalf of the Iranian government have turned destructive, the US Department of Homeland Security has claimed.…

Your quick guide to what else has been happening in computer security lately

Roundup  Here's a quick Monday summary of recent infosec news, beyond what we've already reported.…

50 roles shifted off to India

DXC Technology is sending hundreds of security personnel from the America's division down the redundancy chute and offshoring some of those roles to low-cost centres, insiders are telling us.…

He then doubled down on spies' 'ghost user' backdoor plan

Solving the Huawei 5G security problem is a question of convincing the Chinese to embrace British "fair play", security minister Ben Wallace said yesterday without the slightest hint of irony.…

Can't spell SupportAssist without 'ass' and 'u' – other makers may be hit, too

Dell's troubleshooting software SupportAssist, bundled with the US tech titan's home and business computers, has a security flaw that can be exploited by malware and rogue logged-in users to gain administrator powers.…

Patch released after crypto-currency biz sounded alarm

The development and release of a critical Firefox security patch this week was, in part, triggered by an attempted cyber-heist of crypto-coin exchange Coinbase.…

You need to rifle through my photos why, exactly?

Regulators and campaign groups have warned a UK Parliamentary inquiry that the increasing collection, use and storage of data by corporations poses a serious risk to privacy and security.…

Senator urges NIST to do something about it

Influential US Senator Ron Wyden (D-OR) is not happy about Uncle Sam's employees using insecure .zip files and other archive formats to electronically transfer information.…

Plus: MongoDB crams end-to-end crypto into database tech

Google on Wednesday released source code for a project called Private Join and Compute that allows two parties to analyze and compare shared sets of data without revealing the contents of each set to the other party.…

Emergency security fix emitted for remote code exec hole exploited in the wild

Oracle has issued an emergency critical update to address a remote code execution vulnerability in its WebLogic Server component for Fusion Middleware – a flaw miscreants are exploiting in the wild to hijack systems.…

Office of the Inspector General brings lab back down to Earth

NASA's Jet Propulsion Lab still has "multiple IT security control weaknesses" that expose "systems and data to exploitation by cyber criminals", despite cautions earlier this year.…

150,000 personal records on people, including US veterans, upset with their healthcare

In what has become a depressingly common occurrence, the personal information of hundreds of thousands of people may have fallen into the wrong hands because yet another organization did not secure a cloud-hosted database.…

Just make sure you're running the latest version

Mozilla has released an emergency critical update for Firefox to squash a zero-day vulnerability that is under active attack.…

The tables are turned, database tables that is

The healthcare debt collector ransacked by hackers, who gained access to millions of patients' personal information, has filed for bankruptcy protection.…