News

One of, but not the worst, in history

US hotel chain Marriott has admitted that a breach of its Starwood subsidiary's guest reservation network has exposed the entire database – all 500 million guest bookings over four years, making this one of the biggest hacks of an individual org ever.…

Bored secretary at GP fined for sneaky look at medical records

A bored trainee secretary at a GP practice has been fined for snooping on the health records of colleagues, friends and strangers.…

Nope, no new computer for you. Move along

On Call  Welcome once more to On Call, our weekly column where Reg readers share their tales of tech support problems solved.…

It's 2018 and UPnP is still opening up networks - this time to leaked SMB cyber-weapons

Earlier this year, Akamai warned that vulnerabilities in universal plug-and-play (UPnP) had been exploited by scumbags to hijack 65,000 home routers. Now, in follow-up research released his week, it found little has changed.…

Sliding into your DMs unnoticed, literally

Analysis  Britain's surveillance nerve-center GCHQ is trying a different tack in its effort to introduce backdoors into encrypted apps: reasonableness.…

Buffer overflow flaw could lead to privilege escalation

IBM is advising folks this week to check if they should update their Db2 database installations following the discovery of a potentially serious security vulnerability.…

Hackers can spoof messages, hijack screen controls and kick others out of meetings.

The vulnerability could allow attacker to execute arbitrary SQL queries.

Names, addresses, social security numbers exposed

Miscreants gained access to US healthcare billing vendor AccuDoc Solutions' database for about a week in September, exposing the data of at least 2.65 million people.…

The donut giant first noticed the attack Oct. 31.

Plus: State-backed hacks now need permission from a judge

On the same day that certain types of British state-backed hacking now need a judge-issued warrant to carry out, GCHQ has lifted the veil and given the infosec world a glimpse inside its vuln-hoarding policies.…

American Civil Liberties Union wants to know what govt asked for, and why court refused

The American Civil Liberties Union (ACLU) has filed a motion to find out what went on in a court case in which the US Department of Justice allegedly tried to make Facebook give it unencrypted access to Messenger calls.…

Profit driving NSS claims of industry boycott, antivirus makers swear

Symantec says the biz that accused it of conspiring with others to avoid independent security audits is "less than honest" and driven by a "thirst for profits."…

Audiophiles could get played like a fiddle, have their web traffic snooped by son-of-a-pitch scammers

Headphone maker Sennheiser is facing the music after being caught compromising the security of its customers.…

The company said it has reset passwords for all Dell.com customers.

Round Rock insists no data actually swiped after intruder spotted on internal network

Dell is resetting all customer passwords on its website after a hacker or hackers unknown infiltrated its internal network.…

The two apps are created by headset software company Sennheiser HeadSetup.

Duo raked in $6m in extortion payments after scrambling victims' files, it is claimed

US prosecutors have this week charged two people believed to be behind the notorious SamSam ransomware outbreak.…

The rise of piracy has helped drive the spike in attacks.

The multi-year campaign used malware and botnets to falsify billions of webpages and "site users."