News

Your repo's dependencies need updating to close a hole? We're way ahead of you, pal

GitHub can now automagically offer security patches for projects' third-party dependencies.…

Secure comms biz says it simply follows the law – plus, there's always Tor

ProtonMail, a provider of encrypted email, has denied claims that it voluntarily provides real-time surveillance to authorities.…

Angry boffins start questioning standards body's independence

Compsci academics are startled by how the US-based IEEE is complying with American sanctions on Huawei. That includes halting peer review by anyone connected to the Chinese company – and banning them from buying IEEE-branded coffee mugs.…

Over half a billion installs? This one's not over yet, we reckon

News aggregation app Flipboard has publicly confessed that hackers accessed personal data about its members.…

Mindgeek left him totally unsatisfied, he says

An irate infosec researcher has accused Pornhub owners Mindgeek of out-of-scoping what he described as "critical" vulns in a cartoon pornography-themed mobile games site.…

Just a 16% chance of being banged up for computer misuse

Analysis  Nearly 90 per cent of hacking prosecutions in the UK last year resulted in convictions, though the odds of dodging prison remain high, an analysis by The Register has revealed.…

Tricky to exploit in the real world, which is good because no official fix is available yet

A vulnerability in all versions of Docker can be potentially exploited by miscreants to escape containers' security protections, and read and write data on host machines, possibly leading to code execution.…

If you haven't patched CVE-2019-0708 aka BlueKeep, then, well, now would be a good time

The critical Windows Remote Desktop flaw that emerged this month may have set the stage for the worst malware attack in years.…