News

It's Lumen awful: Space Drop halted due to excessive douchebaggery

Citing an explosion in fraudulent accounts, Keybase says it is ending its maligned Stellar Space Drop giveaway.…

Uni brains pitch smart math for speeding up establishment of circuits in anonymizing onion network

Academics in Germany say they've found a way to make Tor and similar onion networks more efficient and lower their latency.…

'Sir, they're about to disclose the vulns!' 'Damn it. Accelerate the rollout!'

How does Microsoft mitigate the risk of speculative-execution bugs on its Azure platform? The US goliath is unwilling to comment, despite running a session at its Ignite conference last month on exactly this subject.…

Talk about gone in a flash

Video  A pentad of bit boffins have devised a way to integrate electronic objects into augmented reality applications using their existing visible light sources, like power lights and signal strength indicators, to transmit data.…

Gap in browser privacy tech embarrassingly detected by Google

Apple on Tuesday updated its Intelligent Tracking Protection (ITP) system in its WebKit browser engine because it could be tracked.…

Good news? There is no good news

File this one under "not everything needs a computer in it". Finnish security house F-Secure today revealed a vulnerability in the KeyWe Smart Lock that could let a sticky-fingered miscreant easily bypass it.…

Double-encrypted. That said, if you're worried about over-sharing, what are you doing on Chrome?

A new feature in Google's Chrome browser will warn you if your username and password matches a known combination in a data breach every time you type credentials into any website.…

Latest Which? study with NCC Group highlights toys it ain't smart to buy

It seems to come around quicker every year – the failure of so-called smart toys to meet the most basic of security requirements. Which? has discovered a bunch of sack fillers that dirtbags can use to chat to your kids this Christmas.…

Feds get extradition for 64 year-old fraud suspect who allegedly netted hundreds of thousands of dollars

A 64 year-old man from Nigeria is set to be tried in the US on charges he was the brains behind a string of business email hacks and romance scams.…

End 2019 with a Patch Tuesday from Microsoft, Adobe, SAP and Intel

With the year winding to a close and the holiday parties set to kick off, admins will want to check out the December Patch Tuesday load from Microsoft, Adobe, Intel, and SAP and get them installed before downing the first of many egg nogs.…

I don't care if it's mathematically impossible, make it happen nerds!

In its latest attempt to come up with a digital encryption scheme that's both secure and not, the US Senate Judiciary Committee on Tuesday heard conflicting testimony from industry, academics, and law enforcement about whether encryption can simultaneously protect information and also reveal it on demand.…

I was caught in the middle of a memory attack, and I knew there was no turning back

Intel on Tuesday plans to release 11 security advisories, including a microcode firmware update to patch a vulnerability in its Software Guard Extensions (SGX) on recent Core microprocessors that allows a privileged attacker to corrupt SGX enclave computations.…

Oracle DBs particularly vulnerable to fake decryptions, say researchers

If you're an Oracle database user and are tempted to pay off a Ryuk ransomware infection to get your files back, for pity's sake, don't. The criminals behind it have broken their own decryptor, meaning nobody will be able to unlock files scrambled by the malicious software.…

Open-source product now has yet another paid option on top

Black Hat Europe  Elastic, the biz behind open-source search engine stack Elasticsearch, has launched its own SIEM – a somewhat counterintuitive thing to do, you'd think, until you look at how many others are using Elasticsearch for lucrative security products.…

They also want a ban on interfering with their cookies

Amid the final rulemaking before the California Consumer Privacy Act (CCPA) is scheduled to take effect next year, five ad industry groups have asked California Attorney General Xavier Becerra to remove a requirement that businesses honor the privacy choices internet users make through browser settings, extensions, or other controls.…

Next thing she's wearing my Casio

A jailed hacker who profited from the Angler Exploit Kit has been ordered to sell his £5,000 Rolex watch after the National Crime Agency (NCA) applied to confiscate £270,000 of criminal proceeds from him.…

Been down this path and it ain't that easy, says man who knows

Black Hat Europe  A veteran drone hacker reckons the recent release of the Dronesploit framework won't go down quite as its inventors hope.…

Meanwhile, the DOJ sets its sights on money mules

Welcome to yet another El Reg security roundup. Off we go.…

Protest organizers come under fire from network traffic barrage

China is reportedly using the 'cannon' capabilities of its massive domestic internet to try and take down anti-government websites in Hong Kong.…

Too soon for New Year Resolutions?

Cybercriminals will continue to exploit tried-and-tested fraud methods but also adopt a couple of new takes and targets in the year ahead.…