News

Callooh! Kalay! Outdated SDK component poses threat, says intel firm

A critical vulnerability affecting tens of millions of digital video recorders powering baby monitors and CCTV systems across the world has been uncovered by Mandiant, which claims the vuln allows for unauthorised viewing of live camera footage.…

The next chapter in digital forensics: Long live cloud forensics

Promo  On the face of it, the cloud fundamentally changes how security teams investigate and remediate incidents.…

UK.gov shrugs at calls for national security intervention

British defence tech specialist Ultra Electronics has been bought for £2.6bn by a US private equity firm, through a wholly owned UK subsidiary that was itself once a proud standalone business.…

Suit could net $750 a pop under GDPR-ish rule for complainants who allege info 'unencrypted'

A judge in South Carolina has struck out a number of claims in a consolidated class-action suit alleging cloud CRM provider Blackbaud didn't do enough to prevent a 2020 ransomware attack, but allegations under California's Consumer Privacy Act (CCPA) will move forward.…

Local reports suggest Microsoft Hyper-V crack was the cause, as rumours swirl of data leak

Pakistan's Federal Board of Revenue – the nation's tax office – has experienced a lengthy outage after a migration project went bad, perhaps as the result of a cyber-attack.…

Devices from 60+ manufacturers affected, says infosec outfit

Taiwanese chip designer Realtek has warned of four vulnerabilities in three SDKs accompanying its Wi-Fi modules, which are used in almost 200 products made by more than five dozen vendors.…

Plus: Signal expands auto-deleting messages, SIM-swap thief pleads guilty, and more

In brief  T-Mobile US is investigating claims that highly sensitive personal data of 100 million customers has been stolen and peddled via the dark web.…

Murder trial affected last week

A bungled data migration of a network drive caused the deletion of 22 terabytes of information from a US police force's systems – including case files in a murder trial, according to local reports.…

Cupertino can see things you people wouldn't believe

Opinion  For a company built around helping people communicate, Apple sure has problems talking to folk. It pole-vaulted itself feet first into the minefield of Child Sexual Abuse Material (CSAM), saying that it was going to be checking everybody's images whether they liked it or not.…

Blockchain exchange biz says it's working to have all the purloined assets returned

The mysterious miscreant who exploited a software vulnerability in Poly Network to drain $600m in crypto-assets, claims the Chinese blockchain company offered them $500,000 as a reward for discovering the weakness.…

Hey MoD, nice to hear from you. What? Not secret any more, you say?

A job ad blunder by the UK's Ministry of Defence has accidentally revealed the existence of a secret SAS mobile hacker squad.…

Help me, officer, I’m lost! 'No problem, sir, you’re right in front of me'

Something for the Weekend, Sir?  "This website is requesting permission to access your location. Yes/No?" Absolutely not. My personal details are sacred!…

Suggests the world to sort out a ban to preserve human rights, issues sternly worded 'Please Explain' to Israel

The United Nations has called for a moratorium on the sale of "life threatening" surveillance technology and singled out the NSO Group and Israel for criticism.…

Fault injection technique presents risk in cloud environments from rogue admins

AMD's Secure Encrypted Virtualization (SEV) scheme is not as secure as its name suggests.…

Hands-off driving detectors required, over-the-air updates to be strictly regulated

China has drafted new rules required of its autonomous and networked vehicle builders.…

Organizational structure, piecemeal approach and hiring practices all need to change, says Borg security bigwig

A senior Chief Information Security Officer (CISO) advisor at Cisco has penned a commentary on the state of US cybersecurity frameworks, criticizing current government infosec and advocating for more autonomy for CISOs and a better understanding of the task at hand from those creating policies.…

Allegations of purloined trade secrets, unfair competition, national security threats, and more packed into lawsuit

A California-based IT consultancy has sued Huawei and its subsidiary in Pakistan alleging the Chinese telecom firm stole its trade secrets and failed to honor a contract to develop technology for Pakistani authorities.…

Plus: eBPF Foundation emerges, Exchange severs probed for ProxyShell holes, and more

In brief  If your Git operations start failing on Friday, August 13 with GitHub, it may well be because you're still using password authentication – and you need to change that.…

Judge wrong to prevent Uncle Sam from challenging psychiatrist's suicide risk report, says High Court

Analysis  Julian Assange has lost a legal scrap in court, this time over the US government's attempt to expand its grounds for extraditing him from England to stand trial in America.…

Zoom in on zero trust by tuning in and finding out

Webcast  Being hit by ransomware is gut wrenching enough, but it’ll be ten times worse if it coincides with the realization that your data protection systems just aren’t up the job anymore.…