News

Plus birth certificates, job interview data and more

A leak of 10,000 records at a Leicestershire care home provider exposed elderly patients' wishes not to be resuscitated, detailed care plans and precisely how much councils paid for individual patients' care.…

Pair engineer malicious code from public source tweak before official binary releases

Google has updated Chrome for Linux, Mac, and Windows to address three security vulnerabilities – and exploit code for one of them is already public, so get patching.…

Still not the last word for VirnetX after 10-year fight

The United States Supreme Court has kicked out Apple's attempt to overturn a judgement in one of the cases in its 10-year patent fight with VirnetX.…

A preview of muddy paws all over your on-prem resources, or a passwordless future?

Hybrid environments can now join the preview party for FIDO2 support in Azure Active Directory.…

Aw, how generous

Hey, Linux fans! Microsoft has got your back over fileless threats. Assuming you've bought into the whole Azure Security Center thing.…

Tight-lipped chaebol still won't talk about the dodgy app, though

Samsung has admitted that what it calls a "small number" of users could indeed read other people's personal data following last week's unexplained Find my Mobile notification.…

And Adobe in remote-code execution patch non-shocker

Roundup  It's once again time for a security news summary. Let's get to it.…

Treat yourself to a meal out or a case of bevvies... or an appetizer in SF or NYC

Victims of dodgy IT support from Office Depot will start receiving compensation checks, a US consumer watchdog said Thursday.…

The inevitable return of Norbert Spankmonkey

Something for the Weekend, Sir?  Where's my free promo tat? Fellow convention attendees have no such problem being showered with promotional gifts from all sides as they totter up and down the rows of booths.…

Purge is the latest in a series of similar store scourings

On Thursday Google confirmed it has removed nearly 600 Android apps from the Google Play Store and banned them from its ad services for violating its policies on disruptive advertising and interstitials.…

Keep your crypto to less than 398 days after September 1 and you're all good

Safari will, later this year, no longer accept new HTTPS certificates that expire more than 13 months from their creation date.…

Security biz clocked 55 million malicious login attempts on a client

Financial services firms' public APIs are becoming the target du jour for internet ne'er-do-wells, reckons Akamai, which also said that one of its customers was firehosed with 55 million malicious login attempts last summer.…

Alternative headline: Killer bio-nasty linked to former alien vault and cyber-hacker gathering

RSA  Yet another big brand has pulled out of RSA Conference, due to take place next week, amid the ongoing novel coronavirus panic.…

What happens in Vegas... gets leaked on the internet

Casino and hotel chain MGM Resorts lost almost 10.7 million guest records last summer, including the data of Jack Dorsey and Justin Bieber, which was duly posted to hacker forums.…

It's APT28 again! Public attribution names and shames state-backed crew

The same Russian state hackers who unleashed NotPetya on the world's computers were behind destructive cyberattacks on Georgia during 2019, the governments of Britain and the US have said – echoing a similar attribution a decade ago.…

Before you remove the mote from thy hacker's eye, remove the beam from the eyes of your, er, Teams

RSA  As IBM's crew cancels their hotel rooms, Microsoft's infosec staffers are still set to attend the decades-old RSA conference and pulled the covers off a raft of security releases and previews for the event today.…

Now Ru?

The Russian government, via mouthpiece RIA Novosti, has claimed Korean tech giant Samsung will comply with a controversial Russian law passed in November that forces smartphones and computers to come pre-installed with domestic-made shovelware.…

Critical fix for static login headlines latest patch rollout

Cisco has released fixes to address 17 vulnerabilities across its networking and unified communications lines.…

America wanted a cover-up of Kremlin ties to DNC intrusion, court told

Julian Assange was offered a pardon by the White House only if he publicly said Russia did not hack the Democratic National Committee, according to the WikiLeaks supremo's lawyer.…

Mystery facility hit by 'commodity' infection thought to be Ryuk

America's Homeland Security this week disclosed it recently responded to a ransomware infection at an unnamed natural gas plant.…