News

You can be fast but they're always faster

Cloud-'n'-comms biz Datrix has suffered a phishing attack that resulted in some customers' contact details being compromised – though the company reckons it contained the attack within 15 minutes.…

Plus more from the world of infosec

Roundup  Here's a summary of recent infosec news beyond what we've already covered – earlier than usual because some of us have Thanksgiving to get through in the US. By the way, watch out for hackers taking advantage of IT teams suffering turkey comas.…

Great and good of pentesting chew the fat with El Reg

Ethical hacking is a "redundant term" but to be a "hacker" is no longer a bad thing, according to proponents of the cybersecurity art form known as "penetration testing".…

Rogue SDKs covertly harvested personal info, it is claimed

Twitter and Facebook on Monday claimed some third-party apps quietly collected swathes of personal information from people's accounts without permission.…

Keep up with the latest threats – and learn how to stop them

Promo  The IT security landscape changes by the second, as organisations move to new technologies and data thieves devise increasingly ingenious ways to penetrate systems. It’s no surprise that IT security leaders feel the constant need to shore up their defenses.…

...OnePlus also compromised, and much more

Roundup  Time for another roundup of all the security news that's fit to print and that we haven't covered yet.…

BlueKeep isn't the only bug in town, plenty to go round

VNC remote desktop software has no shortage of potentially serious memory-corruption vulnerabilities, you'll no doubt be shocked to hear.…

Ad-tech arms race continues: DNS system exploited to silently follow folks around the web

Developers working on open-source ad-blocker uBlock Origin have uncovered a mechanism for tracking web browsers around the internet that defies today's blocking techniques.…

Good news? They're not paying the ransom

A French hospital has suffered a ransomware attack that reportedly caused the lockdown of 6,000 computers.…

Self-assessment phishing and phone scam alert raised

The UK’s tax authorities have issued an official warning to contractors to watch out for self-assessment scams - and they don’t mean IR35 for a change.…

Fraudster oversaw operation with contraband phone

A convicted fraudster housed in a maximum security prison in Nigeria managed to pull off a $1m (£775,000) online scam from behind bars.…

Rights warriors want governments to actually, y'know, do something – anything

Amnesty International says the "pervasive surveillance" practiced by Facebook and Google represents a threat to human rights, a claim the two companies dispute.…

Are you for real? splutters surveyor Sophos

Half of UK public sector IT chiefs think the data they're responsible for protecting is less valuable than private sector information, according to a survey by antivirus firm Sophos.…

Lock the front door, you chumps

A British video-editing startup exposed what is claimed to be "thousands" of user-uploaded videos, including family films and home-made pornography, in an unsecured Amazon AWS bucket.…

Haven't gotten around to patching since last Spring? Now would be a good time

Thousands of Oracle E-Business Suite customers are vulnerable a security bug that can be exploited for bank fraud.…

Businessman gets 18 months for bogus cryptocoin sales

A 39 year-old man from New York has been ordered to spend the next 18 months in prison after being convicted of cryptocurrency-based securities fraud.…

But the big money's in Huawei's new (invite only) program

Mozilla has decided to celebrate the 15th anniversary of its Firefox browser by expanding its bug bounty program to cover a range of new sites and services and - get this - triple its maximum payout.…

Magecart making life difficult yet again for shopping website

US retailer Macy's says that hackers planted a card-stealing malware script on its site and harvested customer details for eight days last month.…

And the fake news merry-go-round is already in full swing

Brexit-supporting businessman Arron Banks has had his Twitter account hijacked and his private messages dumped online by person or persons unknown – and random script kiddies are trying to claim the credit for it.…

US Dept of Justice books one-way plane ticket in his name

A rape investigation involving everyone's favourite cupboard-dwelling WikiLeaker, Julian Assange, has been dropped, Swedish prosecutors told the world's press today.…