The Register

Subscribe to The Register feed
Biting the hand that feeds IT — sci/tech news and views for the world
Updated: 36 min 39 sec ago

White-listing Azure cloud connections to grease your Office 365 wheels? About that...

2 hours 15 min ago
Dev fears sub-domain abuse – Plus, unofficial patches for trio of Windows zero-days

Microsoft has been accused of ignoring an IT security risk that could be exploited to create legit-looking malware-laden webpages that sport seemingly trusted Azure and Office 365 domain names. Alternatively, the domains potentially could be used to stealthily leak stolen data from networks.…

Categories: News

Build the wall... around your DNS settings, US govt IT staff urged by Homeland Security amid domain hijackings

7 hours 3 min ago
Anyone still at their posts, please stop these address takeovers... please, helloo? Anyone there?

America's Homeland Security has urged US government departments and federal agencies to shore up their DNS control panels after hackers successfully stormed the barricades.…

Categories: News

Plug in your iPhone, iPad, iPod, fire up the App Store: You have new Apple patches to install

10 hours 57 min ago
Open the door, get on the floor – not so fast if you've an iPhone 4

Apple has emitted a handful of software patches to address security vulnerabilities in iOS, macOS, and various peripherals.…

Categories: News

Wow, fancy that. Web ad giant Google to block ad-blockers in Chrome. For safety, apparently

Tue, 22/01/2019 - 22:27
How many ad blocks could an ad slinger block if an ad slinger could block blocks?

Google engineers have proposed changes to the open-source Chromium browser that will break content-blocking extensions, including various ad blockers.…

Categories: News

Heads up: Debian's package manager is APT for root-level malware injection... Fix out now to thwart MITM hijacks

Tue, 22/01/2019 - 22:11
Disable redirects before applying update

The Debian Project has patched a security flaw in its software manager Apt that can be exploited by network snoops to execute commands as root on victims' boxes as they update or install packages.…

Categories: News

En garde! 'Cyber-war has begun' – and France will hack first, its defence sec declares

Tue, 22/01/2019 - 20:12
Parly-vous cyber-security? No plan to surrender, military bug bounty coming

FIC2019  France’s defence secretary Florence Parly today declared “Cyber war has begun.”…

Categories: News

French diplomat: Spies gonna spy – there aren't any magical cyberspace laws that can prevent it

Tue, 22/01/2019 - 17:30
Pragmatic chap looks at reality of international relations

FIC2019  A French diplomat has suggested that future global regulation of cyberspace could exempt spying from regulation "as long as some specific sectors are preserved".…

Categories: News

Looks like Uncle Sam has pulled its finger out and appointed a Privacy Shield ombudsperson

Tue, 22/01/2019 - 16:30
White House to nominate former DocuSign boss

The US may have finally complied with the European Commission's repeated requests to name a permanent Privacy Shield ombudsperson, The Register understands.…

Categories: News

Stalk my pals on social media and you'll know that the next words out of my mouth will be banana hammock

Tue, 22/01/2019 - 14:30
Boffins reckon they can predict what you'll say based on your friends' activity online

The phenomenon of "prescient Facebook advertising", so beloved of conspiracy theorists who think social networks listen to your microphone, might instead simply be evidence of how good Facebook's algorithms have become.…

Categories: News

Get in the bin: Let's Encrypt gives admins until February 13 to switch off TLS-SNI

Tue, 22/01/2019 - 10:31
End-of-life followed 2018 fake Website certificate drama

If you're still using TLS-SNI, stop: a year after a slip-up allowed miscreants to claim Let's Encrypt certificates for domains they didn't own, the free certificate authority has announced the final sunset of the protocol involved.…

Categories: News

DDoS sueball, felonious fonts, leaky Android file manager, blundering building security, etc etc

Sat, 19/01/2019 - 13:37
Plus, Safari security foiled by… a finger swipe?

Roundup  This week we wrangled with alleged Russian election meddling, hundreds of millions of username-password combos spilled online, Oracle mega-patches, and cliams of RICO swap-gangs.…

Categories: News

The Iceman cometh, his smartwatch told the cops: Hitman jailed after gizmo links him to Brit gangland slayings

Sat, 19/01/2019 - 08:01
Killer jailed for life after fitness kit data tips off plod

Avid runner and hitman Mark Fellows was this week found guilty of murder after being grassed up by his Garmin watch.…

Categories: News

US midterms barely over when Russians came knocking on our servers (again), Democrats claim

Fri, 18/01/2019 - 20:05
Лучшая защита – нападение?

Russian hackers attempted to infiltrate the Democratic National Committee (DNC) just after the US midterm elections last year, according to a new court filing.…

Categories: News

Microsoft partner portal 'exposes 'every' support request filed worldwide' today

Fri, 18/01/2019 - 13:47
No customer data visible but hell's bells, Redmond, what have you borked now?

Exclusive  Alarmed Microsoft support partners can currently view support tickets submitted from all over the world, in what appears to be a very wide-ranging blunder by the Redmond-based biz.…

Categories: News

I used to be a dull John Doe. Thanks to Huawei, I'm now James Bond!

Fri, 18/01/2019 - 10:25
We'll know for sure when Huawei reveals a shoe-shaped smartphone

Something for the Weekend, Sir?  The name's McLeod. Alessandro McLeod. I am a spy for the secret services.…

Categories: News

Microsoft blue biz bug bounty bonanza beckons

Fri, 18/01/2019 - 06:22
Azure DevOps Services invites hackers to test its limits

There's more money to be made from bug hunting in Microsoft code after Redmond announced its 10th active bug hunting reward scheme, the Azure DevOps Bounty Program.…

Categories: News

Old bugs, new bugs, red bugs … yes, it's Oracle mega-update day again

Fri, 18/01/2019 - 02:56
Out of 284 flaws, 33 are rated critical. Big Red admins have big patches ahead

Oracle admins, here's your first critical patch advisory for 2019, and it's a doozy: a total of 284 vulnerabilities patched across Big Red's product range, and 33 of them are rated “critical”.…

Categories: News

Got a Drupal-powered website? You may want to get patching now...

Fri, 18/01/2019 - 01:45
Open-source CMS gets a pair of critical fixes

Drupal has issued a pair of updates to address two security vulnerabilities in its online publishing platform. The vulns are a little esoteric, and will not affect most sites, but it's good to patch just in case you later add functionality that can be exploited.…

Categories: News

Twitter. Android. Private tweets. Pick two... Account bug unlocked padlocked accounts

Fri, 18/01/2019 - 00:01
Cock-up went unnoticed for two Olympics, one World Cup, an EU referendum, and a US presidential election

Twitter has fessed up to a flaw in its Android app that, for more than four years, was making twits' private tweets public. The programming blunder has been fixed.…

Categories: News

Top GP: Medical app Your.MD's data security wasn't my remit

Thu, 17/01/2019 - 17:15
Prof Maureen Baker told tribunal info security and clinical safety are two separate things

The founders of medical symptom-checker app Your.MD knew that a number of key medical information databases were "open to anyone who knows the URL", emails seen by a London tribunal have revealed.…

Categories: News

Pages