The Register

Subscribe to The Register feed
Biting the hand that feeds IT — Enterprise Technology News and Analysis
Updated: 2 hours 34 min ago

India PM calls on nation's youth to 'vaccinate digital products against cyber-attacks and viruses'

Fri, 20/11/2020 - 05:15
And hints at new local data governance push

Indian Prime Minister Narendra Modi has called on the nation's technology industry to start designing products for the world, and for youth to create new digital defences.…

Categories: News

VMware reveals critical hypervisor bugs found at Chinese white hat hacking comp. One lets guests run code on hosts

Fri, 20/11/2020 - 04:26
ESXi, Cloud Foundation, and desktop hypervisor users should get patching

VMware has revealed and repaired the flaws in its hypervisor discovered at China’s Tianfu Cup white hat hacking competition.…

Categories: News

In 2016 Australia’s online census failed. Preparations for the 2021 edition have been rated ‘partly effective’

Fri, 20/11/2020 - 02:58
Devs can make unauthorised changes, data integrity is a work in progress, security is not there yet ... and there's just nine months to go

In 2016 Australia’s online census crashed and burned after legitimate attempts to complete the survey were mistaken for a DDOS attack, the routers funneling traffic failed and disaster recovery plans did likewise.…

Categories: News

US Senate approves deepfake bill to defend against manipulated media

Thu, 19/11/2020 - 20:35
Proposed legislation calls for research to detect synthetic shams online

On Wednesday, proposed US legislation to fund defenses against realistic computer-generated media known as deepfakes was approved by the US Senate and the bill now awaits consideration in the US House of Representatives.…

Categories: News

AWS includes open-source Suricata for stateful inspection with Network Firewall service

Thu, 19/11/2020 - 19:10
Enhanced network security for AWS virtual private cloud – while Microsoft previews Azure Firewall Premium

AWS has announced Network Firewall, a new service drawing on the open-source Suricata project.…

Categories: News

Cyberup campaign: 80% of infosec pros fear they might fall foul of UK's outdated Computer Misuse Act

Thu, 19/11/2020 - 14:49
Creaky old law holds back global competitiveness, says group

A majority of British infosec professionals worry about accidentally breaking the UK's antiquated Computer Misuse Act, according to an industry campaign group that hopes to reform the law.…

Categories: News

Compsci guru wants 'right to be forgotten' for old email, urges Google and friends to expire, reveal crypto-keys

Thu, 19/11/2020 - 07:24
DKIM 'makes us all more vulnerable to extortion, blackmail,' argues Green

Matthew Green, associate professor of computer science at Johns Hopkins University in the US, wants Google and other email providers to make it possible for people to deny they've written old email messages.…

Categories: News

China-linked hacking gang ‘APT10’ named as probable actor behind extended attacks on Japanese companies

Thu, 19/11/2020 - 03:58
Campaign even targeted branch offices inside China and sought secrets of automotive and engineering companies

Broadcom’s security subsidiary Symantec has named a China-linked hacking gang known as “APT 10” and “Cicada” as the probable source of a year-long attack on Japanese interests around the world.…

Categories: News

Heads up: A new strain of card-skimming Grelos malware is on the loose

Wed, 18/11/2020 - 18:47
Magecart variant has changed and you should be alert, warns RiskIQ

A new offshoot of the Grelos card-skimming malware - a common Magecart variant - is doing the rounds, according to infosec biz RiskIQ.…

Categories: News

How AI Is powering a new generation of cyber-attacks

Wed, 18/11/2020 - 18:02
The battle of the algorithms has begun

Sponsored  It was 2017 and a hacker had gained access to a digital system at an organization in India. At first it seemed like just a normal intrusion - the kind that happens thousands of times each day. But this one was different.…

Categories: News

The ones who brought you Let's Encrypt, bring you: Tools for gathering anonymized app usage metrics from netizens

Wed, 18/11/2020 - 14:00
Tech tackles two things: 'Aggregate statistics to improve an application, maintain the privacy of the people'

The Internet Security Research Group (ISRG) has a plan to allow companies to collect information about how people are using their products while protecting the privacy of those generating the data.…

Categories: News

Test and Trace chief Dido Harding prompted to self-isolate by NHS COVID-19 app

Wed, 18/11/2020 - 12:11
Threatens plenty of Zoom sessions in the days ahead... just as well they've updated security in recent weeks

There's nothing quite like eating your own dog food, as Test and Trace chief Baroness Dido Harding has learned after being instructed to self-isolate by the NHS COVID-19 contact-tracing app overnight.…

Categories: News

No, the creator of cURL didn't morph into Elon Musk and give away Bitcoins. But his hijacked Twitter page tried to

Wed, 18/11/2020 - 06:26
Daniel Stenberg tells The Reg he's baffled by profile hack

The creator of cURL reassured The Reg on Tuesday that he's not a billionaire rocket man giving away Bitcoins, no matter what his Twitter account claimed.…

Categories: News

Trump fires cybersecurity boss Chris Krebs for doing his job: Securing the election and telling the truth about it

Wed, 18/11/2020 - 01:52
Terminated by presidential tweet that piled on the baseless election-rigging allegations CISA director sought to counter

President Donald Trump tonight fired the boss of the US government's Cybersecurity and Infrastructure Security Agency (CISA), the very organisation his administration formed with the aim of shoring up America's computer networks from hackers.…

Categories: News

Israeli spyware maker NSO channels Hollywood spy thrillers in appeal for legal immunity in WhatsApp battle

Tue, 17/11/2020 - 23:22
In latest court bout, snooper biz seems to ask: Are you sure you want to open this can of worms?

Israeli spyware maker NSO Group has taken a leaf out of Hollywood in an attempt to avoid any legal repercussions from making and selling tools that hack WhatsApp users' phones.…

Categories: News

Microsoft brings Trusted Platform Module functionality directly to CPUs under securo-silicon architecture Pluton

Tue, 17/11/2020 - 19:15
Intel, AMD, Qualcomm are all on board

Microsoft has joined hands with Intel, AMD, and Qualcomm to release a new security chip called Pluton, which Redmond reckons will delete "entire vectors of attack" from the infosec landscape.…

Categories: News

A visit to a crafted webpage would have been enough for a bad guy to munch all your Firefox for Android cookies

Tue, 17/11/2020 - 18:33
So make sure you've updated since July, fandroids

A crafty person could have slurped every single cookie from a Firefox-using Android device by tricking a user to look at a specially crafted HTML file.…

Categories: News

Legendary hacker and L0pht member Peiter Zatko joins Twitter as security chief

Tue, 17/11/2020 - 14:03
Mudge work to be done after high-profile Bitcoin scam earlier this year

Twitter has hired legendary hacker Peiter "Mudge" Zatko as head of security.…

Categories: News

Apple's privacy pledges: We sent dev checks over plain HTTP, logged IP addresses. We bypass firewall apps

Tue, 17/11/2020 - 07:51
Big Sur highlights shortcomings in OCSP comms, APIs

Analysis  Apple plans to revise the way it checks the trustworthiness of Mac applications when they're run – after server problems last week during the launch of macOS Big Sur prevented people's desktop apps from starting.…

Categories: News

End the year as you mean to go on... with world-class cyber-security training

Tue, 17/11/2020 - 07:00
Top speakers, new courses, all live online

Promo  If you work in cybersecurity you’ll know that come December, it’s time to kick back, take stock… and prepare for whatever devilish tricks the hacker community is planning to pull over Christmas and into 2021. And this year and next can be expected to be particularly challenging, with cyber criminals looking to take advantage of a chaotic 2020, whether it’s by targeting the security gaps opened up as your workforce has gone remote or ripping the headlines for enticing spear phishing material.…

Categories: News