News

Car hire biz takes your privacy seriously, though

Car hire giant Hertz has confirmed that customer information was stolen during the zero-day data raids on Cleo file transfer products last year.…

That would put America on the same level as China for espionage

The European Commission is giving staffers visiting the US on official business burner laptops and phones to avoid espionage attempts, according to the Financial Times.…

Copilot vibe coding for OS development? Why not

Canny Windows users who've spotted a mysterious folder on hard drives after applying last week's security patches for the operating system can rest assured – it's perfectly benign. In fact, it's recommended you leave the directory there.…

IT admins, get ready to grumble

CA/Browser Forum – a central body of web browser makers, security certificate issuers, and friends – has voted to cut the maximum lifespan of new SSL/TLS certs to just 47 days by March 15, 2029.…

What's the goal here, Homeland Insecurity or something?

As drastic cuts to the US govt's Cybersecurity and Infrastructure Security Agency loom, Rep Eric Swalwell (D-CA), the ranking member of the House's cybersecurity subcommittee, has demanded that CISA brief the subcommittee "prior to any significant changes to CISA's workforce or organizational structure."…

UK holds onto oversight by a whisker, but it's utterly barefaced on the other side of the pond

Opinion  The UK government's attempts to worm into Apple's core end-to-end encryption were set back last week when the country's Home Office failed in its bid to keep them secret on national security grounds.…

Brit retailer says troubled breakup with tech platform of former US owner nearing conclusion

Two of the top team behind Asda's £1 billion ($1.31 billion) tech divorce from US retail giant Walmart — which has seen a number of setbacks — are departing the company.…

PLUS: Chinese robodogs include backdoor; OpenAI helps spammer; A Dutch data disaster; And more!

Infosec In Brief  Fortinet last week admitted that attackers have found new ways to exploit three flaws it thought it had fixed last year.…

PLUS: India's new electronics subsidies; Philippines unplugs a mobile carrier; Alibaba Cloud expands

Asia In Brief  Chinese officials admitted to directing cyberattacks on US infrastructure at a meeting with their American counterparts, according to The Wall Street Journal.…

Military units, government nerds appear to join the fray, with physical infra in sights

Feature  From triggering a water tank overflow in Texas to shutting down Russian state news services on Vladimir Putin's birthday, self-styled hacktivists have been making headlines.…

Hallucinated package names fuel 'slopsquatting'

The rise of AI-powered code generation tools is reshaping how developers write software - and introducing new risks to the software supply chain in the process.…

Redmond hopes you’ve forgotten or got over why everyone hated it the first time

After temporarily shelving its controversial Windows Recall feature amid a wave of backlash, Microsoft is back at it - now quietly slipping the screenshotting app into the Windows 11 Release Preview channel for Copilot+ PCs, signaling its near-readiness for general availability.…

Issues at the very top continue to worsen

The UK government's latest annual data breach survey shows the number of ransomware attacks on the isles is on the increase – and many techies are forced to constantly informally request company directors for defense spending because there's no security people on the board.…

Former policy boss claims Facebook cared little about national security as it chased the mighty Yuan

Facebook's former director of global public policy told a Senate committee that Meta CEO Mark Zuckerberg was willing to do almost anything to get the social network into China - including, she alleged, offering up Americans' data.…

Props for the transparency though

US sensor maker Sensata has told regulators that a ransomware attack caused an operational disruption, and that it's still working to fully restore affected systems.…

Scammers are already cashing in with fake invoices for import costs

World War Fee  As the trade war between America and China escalates, some infosec and policy experts fear Beijing will strike back in cyberspace.…

Officials teased more details to come later this year

Following the 2024 takedown of several major malware operations under Operation Endgame, law enforcement has continued its crackdown into 2025, detaining five individuals linked to the Smokeloader botnet.…

TL;DR: Move along, still nothing to see here - an idea that leaves infosec pros aghast

Oracle's letter to customers about an intrusion into part of its public cloud empire - while insisting Oracle Cloud Infrastructure was untouched - has sparked a mix of ridicule and outrage in the infosec community.…

Alleges cybersecurity agency was ‘weaponized’ to suppress debunked theories

The Trump administration on Wednesday ordered a criminal investigation into alleged censorship conducted by the USA’s Cybersecurity and Infrastructure Security Agency, aka CISA, plus revocation of any security clearances held by the agency's ex-head Chris Krebs and anyone else at SentinelOne, the cybersecurity company where he now works.…

Can't Redmond ask its whizz-bang Copilot AI to fix it?

Those keen to get their Microsoft PCs patched up as soon as possible have been getting an unpleasant shock when they try to get in using Windows Hello.…