News

Intel on Monday acknowledged that its processors are vulnerable to another Spectre-like speculative execution side channel flaw that could allow attackers to access information.

Problem: they can't pay like banks can...

Plans to fine national utilities and infrastructure providers £17m for shoddy cyber security will be at the forefront of industry's mind once everyone "gets over" GDPR, peers heard at a House of Lords committee.…

Problem: they can't pay like banks can...

Plans to fine national utilities and infrastructure providers £17m for shoddy cyber security will be at the forefront of industry's mind once everyone "gets over" GDPR, peers heard at a House of Lords committee.…

Don't horse about with personal data, watchdog warns

A vet recruitment consultant that squirrelled away the personal details of almost 300 people from his former employer was today slapped on the wrists by the UK's information watchdog.…

DDoS launchers increasingly target application processes instead of flooding networks

Attackers have noticed that the world is getting better at fending off massive distributed denial-of-service attacks, and are trying to overwhelm application processes instead.…

World+Dog can contact any student via a shared doc

Google and the Victorian Department of Education have set parents, students, teachers, and the Office of the Australian Information Commissioner a poser: at what point does a feature become a vulnerability? Or just too creepy to put in front of kids?…

A botnet called Brain Food is pushing diet pills via infected WordPress and Joomla websites.

Affects Intel and other processor makers

Breaking  Today, Microsoft and Google Project Zero will reveal a fourth variant of the speculative-execution-based security vulnerabilities in modern processors – the design flaws known as Spectre and Meltdown.…

Records for a mobile app that parents can use to monitor what their kids are doing online has been exposed in the latest Amazon Web Services cloud misconfiguration.

Analysis shows that the malware, previously a banking trojan focused on Android devices, has rapidly evolved just in the past month.

Three fixed, including critical remote code execution bug

Infosec outfit Foregenix has uncovered six vulnerabilities in Dell EMC's data protection platform RecoverPoint, three of which have been fixed.…

'It may be possible for an attacker to intercept your router'

Taiwanese network kit maker DrayTek has 'fessed up to a vulnerability in a large number of its routers which could allow miscreants to hijack internet traffic or steal personal data.…

'It may be possible for an attacker to intercept your router'

Taiwanese network kit maker DrayTek has 'fessed up to a vulnerability in a large number of its routers which could allow miscreants to hijack internet traffic or steal personal data.…

The code is integrated with at least three exploits that target unpatched IoT devices, including closed-circuit cameras and Netgear routers.

Insecure 12-year old microsite handed attackers key

The Information Commissioner has slapped a £120,000 fine on the University of Greenwich in the UK after a security cockup by its computing and maths school compromised the data of almost 20,000 individuals.…

EFF wins another privacy battle, ICE chips off AI spy plan

Roundup  Here's your guide to this week's infosec news beyond what we've already covered.…

The U.S. Senate gave the nod to restoring the 2015 Open Internet Order, putting net neutrality on the fast track to a House vote.

A type of card-not-present fraud is spreading throughout the Latin American underground, uniting groups of malefactors in a communal effort to perpetrate it as widely as possible.

Threatpost editors Tom Spring, Tara Seals and Lindsey O'Donnell discuss the week’s information security news.

A recently discovered malware steals cache data and messaging sessions from the desktop version of encrypted messaging service Telegram.