News

Advertising giant insists it's all still on drawing board – as plugin devs face code rewrites

Analysis  Following uproar from developers and netizens over proposed changes to Chrome that threaten to break content and ad blockers, and knacker other browser extensions, Google software engineer Devlin Cronin has offered reassurance that the plans aren't set in stone.…

A tale of Twitter fraudsters, an infosec biz boss, and a quest for one honeypot hit

Fraudsters masquerading as ISP support agents to phish payment card details have been unmasked – after they tried to scam a Brit infosec biz cofounder.…

Gimme, gimme, gimme your data after midnight... Swedish watchdogs cry, Mamma Mia! over location slurping

Google's slurping of people's location data and web browsing histories is being probed by Swedish privacy watchdog.…

Here are six tips to put threat hunters in the driver's seat so they can outsmart their adversaries.

The attack makes use of previously disclosed critical vulnerabilities in the Apple Safari web browser and iOS.

An emergency directive from the Department of Homeland Security provides "required actions" for U.S. government agencies to prevent widespread DNS hijacking attacks.

Also reckons Russian hackers go quiet over the Christmas holidays

FIC2019  According to Eugene Kaspersky, founder of the eponymous antivirus company, black-hat hackers are increasingly likely to speak Portuguese and Spanish as well as the traditional English, Russian and Chinese.…

0patch released the fix for the remote code execution vulnerability in Windows, which has a CVSS score of 7.8.

The RogueRobin uses a mix of novel techniques.

Dev fears sub-domain abuse – Plus, unofficial patches for trio of Windows zero-days

Microsoft has been accused of ignoring an IT security risk that could be exploited to create legit-looking malware-laden webpages that sport seemingly trusted Azure and Office 365 domain names. Alternatively, the domains potentially could be used to stealthily leak stolen data from networks.…

Anyone still at their posts, please stop these address takeovers... please, helloo? Anyone there?

America's Homeland Security has urged US government departments and federal agencies to shore up their DNS control panels after hackers successfully stormed the barricades.…

Open the door, get on the floor – not so fast if you've an iPhone 4

Apple has emitted a handful of software patches to address security vulnerabilities in iOS, macOS, and various peripherals.…

How many ad blocks could an ad slinger block if an ad slinger could block blocks?

Google engineers have proposed changes to the open-source Chromium browser that will break content-blocking extensions, including various ad blockers.…

Disable redirects before applying update

The Debian Project has patched a security flaw in its software manager Apt that can be exploited by network snoops to execute commands as root on victims' boxes as they update or install packages.…

Parly-vous cyber-security? No plan to surrender, military bug bounty coming

FIC2019  France’s defence secretary Florence Parly today declared “Cyber war has begun.”…

Researchers show how rogue web applications can be used to attack vulnerable browser extensions in a hack that gives adversaries access to private user data.

Pragmatic chap looks at reality of international relations

FIC2019  A French diplomat has suggested that future global regulation of cyberspace could exempt spying from regulation "as long as some specific sectors are preserved".…

The French Data Protection Authority (DPA) found a lack of transparency when it comes to how Google harvests and uses personal data for ad-targeting purposes.

White House to nominate former DocuSign boss

The US may have finally complied with the European Commission's repeated requests to name a permanent Privacy Shield ombudsperson, The Register understands.…

The patches are part of Adobe's second unscheduled update this month.