News

Sophos sees common behavior across various infections

Common behaviors shared across all families of ransomware are helping security vendors better spot and isolate attacks.…

Account takeovers allegedly used to plunder digital wallets

Two men from Massachusetts have been arrested and charged with 11 criminal counts stemming from a string of account takeovers and cryptocurrency thefts.…

'Unnecessary scaremongering' but still some work to be done

Reports that the Home Office's Brexit app contains "serious vulnerabilities" that could expose the phone numbers, addresses and passport details of EU citizens are overblown, say security experts.…

Supermarket says it's innocent and we don't need more than that, ICO told judges

The UK's Information Commissioner urged the Court of Appeal to side with Morrisons in the supermarket’s battle to avoid liability for the theft and leaking of nearly 100,000 employees’ payroll details – despite not having read the employees’ legal arguments.…

Case to be heard in full next year

A man will appear at Crown court in December to answer charges that he used hacking program Sentry MBA to access and take money from online UK National Lottery gambling accounts.…

Prosecutors say 29 year-old was mastermind of prolific 'Cardplanet' operation

A Russian man was detained at Dulles airport in Washington DC on Monday and charged with running a stolen card trading ring that was responsible for $20m worth of fraud.…

Massachusetts judge reminds America of that little thing called the Fourth Amendment

The seizure and search of phones and laptops at the US border is unconstitutional, a judge said Tuesday in a landmark ruling.…

Intel joins the fun with monthly releases from Adobe, SAP

Patch Tuesday  The November edition of Patch Tuesday has landed with scheduled updates from Microsoft, Adobe, and SAP, along with the debut of a new update calendar from Intel.…

You know what they say: Timing is... everything

Trusted Platform Modules, specialized processors or firmware that protect the cryptographic keys used to secure operating systems, are not entirely trustworthy.…

Boffins say even the latest chips could allow data to be leaked between CPU cores

Intel is once again moving to patch its CPU microcode following the revelation of yet another data-leaking side-channel vulnerability.…

Alarm raised over more holes in third-party low-level code

Nearly three months after infosec biz Eclypsium highlighted widespread security weaknesses in third-party Windows hardware drivers, you can now add Intel to the list of vendors leaving holes in their all-powerful low-level code.…

Security suite falls victim to malicious DLLs

Three of McAfee's anti-malware tools have been found to contain a vulnerability that could potentially allow an attacker to bypass its security protections and take control of a PC.…

'Really very everyday' – report

The UK's Labour Party says its campaign site has been the target of "sophisticated and large-scale cyber-attack" and has informed GCHQ's National Cyber Security Centre.…

Mass-mail fail followed outfit's appearance at jobs fair

BT Security managed to commit the most basic blunder of all after emailing around 150 infosec professionals who attended a jobs fair – using the "cc" field instead of "bcc".…

Admins snoozing on patching despite reports of active attacks

The flurry of reports in recent weeks of in-the-wild exploits for the Windows RDP 'BlueKeep' security flaw had little impact among those responsible for patching, it seems.…

Educational institutions main target during September spike

Kasperksy researchers have blamed pesky schoolkids for the big September spike in denial-of-service attacks.…

Not even data recovery companies

A data recovery company is dubiously claiming it has cracked decryption of Dharma ransomware – despite there being no known method of unscrambling its files.…

Plus, rConfig flaw raises alarms

Roundup  Time for a look at some of the other security stories making the rounds in the past week.…

Supreme Court wraps up legal submissions from supermarket and breach victims

"Cutting to the chase, it's not a case where the office cleaner finds a thumb drive, picks it up and takes the opportunity to make some use of it," barrister Jonathan Barnes told the Supreme Court as he urged judges to dismiss Morrisons' appeal against liability for its 2014 payroll data breach.…

But sure, it's Huawei that's the big security threat

Staff were cuffed in a police raid on Thursday at the offices of US surveillance equipment vendor Aventura Technologies. The workers are now facing criminal charges for allegedly passing off Chinese-made gear as stuff built in America, and selling it to Uncle Sam and its military.…