News

Apple's iOS 12.1.4 fixes a FaceTime bug that made headlines last week.

Trends in DDoS attacks show a evolution beyond Mirai code and point to next-gen botnets that are better hidden and have a greater level of persistence on devices – making them "far more dangerous."

Change reversed while forum probes how many affected

Parent gabfest platform Mumsnet has reported a data breach that it claimed happened amid a "software change" en route to migrating services to the cloud.…

Up to eight airlines do not encrypt e-ticketing booking systems - leaving personal customer data open for the taking.

No payment info, but users' names, locations, email addies etc all 'lost'

Trakt, the makers of an app that monitors users' TV programme and movie viewing habits, has 'fessed up to falling victim to a PHP exploit more than four years ago that resulted in data leakage.…

Cupertino's tight-wads called out by fella who found password, private key leak

Vid  The bloke who found a password-spaffing bug in macOS says he won't divulge details on the flaw to Apple until the tech titan agrees to properly compensate vulnerability researchers.…

O(1)? More like O(h) n(O)! Proto-boffins' info leaks out

An errant email leaked academic information on every student at the Cal Poly Pomona College of Science, in California.…

Malicious Bluetooth signals, too, it looks like

Google has emitted security fixes for Android that should be installed, should you get the chance, as they can be potentially exploited to hijack devices.…

A researcher who discovered a flaw letting him steal passwords in MacOS is not sharing his findings with Apple without a macOS bug bounty program.

A tricky two-stage phishing scam is targeting Facebook and Google credentials using a landing page that hides behind Google's translate feature.

Hackers don't always steal data. Sometimes the goal is to manipulate the data to intentionally trigger external events that can be capitalized on.

The elevated privilege flaw exists in Microsoft Exchange and would allow a remote attacker to impersonate an administrator.

Using Police Property Act 1897 to get PCs, storage devices back, representing himself in court

Lauri Love, the Brit who beat US attempts to extradite him over accusations of hacking, is suing the National Crime Agency (NCA) to get back computing gear seized in 2013 as part of the case against him.…

Today's financial cyber-rings have corporate insider and management roles -- cybercrime is not just just for hackers and coders anymore.

Force will run 1 more full-day rollout after snow stopped play

London cops' use of facial recognition tech last week resulted in only one person being charged, while another was handed a £90 on-the-spot fine after trying to avoid the cams.…

It's 2019. Should billion-dollar corps do better than offer swag for vulns?

Analysis  Hunting for exploitable security bugs in software is not an easy way to make a living, and vulnerability researchers say vendors who don't pay out for reports are making life even harder while putting their own products at risk.…

Flaws in this connected smart scale might give the diet-challenged a legitimate reason to be nervous.

And I'm OK with this, says chief of HaveIBeenPwned

During its incessant web crawling, Google's search engine constantly encounters credentials dumped by hackers or left exposed by the careless. And because it can, the ad confectionery copies and encrypts these spilled usernames and passwords.…

Eleven critical bugs will be patched as part of the February Android Security Bulletin.

Join Carbon Black at livestreamed event based on global independent research

Promo  As cyber attackers evolve their techniques, businesses are exposed to a relentless stream of worrying data security breaches. The latest big one hit hotel group Marriott International in November 2018, and may have led to the personal information of up to 500 million guests being compromised.…