News

Boffins in Vienna devise way to make software prove how it behaves

Folks at Technische Universität Wien in Austria have devised a formal security framework called WebSpec to analyze browser security.…

Thales: ‘Significant change in security culture'

Paid Feature  Of all the cybersecurity developments in 2021, a relatively low-key announcement made by software company Salesforce.com (SFDC) in March might eventually turn out to be one of the most significant.…

Immutability, analytics, and a complete lack of trust…

Webinar  When it comes to cybersecurity, your backup data is no longer your last line of defence.…

Apply fixes responsibly in a timely manner or face the wrath of Lina Khan

The US Federal Trade Commission on Tuesday warned companies that vulnerable Log4j software needs to be patched … or else.…

No more chip factories would surely change Beijing's mind about unification

A top US Army War College paper suggests Taiwan should credibly threaten to eradicate its semiconductor industry if threatened by China so that Beijing would no longer be interested in unification.…

Disable anti-tamper features first and you'll be alright

Norton antivirus's inbuilt cryptominer has re-entered the public consciousness after a random Twitter bod expressed annoyance at how difficult it is to uninstall.…

Yes, you're going to have to get a new CPU (again)

It's been a while coming, but it looks like PCs with Microsoft's Pluton security processor are just around the corner. So long as your silicon of choice comes from AMD, for the time being at least.…

They're developing new techniques 'in every area' says Darktrace

Paid Feature  Ransomware has come a long way since the early days. When it first started out, it spread indiscriminately and often used poor code. Over the years, it has become more sophisticated and is now an efficient business. How did it become so professional?…

French regulator's investigation finds multiple breaches of GDPR

SlimPay, a Paris-based subscription payment services company, has been fined €180,000 by the French CNIL regulatory body after it was found to have held sensitive customer data on a publicly accessible server for five years.…

Information Commissioner faces a year of upheaval in data law

The Information Commissioner's Office has confirmed that former New Zealand privacy commissioner John Edwards has started his new role as the UK's Information Commissioner.…

Firm that found the flaw also spotted ChaosDB and OMIGOD, confident this one’s been exploited

Microsoft has revealed a vulnerability in its Azure App Service for Linux allowed the download of files that users almost certainly did not intend to be made public.…

‘Chatter’ can be bugged thanks to kindergarten-grade security

A Bluetooth phone designed to evoke the carefree days of early childhood has been found to instead threaten the very adult prospect of being surveilled in your home.…

Beijing's not saying what cloudy contender did wrong

China's Ministry of Industry and Information Technology has suspended Alibaba Cloud's membership of an influential security board to protest its handling of the Log4j flaw.…

The Ellume COVID-19 Home Test was connected to the internet of woefully insecure things for a while

Security vendor F-Secure has faked a COVID test result on a Bluetooth-equipped home COVID Test. Thankfully the vendor’s since fixed the device.…

Putting the Sec into DevOps is key, says Red Hat

Paid Feature  Of all the ideas to surface in the 20-year history of cloud computing, few have proved as compelling as the hybrid cloud. Organizations understand on-premises data centers and how computing power can be rented through public clouds or accessed through dedicated private clouds.…

Perpertrators' ID unknown, however

The Belgian Ministry of Defence has suffered a cyber attack after miscreants exploited one of the vulnerabilities in Log4j. The attack marks the first occasion that a NATO country's defence ministry has fallen victim to the flaws.…

Shares them with Troy Hunt’s Have I Been Pwned after sweeping them up from ‘compromised cloud storage’

The United Kingdom’s National Crime Agency and National Cyber Crime Unit have uncovered a colossal trove of stolen passwords.…

Swiss cough up accused crim while Russia is 'deeply disappointed'

The US Attorney's Office of Massachusetts on Monday announced the extradition of Vladislav Klyushin, a Russian business executive with ties to the Kremlin, on charges of hacking US computer networks and committing securities fraud by trading on undisclosed financial data.…

Scottish MSP Dacoll was hit, however

The Clop ransomware gang pwned a managed service provider with access to the UK's Police National Computer, dumping data on its dark web leaks site – but officials deny that police data was compromised.…

Trend Micro outlines common misconfigurations and how to avoid them

Paid Feature  In an era beset by hackers at every turn, it’s no small irony that the fastest growing security threat to business data might now be the self-inflicted wound of cloud service misconfiguration.…