News

An Ohio parish lost a whopping $1.75 million after attackers breached two employees' email accounts - and then tricked other employees into sending wire transfers to a fraudulent bank account.

We all want to see hard proof of espionage. This is absolutely not it

A claimed "backdoor" in Huawei routers used in the core of Vodafone Italy's 3G network was, in fact, a routine implementation of Telnet.…

Hapless soul repents 'unintentionally' sharing drone makers privates in repo

A Chinese software developer who previously expressed suicidal thoughts has been jailed after putting one of drone company DJI's AES private keys onto Github in plain text.…

...let us bring you up to date on infosec bits and bytes

Roundup  Here's your quick-fire summary of recent computer security news.…

Click to read to disappointingly logical answer

Comment  The President's son Donald Trump Jr broke the Computer Fraud and Abuse Act, a US federal law.…

Hardware that supports pirated video streaming content comes packed with malware.

The attack group shows a moderate level of sophistication, but the stage is set for MuddyWater to take things to the next level.

After facing criticism for removing or restricting several parental control apps over the past year, Apple cited security and privacy reasons.

Github and Bitbucket tokens for Docker autobuilds are also impacted.

Millions of security cameras, baby monitors and "smart" doorbells are open to hijack - and no solution is currently available.

Home of CRN UK, Computing and others warn remaining readers to update their freakin' passwords

UK events and publishing outfit Incisive Media today urged subscribers to change their account passwords after it found an open port on a server had left it exposed to a buffer overflow or another remotely exploitable vuln.…

Join the institute this June to up your cyber game

Promo  High-profile cases of successful attacks on critical industrial control systems show the growing importance of protecting your organization or facing a turbulent future. Malware delivered by ever more creative methods can find its way to plant floors, encrypting critical files or wiping them altogether.…

GCHQ offshoot shares infosec hair-raisers

CyberUK 2019  If your hair isn't already grey enough, GCHQ staff have revealed a handful of infosec incidents that, in their words, "surprised us".…

Yet another WordPress plugin vulnerability has put thousands of websites at risk.

On this week's Threatpost news wrap, the team discusses Facebook's FTC fine for its data security practices, a report that Amazon is collecting Echo users' geolocation data, and more.

GoDaddy worked with researchers to shut down 15,000 domain-shadowing websites tied to bogus affiliate marketing offers promoted via spam campaigns.

The wireless gateways are used in PoS, industrial IoT and distributed enterprise settings.

Half of Threatpost readers surveyed in a recent poll don't believe that consent realistically exists when it comes to facial recognition.

Er, do you have your original password written down somewhere?

Something for the Weekend, Sir?  I have been propositioned at midnight at a hotel door. "What's your room number?"…

Firm explains but security folk not appy with clarifications

Weird things are afoot with NordVPN's app and the traffic it generates - Reg readers have spotted it contacting strange domains in the same way compromised machines talk to botnets' command-and-control servers.…