Forums → Security

Tin foil hats, black hats and bald men

State Forum Posts Latest Post
open Singapore to require smartphone check-ins at all businesses and will log visitors' national identity numbers 36
open Spyware slinger NSO to Facebook: Pretty funny you're suing us in California when we have no US presence and use no American IT services... 46
By veti
open Android trojan EventBot abuses accessibility services to clear out bank accounts – fortunately, it's 'in preview' 23
open What's worse than an annoying internet filter? How about one with a pre-auth remote-command execution hole and there's no patch? 36
By Roland6
open Quibi, JetBlue, Wish, others accused of leaking millions of email addresses to ad orgs via HTTP referer headers 8
open Salt peppered with holes? Automation tool vulnerable to auth bypass: Patch now 5
open In trying times like these, it's reassuring to know you can still get pwned five different ways by Adobe Illustrator files 10
By Mage
open Academics demand answers from NHS over potential data timebomb ticking inside new UK contact-tracing app 121
By Ybslik
open ProtonMail-run website boasting 'complete guide' to GDPR left credential-baring .git repo exposed online 2
open San Francisco trial of Russian bloke extradited and accused of hacking LinkedIn, Dropbox, Formspring stalls again amid pandemic lockdown 4
open Nine million logs of Brits' road journeys spill onto the internet from password-less number-plate camera dashboard 199
By dave 81
open We're going on a vuln hunt. We're going catch a big one: Researchers find Windows bugs dominate – but fixes are fast 11
open UK snubs Apple-Google coronavirus app API, insists on British control of data, promises to protect privacy 222
open Australian contact-tracing app leaks telling info and increases chances of third-party tracking, say security folks 19
open We could have pwned Microsoft Teams with a GIF, claims Israeli infosec outfit 19
open Apple and Google tweak key bits of contact-tracing privacy plan 21
open Australia's contact-tracing app regulation avoids 'woolly' principles in comparable cyber-laws, say lawyers 52
By aaaa
open Sophos XG firewalls hacked, hotfix ready. Texts wreck Apple iThings. Yup, business as usual in infosec world 9
open Spyware maker NSO can't claim immunity, Facebook lawyers insist – it's time to face the music 44
open Canada's .ca overlord rolls out free privacy-protecting DNS-over-HTTPS service for folks in Great White North 19
By tip pc
open GCC 10 gets security bug trap. And look what just fell into it: OpenSSL and a prod-of-death flaw in servers and apps 50
open Why should the UK pensions watchdog be able to spy on your internet activities? Same reason as the Environment Agency and many more 187
By pgm
open Vietnam alleged to have hacked Chinese organisations in charge of COVID-19 response 23
open Zero-click, zero-day flaws in iOS Mail 'exploited to hijack' VIP smartphones. Apple rushes out beta patch 20
By Doug_S
open Stripe is absolutely logging your mouse movements on websites' payment pages – for your own good, says CEO 25
By Shooter
open After intense scrutiny, Zoom tightens up security with version 5. New features include not, er, spilling video calls to network snoops 31
open Attention, lockdown DIY fans: UK hardware flinger Robert Dyas had credit card data and more skimmed from website 10
open Attack of the clones: If you were relying on older Xilinx FPGAs to keep your product's hardware code encrypted and secret, here's some bad news 7
open Yes, there's lots of COVID-19-themed scuminess around – but otherwise the level of cybercrime is the same 2
open Netflix says subscriptions just boomed but tells investors it's no money heist and they should expect stranger things 29
open IBM == Insecure Business Machines: No-auth remote root exec exploit in Data Risk Manager drops after Big Blue snubs bug report 23
open Frippin' heck: Watch out, chin-stroking prog rock fans. King Crimson distributor Burning Shed says it's been hacked 10
By x 7
open Something a bit phishy in your inbox? You can now email suspected frauds straight to Blighty's web takedown cops 27
By lsces
open Typosquatting RubyGems laced with Bitcoin-nabbing malware have been downloaded thousands of times 3
open Weeks before US oil contract prices went negative, a spear-phishing crew went after oil firms. What did they get? 9
By Roland6
open Google productises its own not-a-VPN secure remote access tool 23
open Bad news: Cognizant hit by ransomware gang. Worse: It's Maze, which leaks victims' data online after non-payment 15
open CFAA latest: Supremes to tackle old chestnut of what 'authorized use' of a computer really means in America 27
open Tor Project loses a third of staff in coronavirus cuts: Unlucky 13 out as nonprofit hacks back to core ops 9
open Ministry of Defence lowers supplier infosec standards thanks to COVID-19 outbreak 4
open Contact-tracing or contact sport? Defections and accusations emerge among European COVID-chasing app efforts 39
open That critical VMware vuln allowed anyone on your network to create new admin users, no creds needed 16
open Google: We've blocked 126 million COVID-19 phishing scams in the past week 18
open Europe publishes draft rules for coronavirus contact-tracing app development, on a relaxed schedule 131
By Mark 65
open India says 'Zoom is a not a safe platform' and bans government users 16
open You're a botnet, you've got a zero-day, so where do you go? After fiber, because that's where the bandwidth is 6
open Bad news: So much of your personal data has been hacked that lesson manuals on how to use it are the latest hot property 16
open United Nations reportedly tears up Tencent's invite to its big 75th birthday bash 7
open Stuck inside with time on your hands? The US govt would like to remind you it's paying $5m for Nork hacking scalps 3
By Mike 16
open Linksys forces password reset for Smart Wi-Fi accounts after router DNS hack pointed users at COVID-19 malware 19


Biting the hand that feeds IT © 1998–2020