nav search
Data Centre Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

Security

Morrisons supermarket: We're taking payroll leak liability fight to UK Supreme Court

Brit grocer says it shouldn't be held responsible for criminal actions of worker

'The inmates have taken over the asylum': DNS godfather blasts DNS over HTTPS adoption

Can those who need lookup privacy afford architectural purism?

jQuery? More like preyQuery: File upload tool can be exploited to hijack at-risk websites

Flaw present for the past eight years, easy to exploit, and there are thousands of forks

Patch me, if you can: Grave TCP/IP flaws in FreeRTOS leave IoT gear open to mass hijacking

AWS-stewarded net-connected platform has multiple remote code execution vulnerabilities

Forgotten that Chinese spy chip story? We haven't – it's still wrong, Super Micro tells SEC

Server maker drags Bloomberg in note to customers, watchdog, still checking its motherboards

Apple boss demands Bloomberg Super Micro U-turn, Russian troll charged, NSA hands out cash, and more

Roundup Plus, hackers find a safe haven in West Haven

Spotted: Miscreants use pilfered NSA hacking tools to pwn boxes in nuke, aerospace worlds

High-value servers targeted by cyber-weapons dumped online by Shadow Brokers

You like HTTPS. We like HTTPS. Except when a quirk of TLS can smash someone's web privacy

Analysis Never-closed browsers and persistent session tickets make tracking a doddle

Talk about a curveball: Microsoft director of sports marketing fired, charged with fraud over 'fake' invoices

He tells investigators: 'I was hacked!'

Equifax exec's inside trade shame: Software boss sentenced for mega-hack stock profit

Thrown in the small house rather than the big house

Decoding the Google Titan, Titan, and Titan M – that last one is the Pixel 3's security chip

Chocolate Factory opens lid, just a little, on secure boot and crypto phone coprocessor

Tumblr turns stumblr, left humblr: Blogging biz blogs bloggers' private info to world+dog

'No evidence' vulnerability was abused, though, we're told

Someone's in hot water: Tea party super PAC group 'spilled 500,000+ voters' info' all over web

Leaky AWS S3 bucket fingered by infosec bods

LuminosityLink spyware mastermind gets 30 months in the clink, forfeits $725k in Bitcoin

Grubby Grubbs' grifting days are gone

Last year, D-Link flubbed a router bug-fix, so it's back with total pwnage

Plain text password storage? Check. Directory traversal? Check. SOHOpeless? Check

Party like it's 1989... SVGA code bug haunts VMware's house, lets guests flee to host OS

Malicious code in VMs can leap over ESXi, Workstation, Fusion hypervisor security

Thought Patch Tuesday was a load? You gotta check out this Oracle mega-advisory, then

And you'll definitely want to check out the libssh flaw

Insult to injury: Malware menace soaks water-logged utility ravaged by Hurricane Florence

Storm-savaged waterworks having to rebuild from scratch

Alphabet in the soup for keeping quiet about Google+ data leak bug

Investors sue over failure to 'fess up in financial filings

UK's National Cyber Security Centre gives itself big ol' pat on the back in annual review

Nixing 139k phishing sites is pretty good going to be fair

Web browsers sharpen knives for TLS 1.0, 1.1, tell protocols to dig their own graves for 2019

IE, Edge, Safari, Firefox, Chrome, all planning to deprecate lousy old versions by 2020

Dating app for Trump loners commits YUGE blunder: It leaks more than the West Wing

Donald Daters application more insecure than the president

Hunt for Red Bugtober: US military's weapon systems riddled with security holes – auditors

Death from a-bug. Dr Strange-bug. Top Bug. We could do this all day...

Penta-gone! Personal records of 30,000 US Dept of Defense workers swiped by miscreants

Travel details for thousands of citizens slip into hands of slippery scumbags

Azure goes quiet, Huawei Canada ban urged, US Senators are after Google, and more

Roundup Also, Flash fakers seek out crypto marks

It's the real Heart Bleed: Medtronic locks out vulnerable pacemaker programmer kit

A pulse-racing tale of biotech bug fixing

Now this might be going out on a limb, but here's how a branch.io bug left '685 million' netizens open to website hacks

Tinder subdomain flaw turns into massive everybody flaw

Facebook mass hack last month was so totally overblown – only 30 million people affected

Good news: 20m feared pwned are safe. Bad news: That's still 30m profiles snooped...

It is 2018 and the NHS is still counting the cost of WannaCry. Carry the 2, + aftermath... um... £92m

Bigwigs report lots of progress in the cash-flinging department

WebSphere and loathing in New York: IBM yanks buggy application server security fix from admins

Patched server, or working server. Pick one...

Bloke gets six months for fixing up Russia's US election trolls with bank accounts, fake identities

Pinedo avoids serious time after spilling beans to Mueller on account sales

UK.gov teams up with Five Eyes chums to emit spotters' guide for miscreants' hack tools

Crouching tiger, hidden APT

In the two years since Dyn went dark, what have we learned? Not much, it appears

DNS infrastructures still vulnerable to attacks

Mozilla grants distrusted Symantec certs a stay of execution, claims many sites yet to make switch

Delay 'in the overall best interest' of Firefox users

The Obama-era cyber détente with China was nice, wasn't it? Yeah well it's obviously over now

Middle Kingdom is a rising threat once again – research

Now, watch this... Network time protocol bugs sting Juniper operating system

Oh, and there are 21 other vulns to patch

If you haven't already patched your MikroTik router for vulns, then if you could go do that, that would be greeeeaat

MikroTik. Stupid name. Stupid bugs. Get those fixes

Oh no, Xi didn't! Chinese spymaster cuffed in Belgium, yoinked to US on aerospace snoop rap

Xu can play at this espionage game, Feds allege

PINs and needled: Experian site blabbed codes to unlock credit accounts for fraudsters

Hack to thaw account freezes reported, fixed, hopefully never exploited

Who needs custom malware? 'Govt-backed' Gallmaker spy crew uses off-the-shelf wares

Likely state hackers make do with 'living off the land' and going after tardy Office patchers

China's clampdown on Tor pushes its hackers into foreign backyards

Comparing Middle Kingdom's hacker forums to Russia's? Apples and pears

Workplace services-flinger Sodexo pulls Engage website after division hit by malware smackdown

UK information commish is investigating

The Register - Independent news and views for the tech community. Part of Situation Publishing