nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes

Security

Infosec whitecoats: Robots are riddled with security bugs

Souless contraptions in the home or at work are a risk – not to humanity

Health firm gets £200k slap after IVF patients' data leaks online

Indian subcontractor kept transcripts on insecure server

Germany, France lobby hard for terror-busting encryption backdoors – Europe seems to agree

Crypto shouldn't hold back cops, sniffs commission

Two million recordings of families imperiled by cloud-connected toys' crappy MongoDB

Voice messages, account info held to ransom, evidence shows

ESET antivirus cracks opens Apple Macs to remote root execution via man-in-middle diddle

Get patching – fix available now

Microsoft slaps Apple Gatekeeper-like controls on Windows 10: Install only apps from store

Configurable switch on software spotted in latest Insider build

Apple's macOS is the safer choice – but not for the reason you think

Eugene Kaspersky looks forward to a new darker dawn

Google Chrome 56's crypto tweak 'borked thousands of computers' using Blue Coat security

Updated TLS 1.3 takes down Chromebooks, PCs

NHS patient letters meant for GPs went undelivered for years

Yep, half a million

New prison law will let UK mobile networks deploy IMSI catchers

Walked past a jail? Expect to become a crime suspect

D-Link resolves enterprise switch hacker risk

Don't wait - update now

Google's Project Zero reveals another Microsoft flaw

Edge, IE can find themselves running unexpected code if cooked by a malicious site

Git fscked by SHA-1 collision? Not so fast, says Linus Torvalds

Attack is hard, discovery is easy, so fix it right
rather than right now

Brit cops can keep millions of mugshots of innocent folks on file

You can ask to be removed, but it's up to officers to listen, Home Office cheerfully concludes

NSA snoops told: Get your checkbooks and pens ready for a cyber-weapon shopping spree

US Cyber Command boss lays out plans for next decade

Don't worry about Privacy Shield, it's fine. Really. I promise, says US trade watchdog head

It's not fine

Mysterious Gmail account lockouts prompt hack fears

Updated Something happening here, what it is ain't exactly clear

South Korea targeted by cyberspies (again). Kim, got something to say?

Vulnerabilities in Hangul word processing program exploited

Cloudbleed: Big web brands leaked crypto keys, personal secrets thanks to Cloudflare bug

Heartbleed-style classic buffer overrun blunder strikes in 2017

I was authorized to trash my employer's network, sysadmin tells court

Michael Thomas' appeal will send shockwaves through IT industry if successful

US 'security' biz trio Sentinel Labs, Vir2us, SpyChatter accused of lying about certification

Watchdog forces them to drop claims of privacy protections

'First ever' SHA-1 hash collision calculated. All it took were five clever brains... and 6,610 years of processor time

Tired old algo underpinning online security must die now

Ex-employees sued for £15m over data slurpage ordered to pay up just £2

Brit firm 'missed the jackpot', says High Court judge

Deutsche Telekom hack suspect arrested at London airport

Cops probing Mirai telco takedown

Microsoft catches up to Valentine's Day Flash flaw massacre

Critical update deals with five ways to do remote code execution on Windows

Boffins exfiltrate data by blinking hard drives' LEDs

Malware? Check. Camera? Check. Let's go sniff passwords

Linux kernel gets patch for 11-year-old local-root-hole security bug

DCCP code cockup lay unnoticed since 2005

Firefox certificate cache leaks user information

Mozilla devs debate whether this is a bug or a feature

US judge halts mass fingerprint harvesting by cops to unlock iPhones

Analysis Uncle Sam's vaguely worded raid warrant knocked down by the Constitution

Blundering Boeing bod blabbed spreadsheet of 36,000 coworkers' personal details in email

Its own security software could have stopped data exposure

Privacy concerns over gaps in eBay crypto

HTTP still being used

Infosec firm NCC Group launches review over crap financials

Misses full-year forecast by, oh, only 20 per cent

Netflix treats security ills with Stethoscope: Open-source self-probing tool

Software scrutinizes device defenses, is better than just yelling IT policies at staff

How's your online bank security looking? The Dutch studied theirs and... yeah, not great

Just six per cent of banks using DNSSEC on domains

DomainMonster mash: Hundreds of websites vandalized after Brit web host server hacked

Small biz wakes up to find online homes defaced

Talos opens box, three Aerospike vulns fly out

NoSQL server, but a big unhappy Yes to the question of security worries

Researchers offer simple scheme to stop the next Stuxnet

Don't get rung out about planting bugs in ladder logic: they should be easy to spot

US Homeland Security is so secure even its own staff can't log in

Nothing like a post-holiday IT cockup

'Hey, Homeland Security. Don't you dare demand Twitter, Facebook passwords at the border'

Civil liberty groups, security experts, law profs, lawmakers slam looming US policy

Hacking group RTM able to divert bulk financial transfers with malware

Attacks of great concern to Russian financial institutions

TeamSpy hackers get the crew back together after four-year hiatus

Updated Remote-control app hijacked for use as snooping tool – again

Java and Python have unpatched firewall-crossing FTP SNAFU

This gets interesting when you find your way into a mail server, says dev who found it