nav search
Data Center Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

Security Earlier

Two things will survive a nuclear holocaust: Cockroaches and crafty URLs like ғасеьоок.com

Pesky phishing pages using international domain names just won't go away

You get a lawsuit! And you get a lawsuit! And you! Now Apple sued over CPU security flaws

iGiant up next in the Meltdown-Spectre-sueball-a-palooza

Sad-sack Anon calling himself 'Mr Cunnilingus' online is busted for DDoSing ex-bosses

Electronics tutor's taunts come back to haunt him

Someone is touting a mobile, PC spyware platform called Dark Caracal to governments

Hundreds of gigabytes already slurped, say EFF and Lookout

F-35 'incomparable' to Harrier jump jet, top test pilot tells El Reg

Interview Naturally we demanded proof – and we got it

Google fuels up Chromecast Wi-Fi flooding fix

It lands today

And Oracle E-biz suite makes 3: Package also vulnerable to exploit used by cryptocurrency miner

Hat trick!

VTech fondleslabs for kids 'still vulnerable' despite sanctions

Researchers claim flaws remain more than two years later

Mozilla edict: 'Web-accessible' features need 'secure contexts'

If an API or feature needs the 'net, it needs HTTPS under Mozilla's new plan

North Korea's finest spent 2017 distributing RATs, wipers, and phish

And sent them mostly to South Korea, naturally

Industrial systems scrambling to catch up with Meltdown, Spectre

Some confessions, but 'watch this space' is the more common reaction - when there is one

Who's using 2FA? Sweet FA. Less than 10% of Gmail users enable two-factor authentication

Usenix Enigma Your daily dose of digital depression

HTML5 may as well stand for Hey, Track Me Longtime 5. Ads can use it to fingerprint netizens

Usenix Enigma This language is wired for sound

Former Santander bank manager pleads guilty to computer misuse crimes

Updated Customer details spilled to boyfriend

Biggest vuln bombshell in forever and storage industry still umms and errs over patches

Analysis Does it run in VMs, containers, systems running external code? Just. Patch. It

Wanna motivate staff to be more secure? Don't bother bribing 'em

Usenix Enigma Also, don't get the BOFH to publicly smack them with a LART

Another round of click-fraud extensions pulled from Chrome Store

More than 500,000 users stung

BIND comes apart thanks to ancient denial-of-service vuln

No active exploits, but crashes are happening in the wild

Hospital injects $60,000 into crims' coffers to cure malware infection

Medics say they couldn't wait for backups to be pulled as ransomware ransacked kit

Android snoopware Skygofree can pilfer WhatsApp messages

Sophisticated nasty also able to listen in based on location

UK's Just Eat faces probe after woman tweets chat-up texts from 'delivery guy'

ICO to investigate allegations of driver delivering side order of creepy

New Mirai botnet species 'Okiru' hunts for ARC-based kit

Researchers: Code designed to hit Linux devices

Canada charges chap alleged to run stolen data-mart Leakedsource

Unlike similar services, this one sold purloined passwords

Bad benchmarks bedevil boffins' infosec efforts

'Benchmark crimes' understate true performance impact of security controls

Now Meltdown patches are making industrial control systems lurch

Automation and SCADA-flingers admit fix has affected products

Customers reporting credit card fraud after using OnePlus webstore

Chinese mobe-flinger probing the issue

UK.gov denies data processing framework is 'sinister' – but admits ICO has concerns

Minister says commish is 'free to disregard' framework if it is 'irrelevant'

Meltdown/Spectre fixes made AWS CPUs cry, says SolarWinds

CPU utilization up, throughput down, but a second fix may have restored normal service

Oracle still silent on Meltdown, but lists patches for x86 servers among 233 new fixes

Sun ZFS Storage Appliance users: brace for super-critical fix

Intel puts security on the todo list, Tavis topples torrent tool, and more

Roundup A quick catch-up on infosec stuff beyond what we've already reported

Let's Encrypt plugs hole that let miscreants grab HTTPS web certs for strangers' domains

Shared hosting oversight bites free SSL/TLS certificate org

Feds may have to explain knowledge of security holes – if draft law comes into play

House reps approve bill requiring vuln disclosure reports

Boffins split on whether Spectre fix needs tweaked hardware

Analysis It's not like a recall is possible, says chip security expert

Intel AMT security locks bypassed on corp laptops – fresh research

Updated Easy as A, B, CTRL+P

Data protection is best managed from the centre

Become the ruler of all you survey

'Mummy, what's felching?' Tot gets smut served by Android app

Google’s Play Store fails again

The Register - Independent news and views for the tech community. Part of Situation Publishing