Discover and connect with journalists and influencers around the world, save time on email research, monitor the news, and more.
Recent: |
|
Past: |
|
Proposed replacement for /dev/random promises to double performance and add flexibility → Read More
Technical experts ensure security exploits are grounded in reality → Read More
Hot fuzz UPDATE (Nov 27; 09:40 UTC) North Yorkshire Police’s Digital Investigation & Intelligence Unit has defended the actions of the security researcher in dismissing the City of York’s data breach report. “We are aware of the York ‘data breach’ but please be reassured we don’t regard this incident as criminal,” it said in an update to its official Twitter account. “We recognise the… → Read More
The UK's National Cyber Security Centre and its western intel pals have today put out a report spotlighting the most commonly wielded hacking utilities. The study sets out five categories of publicly available hacking tools used by crims, spies and hacktivists worldwide. The list won't come as too much of a surprise to penetration testers but is nonetheless valuable for its intended audience of… → Read More
The majority (72 per cent) of FTSE 100 firms are vulnerable to DNS attacks, nearly two years after the major Dyn outage. A similar three in five of the top 50 companies listed in the Fortune 500 are also ill-prepared for an attack similar to the Mirai botnet-powered assault against Dyn that left much of the web unreachable in late October 2016. A large minority (44 per cent) of the top 25 SaaS… → Read More
Delay 'in the overall best interest' of Firefox users → Read More
Comparing Middle Kingdom's hacker forums to Russia's? Apples and pears → Read More
Employee benefits firm Sodexo has suffered a data breach exposing personal info believed to include names, email addresses and home addresses after its UK Engage unit’s internal IT systems were hit by malware. In the wake of the breach, Sodexo pulled Engage's staff-facing retail discount and perks website lifestylehub.co.uk offline "after receiving some reports that users of this platform have… → Read More
Customer ratings plugin treated to a malicious rewrite to swipe entered banking info → Read More
Hundreds of high-profile websites are still unprepared for the total disavowal of legacy Symantec-issued digital certificates that will kick in with the release of Chrome 70 next week. Chrome 70, out on 16 October, will no longer recognise Symantec-issued certificates including legacy-branded Equifax, GeoTrust, RapidSSL, Thawte and VeriSign. Next week's deadline completes a withdrawal of support… → Read More
Security experts confounded by consumer org's assessment → Read More
Russia hits back: Do not 'swallow these provocations' → Read More
The UK government this morning pointed the finger at Russian military intelligence for a litany of cyber nasties. In the bulletin, the UK government's National Cyber Security Centre (NCSC) declared that a range of attacks blamed on the Kremlin are actually the work of Russian military intelligence, GRU. This comes in the wake of long-standing concerns that Russia was breaking international norms… → Read More
Along came some spiders and saw the unsubscribers... → Read More
Alphabet-owned VT upgraded for corporate threat hunters → Read More
A UEFI rootkit, believed to have been built by Kremlin spies from an anti-thief software program to snoop on European governments, has been publicly picked apart by researchers. A rootkit is a piece of software that hides itself on computer systems, and uses its root or administrator-level privileges to steal and alter documents, spy on users, and cause other mischief and headaches. A UEFI… → Read More
Researchers check bootstrap enrolment tech, suck teeth, whistle → Read More
A Linux kernel vulnerability that can only be exploited locally is nonetheless proving a bit of a nuisance. It's a classic local privilege escalation bug, dubbed CVE-2018-14634, and lets an intruder or logged-in rogue user obtain root-level control over the machine. Eggheads at cloud security biz Qualys discovered the programming blunder, which stems from an integer overflow in the open-source… → Read More
UK-based insurance services firm Premium Credit has hauled itself back online following a malware-based attack that struck the business more than a week ago. Premium Credit underwrites insurance premiums for a network of brokers, business and personal customers and has 400 staffers across the UK and Ireland. In a statement on its website yesterday that accompanied its return after nine days… → Read More
Use of vulnerable open source components has doubled over the last year despite their role in the high profile Equifax mega-breach. Sonatype’s fourth annual Software Supply Chain Report, published on Tuesday (available here, registration required), revealed a 120 per cent rise in the use of vulnerable open source components over the last 12 months. Miscreants have even started to inject (or… → Read More