News

It's a juicy market that welcomes foreign investment, National development boss reminds Tim Cook

Senior Chinese government officials have urged Apple CEO Tim Cook to improve the security and privacy features of his company's products.…

Issue identified in February but owners of older kit weren't warned

Happy belated Patch Tuesday from Cupertino: Apple has issued security updates for almost every piece of code it slings - including a fix for a vulnerability in older iOS devices the iGiant believes is under attack right now.…

Starting to see a pattern here? Judge seems to think so

Google Chat histories handed over by the web giant in ongoing Android antitrust litigation reveal the biz has been systematically destroying evidence, according to those suing the big G.…

Executive Order has loopholes for government spyware or American-made commercial spyware

US president Joe Biden on Monday issued an Executive Order on Prohibition on Use by the United States Government of Commercial Spyware that Poses Risks to National Security – a title that is not quite as simple it seems.…

In addition to $100k given to LockBit

New York law firm Heidell, Pittoni, Murphy and Bach (HPMB) has agreed to pay $200,000 to settle a data-breach lawsuit related to the now-notorious Hafnium Microsoft Exchange attacks that siphoned sensitive data from victims around the world. …

Plus OIG finds Uncle Sam fibbed over Login.gov

In brief  A team of hackers from French security shop Synacktiv have won $100,000 and a Tesla Model 3 after subverting the Muskmobile's entertainment system, and from there opening up the car's core management systems.…

ByteDance with the devil if you dare

Opinion  As country after country bans TikTok from official systems, it’s fair to ask what’s so dodgy about a social network filled with dance crazes, makeup advice and cats.…

Not a headline we expected to write today

American cybersecurity officials have released an early-warning system to protect Microsoft cloud users.…

Getting connection failures? Don't panic. Get new keys

Github has updated its SSH keys after accidentally publishing the private part to the world. Whoops.…

Liberté, égalité, reconnaissance faciale for all

Despite the opposition of 38 civil society groups, the French National Assembly has approved the use of algorithmic video surveillance during the 2024 Paris Olympics.…

'Hunt forward' teams of this sort aid with defense and learn how attackers like Tehran operate

US Cyber Command operators have confirmed they carried out an online defensive mission in Albania, in response to last year's cyber attacks against the local government.…

Security researchers find bugs, big and small, in every industrial box probed

Devices used in critical infrastructure are riddled with vulnerabilities that can cause denial of service, allow configuration manipulation, and achieve remote code execution, according to security researchers.…

Protection from business email compromise

Webinar  In the distant past, a master forger with a quill could fake a signature on the end of a letter but at least then you had time to consider the potential for fraud before any damage could be done. In the digital age of email, it's increasingly hard to spot a scam's threat to your security and react in time.…

Terminal maker General Bytes shutters its cloud business after second breach in seven months

Unidentified miscreants have siphoned cryptocurrency valued at more than $1.5 million from Bitcoin ATMs by exploiting an unknown flaw in digicash delivery systems.…

All aboard the chatbot hype train! Next stop: Fraud

Google has removed a ChatGPT extension from the Chrome store that steals Facebook session cookies – but not before more than 9,000 users installed the account-compromising bot.…

Didn't disclose payments as mastermind pumped up value of tokens with fake trades

Eight very B-list celebrities have agreed to cough up fines after being accused of shilling a cryptocurrency without disclosing they were paid to do so, while the chap who paid them has been charged with fraud.…

British American Tobacco, Samsung, also burgered up their infosec

South Korea's Personal Information Protection Commission has fined McDonald's, British American Tobacco, and Samsung for privacy breaches.…

Maybe this is deserved given the problem's in a hidden telnet service

Public proof-of-concept exploits have landed for bugs in Netgear Orbi routers – including one critical command execution vulnerability. …

Now that's a flash bang

Police in Ecuador are investigating attacks on media organizations across the country after a journalist was injured by an exploding USB flash drive.…

Country's super strong data rights under magnifying glass after half a dozen complaints filed

Remember the Who Targets Me browser extension from privacy activists at Noyb? The group yesterday filed explosive complaints based on log records from the extension that claim six of Germany's political parties broke European data law when they targeted voters on Facebook's adtech platform.…