News
Labour reminds UK.gov that it's supposed to be reforming the Computer Misuse Act
The shadow foreign secretary for UK's opposition Labour party, David Lammy MP, has asked why the reform of the Computer Misuse Act appears to have stalled in an open letter to government.…
Experience is really everything with SASE
Paid Feature Ask a Network or Security Manager if their network is secure, and the answer - typically - is “yes, of course”. So says Andrew Want, Chief Technologist at Trustmarque, the UK value-add services firm.…
Microsoft to block downloaded VBA macros in Office – you may be able to run 'em anyway
Microsoft Office will soon block untrusted Visual Basic for Applications (VBA) macros sourced from the internet by default – a security measure users can still circumvent, permissions allowing.…
Microsoft 365 gives you the tools to run your business. But where are the tools to protect it?
Webinar Microsoft 365 has all the tools you need to run your organization in the cloud, from personal productivity to group collaboration, to advanced analytics and security management.…
US carriers want to junk three times more Chinese comms kit than planned
The United States Federal Communications Commission has revealed that carriers have applied for $5.6 billion in funding to rip and replace China-made communications kit.…
Suspected Chinese spies break into cloud accounts of News Corp journalists
Online work accounts of News Corporation journalists were broken into by snoops seemingly with ties to China, it was claimed today.…
Open-source Kubernetes tool Argo CD has a high-severity path traversal flaw: Patch now
A zero-day vulnerability in open-source Kubernetes development tool Argo lets malicious people steal passwords from git-crypt and other sensitive information by simply uploading a crafted Helm chart.…
That's a signature move: How $320m in Ether was stolen from crypto biz Wormhole
Wormhole, a protocol for connecting different blockchains, lost about $320m worth of Ether (ETH), thanks to poorly crafted code.…
Privacy Shield: EU citizens might get right to challenge US access to their data
Officials from the EU and US are nearing a solution in long-running negotiations over transatlantic data sharing.…
Phishing kits' use of man-in-the-middle reverse proxies is growing, warns Proofpoint
In the beginning we had passwords. Their hackability made a lot of people very angry and passwords were widely regarded as a bad move. Then we had two-factor authentication – and now Proofpoint reckons criminals online are able to start bypassing them with transparent reverse proxies.…
JumpCloud joins the patch management crowd, starting with Windows and Mac updates
Cloud directory specialist JumpCloud is moving into the crowded patch management market with an extension to its platform to automate patch updates.…
Ransomware is terrifying – but never underestimate the damage an employee with unmonitored access can do
Paid Post Is the biggest threat to your data a mysterious ransomware merchant or an advanced persistent threat cartel?…
KP Snacks hit by ransomware: Crisps and nuts firm KO'd by modern scourge
Some of Britain's favourite pub munch could end up in short supply after KP Snacks, makers of nuts and crisps, suffered a ransomware attack.…
Execs keep flinging money at us instead of understanding security, moan infosec pros
Fresh from years of complaining about underfunding and not having enough staff to deal with problems, infosec bods are now complaining that corporate execs merely firehose cash at them without getting their own hands dirty or engaging with the problem.…
Welsh home improvement biz fined £200,000 over campaign of 675,478 nuisance calls
Home2Sense Ltd, a home improvement biz, is nursing a £200,000 financial penalty from the UK's data watchdog for making well over half a million marketing calls to people that registered to opt out of such botheration.…
FBI says more cyber attacks come from China than everywhere else combined
US Federal Bureau of Investigation director Christopher Wray has named China as the source of more cyber-attacks on the USA than all other nations combined.…
Worried about occasional npm malware scares? They're more common than you may think
Malware gets spotted in GitHub's npm registry every few months, elevating concerns about the software supply chain until attention gets diverted and worries recede until the next fire drill.…
Remote code execution vulnerability in Samba due to macOS interop module
An exploit in Samba 4 allowed remote code as root due to a bug in its support for Mac clients. It's fixed in 4.13.17, 4.14.12 and 4.15.5, and in case you can't update, there are patches.…
UK think tank proposes Online Safety Bill reviewer to keep tabs on Ofcom decisions
Even think tanks with close links to the UK's Conservative government are now criticising the Online Safety Bill, with the Institute of Economic Affairs (IEA) describing it today as "a significant threat to freedom of speech, privacy and innovation."…
DMCA-dot-com XSS vuln reported in 2020 still live today and firm has shrugged it off
There is a live cross-site scripting (XSS) vulnerability in takedowns website DMCA-dot-com's user interface. It's existed for more than a year and the site's operators don't appear to be interested in fixing it.…
Pages
