News

Shadow foreign secretary says work is visibly overdue

The shadow foreign secretary for UK's opposition Labour party, David Lammy MP, has asked why the reform of the Computer Misuse Act appears to have stalled in an open letter to government.…

Don’t just worry about today, get ready for tomorrow

Paid Feature  Ask a Network or Security Manager if their network is secure, and the answer - typically - is “yes, of course”. So says Andrew Want, Chief Technologist at Trustmarque, the UK value-add services firm.…

Aims to make life harder for miscreants

Microsoft Office will soon block untrusted Visual Basic for Applications (VBA) macros sourced from the internet by default – a security measure users can still circumvent, permissions allowing.…

Tune in this week and find out

Webinar  Microsoft 365 has all the tools you need to run your organization in the cloud, from personal productivity to group collaboration, to advanced analytics and security management.…

FCC budget to rip and replace Huawei and ZTE kit was $1.9B. It received $5.6B of applications

The United States Federal Communications Commission has revealed that carriers have applied for $5.6 billion in funding to rip and replace China-made communications kit.…

Read all about it – Beijing probably already has

Online work accounts of News Corporation journalists were broken into by snoops seemingly with ties to China, it was claimed today.…

Craft Helm chart, receive secrets

A zero-day vulnerability in open-source Kubernetes development tool Argo lets malicious people steal passwords from git-crypt and other sensitive information by simply uploading a crafted Helm chart.…

Failure to validate input in DeFi code let attacker mint money

Wormhole, a protocol for connecting different blockchains, lost about $320m worth of Ether (ETH), thanks to poorly crafted code.…

Are we nearly there yet?

Officials from the EU and US are nearing a solution in long-running negotiations over transatlantic data sharing.…

Spoof site looks real because it is... but you're not talking to who you think

In the beginning we had passwords. Their hackability made a lot of people very angry and passwords were widely regarded as a bad move. Then we had two-factor authentication – and now Proofpoint reckons criminals online are able to start bypassing them with transparent reverse proxies.…

Linux and mobile coming soon

Cloud directory specialist JumpCloud is moving into the crowded patch management market with an extension to its platform to automate patch updates.…

This webinar shows you how to keep a lookout for internal data leaks

Paid Post  Is the biggest threat to your data a mysterious ransomware merchant or an advanced persistent threat cartel?…

Firm doesn't know when it'll restart salty goodness deliveries

Some of Britain's favourite pub munch could end up in short supply after KP Snacks, makers of nuts and crisps, suffered a ransomware attack.…

Oh what a problem to have

Fresh from years of complaining about underfunding and not having enough staff to deal with problems, infosec bods are now complaining that corporate execs merely firehose cash at them without getting their own hands dirty or engaging with the problem.…

ICO says Home2Sense showed 'complete disregard for people's privacy'

Home2Sense Ltd, a home improvement biz, is nursing a £200,000 financial penalty from the UK's data watchdog for making well over half a million marketing calls to people that registered to opt out of such botheration.…

Currently investigating over 2,000 attacks on US targets – new file every 12 hours

US Federal Bureau of Investigation director Christopher Wray has named China as the source of more cyber-attacks on the USA than all other nations combined.…

WhiteSource says it spotted 1,300 malicious JavaScript packages in 2021 alone

Malware gets spotted in GitHub's npm registry every few months, elevating concerns about the software supply chain until attention gets diverted and worries recede until the next fire drill.…

Patch now

An exploit in Samba 4 allowed remote code as root due to a bug in its support for Mac clients. It's fixed in 4.13.17, 4.14.12 and 4.15.5, and in case you can't update, there are patches.…

Terror watchdog is a bad model to follow, though

Even think tanks with close links to the UK's Conservative government are now criticising the Online Safety Bill, with the Institute of Economic Affairs (IEA) describing it today as "a significant threat to freedom of speech, privacy and innovation."…

Researcher tells world after being stonewalled

There is a live cross-site scripting (XSS) vulnerability in takedowns website DMCA-dot-com's user interface. It's existed for more than a year and the site's operators don't appear to be interested in fixing it.…