News

Publications across 25 states either producing smaller issues or very delayed ones

US newspaper publisher Lee Enterprises is one week into tackling a nondescript "cybersecurity event," saying the related investigation may take "weeks or longer" to complete.…

High starting salaries promised after public sector infosec pay criticized

The UK's Ministry of Defence (MoD) is fast-tracking cybersecurity specialists in a bid to fortify its protection against increasing attacks.…

Order requires destruction of departmental data accessed by Musky men

Trump administration policies that allowed Elon Musk's Department of Government Efficiency to access systems and data at the Bureau of the Fiscal Service (BFS) have left the org “more vulnerable to hacking” according to Paul A. Engelmayer, Judge of the United States District Court for the Southern District of New York.…

With over 2,000 banks in operation, a domain only they can access has clear potential to make life harder for fraudsters

India’s Reserve Bank last week announced a plan to use adopt dedicated second-level domains – bank.in and fin.in – in the hope it improves trust in the financial services sector.…

PLUS: Spanish cops think they've bagged NATO hacker; HPE warns staff of data breach; Lazy Facebook phishing, and more!

Infosec In Brief  DeepSeek’s iOS app is a security nightmare that you should delete ASAP, according to researchers at mobile app infosec platform vendor NowSecure.…

PLUS: Japan shifts to pre-emptive cyber-defense; Thailand cuts cords connecting scam camps; China to launch 'moon hopper' in 2026; and more!

Asia In Brief  Huawei chair Liang Hua last week told a conference in China that the company expects to meet its revenue targets for 2024, meaning it earned around ¥860 billion ($118.25 billion) – 22 percent growth compared to its 2023 result.…

Blighty’s latest stab at encryption? A secret order to pry open iCloud, sources claim

The UK's Home Office refuses to either confirm or deny reports that it recently ordered Apple to create a backdoor allowing the government to access any user's cloud data.…

Freshly minted organization aims to take the guesswork out of incident severity for insurers and policy holders

A world-first organization assembled to categorize the severity of cybersecurity incidents is up and running in the UK following a year-long incubation period.…

OCR plugin great for extracting crypto-wallet secrets from galleries

Kaspersky eggheads say they’ve spotted the first app containing hidden optical character recognition spyware in Apple’s App Store. Cunningly, the software nasty is designed to steal cryptocurrency.…

35% drop in payments across the year as your backups got better and law enforcement made a difference

Ransomware extortion payments fell in 2024, according to blockchain analyst biz Chainalysis this week.…

Fourth time’s the harm?

Gravy Analytics has been sued yet again for allegedly failing to safeguard its vast stores of personal data, which are now feared stolen. And by personal data we mean information including the locations of tens of millions of smartphones, coordinates of which were ultimately harvested from installed apps.…

Lawsuit: 'Scale of intrusion into individuals' privacy is massive and unprecedented'

Elon Musk's Department of Government Efficiency has had its access to US Treasury payment systems restricted - at least temporarily - following a lawsuit from advocacy groups and unions.…

Are cybersecurity roles included? Are Elon's enforcers vetted? Inquiring minds want to know

Elected officials are demanding answers as to whether the Trump administration and Elon Musk's Department of Government Efficiency (DOGE) are hamstringing US national security.…

Are you trying to make this easy for China and Russia?

Who bought it, who installed it, and what's happening with the data on it.…

Don't laugh: The $4.5m fine proposed for carrier Telnyx shows how the Trump administration will run its comms regulator

In its first enforcement action of the Trump presidency, the FCC has voted to propose fining Telnyx $4,492,500 – after scammers pretending to be the watchdog's staff started calling actual FCC staffers via the VoIP telco.…

Some worry multi-lang codebase makes it harder to maintain open source uber-project, others disagree

Developers trying to add Rust code to the Linux kernel continue to face opposition from kernel maintainers who believe using multiple languages is an unwelcome and risky complication.…

Nothing to see here, just a 'special government employee' doing his job

The US Treasury Department has assured Congress that a "special government employee" associated with Elon Musk's Department of Government Efficiency (DOGE) has "read-only" access to vital federal government payment systems that disburse trillions of dollars annually.…

International security squads all focus on stopping baddies busting in through routers, IoT kit etc

Netgear is advising customers to upgrade their firmware after it patched two critical vulnerabilities affecting multiple routers.…

Mountain View clocked onto the scheme with days to spare

A Chinese national faces a substantial stint in prison and heavy fines if found guilty of several additional charges related to economic espionage and theft of trade secrets at Google.…

Malicious microcode vulnerability discovered, fixes rolling out for Epycs at least

Googlers have not only figured out how to break AMD's security – allowing them to load unofficial microcode into its processors to modify the silicon's behavior as they wish – but also demonstrated this by producing a microcode patch that makes the chips always output 4 when asked for a random number.…