Wednesday, April 21, 2021

Firefox 88 patches bugs and kills off a sneaky JavaScript tracking trick

What's in a window name? Turns out that it could be a sneaky tracking code, so Firefox has put a stop to that.

Naked Security Live – To hack or not to hack?

Latest video - watch now! We look at the recent FBI "webshell hacking" controversy from both sides.

Serious Security: Rowhammer is back, but now it’s called SMASH

Simply put: reading from RAM in your program could write to RAM in someone else's

S3 Ep28.5: Hacking back – is attack an acceptable form of defence? [Podcast]

Listen now - and have your say on this divisive issue in our comments!

FBI hacks into hundreds of infected US servers (and disinfects them)

Hacking for good! A judge said I could!

IoT bug report claims “at least 100M devices” may be impacted

The programmers among us are learning... but not always quickly enough, it seems. Here's some food for coding thought...

Apple and Google block official UK COVID-19 app update

UK coronavirus app update apparently included "feature creep" that's explicitly prohibited by Apple's and Google's programming rules.

Naked Security Live – How to spot “government” scammers

Latest episode - watch now, and please share with your friends and family!

Pwn2Own 2021: Zoom, Teams, Exchange, Chrome and Edge “fully owned”

Two lucky winners scooped $200k for just 30 minutes' work - if you don't count the days, weeks and months of meticulous effort beforehand

Italian charged with hiring “dark web hitman” to murder his ex-girlfriend

Fortunately, this suspect wasn't as anonymous as he thought...
The Register

Japan accuses Chinese military of cyber-attacks on its space agency

200 other companies also targeted, but no data lost Japan has accused a member of the Chinese Communist Party of conducting cyber-attacks on its space agency and 200 other local entities.…
The Register

Japan accuses Chinese military of cyber-attacks on its space agency

200 other companies also targeted, but no data lost Japan has accused a member of the Chinese Communist Party of conducting cyber-attacks on its space agency and 200 other local entities.…

Tool links email addresses to Facebook accounts at scale

Enlarge (credit: Getty Images) Still smarting from last month’s dump of phone numbers belonging to 500 million Facebook users, the social media giant has a new privacy crisis to contend with: a tool that, on a mass scale,...
SC Magazine

With details sparse, vendors scramble to make sense of Biden 100-day grid security plan

The Biden administration launched what it called a “bold” 100-day sprint to improve the cybersecurity of electric utilities on Tuesday. The plan was not released in full to the public, or to many vendors who might be instrumental in...
The Register

China broke into govt, defense, finance networks via zero-day in Pulse Secure VPN gateways? No way

Crucial flaw won't be fixed until next month Dozens of defense companies, government agencies, and financial organizations in America and abroad appear to have been compromised via vulnerabilities in their Pulse Connect Secure VPN appliances – including a zero-day...