Tutanota cries ‘censorship!’ after secure email biz blocked – for real this time – in Russia
Move over, there's plenty of room on Putin's naughty step Fresh from last week's controversy with a US telco, German secure email biz Tutanota has declared today that the Russian authorities have pulled the plug on its services.…
Severe vuln in WordPress plugin Profile Builder would happily hand anyone the keys to your kingdom
Remote attackers were able create their own admin accounts A vulnerability in a popular WordPress user role plugin lets any random person create an admin-level account on targeted websites.…
It is with a heavy heart we must inform you, once again, folks are accidentally spilling thousands of sensitive pics, records onto the internet
Plus: Iranians accused of hacking IT service providers to get at their customers Roundup Everything is insecure and everything is broken, exhibits A through Z:…
Roses are red, IBM is Big Blue. It’s out of RSA Conference after coronavirus review
Who’ll join the IT giant in staying away from San Francisco? IBM has confirmed that it will not be attending the RSA Conference in San Francisco at the end of this month because of fears of catching COVID-19 from...
Google burns down more than 500 private-data-stealing, ad-defrauding Chrome extensions installed by 1.7m netizens
Malvertising campaign makes big bucks for online criminals Google has removed more than 500 Chrome extensions in response to a report from a security researcher, who found the browser plugins distributed through the Chrome Web Store facilitated ad fraud...
Austrian foreign ministry: ‘State actor’ hack on government IT systems is over
Russia denies claims from well-informed broadcaster that it was homegrown Turla malware baddies Austria's foreign ministry has said a weeks-long cyber attack from a "state actor" against its systems has ended – amid local reports that pin the blame...
Call us immediately if your child uses Kali Linux, squawks West Mids Police
Maybe stick to walking the beat instead of infosec advice, eh? The National Crime Agency has publicly distanced itself from a poster urging parents to call police if their child has installed Kali Linux, Tor or – brace yourself...
AT&T insists it’s not blocking Tutanota after secure email biz calls foul, cites loss of net neutrality as cause
Monster telco says it's working to resolve whatever's going on Encrypted email service Tutanota on Thursday accused US mega-telco AT&T of blocking its service in some parts of America, and cited the service interruption, ongoing for more than two...
Voatz of no confidence: MIT boffins eviscerate US election app, claim fiends could exploit flaws to derail democracy
Shoddy code allegations are just FUD, software maker insists Only a week after the mobile app meltdown in Iowa's Democratic Caucus, computer scientists at MIT have revealed their analysis of the Voatz app used in West Virginia's 2018 midterm...
A dirty dozen of Bluetooth bugs threaten to reboot, freeze, or hack your trendy gizmos from close range
Over the air? More like over the aarrrggghhh A trio of boffins at Singapore University this week disclosed 12 security vulnerabilities affecting the Bluetooth Low Energy (BLE) SDKs offered by seven system-on-a-chip (SoC) vendors.…
Netgear’s routerlogin.com HTTPS cert snafu now has a live proof of concept
And the company reaction is: not even 'meh' An infosec researcher has published a JavaScript-based proof of concept for the Netgear routerlogin.com vulnerability revealed at the end of January.…
If you’re running Windows, I feel bad for you, son. Microsoft’s got 99 problems, better fix each one
Meanwhile, we're still squashing bugs in Adobe Flash Player... plus stuff from Intel and SAP Patch Tuesday It's going to be a busy month for IT administrators as Microsoft, Intel, Adobe, and SAP have teamed up to deliver a...
B-but it doesn’t really get viruses! Not so, Apple fanbois: Mac malware is growing faster than nasties targeting Windows
So says Malwarebytes, anyway Software nasties targeted at MacOS are on the increase faster than ones for Windows, according to antivirus biz Malwarebytes.…
Crypto AG backdooring rumours were true, say German and Swiss news orgs after explosive docs leaked
One for the Cold War infosec veterans: CIA and BND literally owned the firm Swiss encryption machine company Crypto AG was secretly owned by the US CIA and a West German spy agency at the height of the Cold...
Tens of millions of biz Dell PCs smacked by privilege-escalation bug in bundled troubleshooting tool
If you don't have auto-update switched on, time to patch Dell has copped to a flaw in SupportAssist – a Windows-based troubleshooting program preinstalled on nearly every one of its newer devices running the OS – that allows local...
Sensitive plastic surgery images exposed online
Researchers at VPN advisory company vpnMentor have found yet another online data exposure caused by a misconfigured cloud database.
Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs
A lack of proper code-signing verification and authentication for firmware updates opens the door to information disclosure, remote code execution, denial of service and more.
12 hottest new cybersecurity startups at RSA 2020
Starting on February 24, the RSA Conference (RSAC) 2020 gives security vendors old and new a chance to demonstrate their capabilities. The event has become an attractive venue for startups to make their debut. This year’s crop will be...
Hundreds of Millions of PC Components Still Have Hackable Firmware
The lax security of supply chain firmware has been a known concern for years—with precious little progress being made.
Remote Wipe Plugin Bug Hits 200,000+ WordPress Sites
Remote Wipe Plugin Bug Hits 200,000+ WordPress SitesSecurity researchers are warning of a new plugin vulnerability which is exposing over 200,000 WordPress sites to the risk of being remotely wiped by an attacker.
The problem lies with versions 1.3.4 and...
