Bug? Feature? Power users baffled as BitLocker update switch-off continues
Microsoft claims issue confined to older kit Three months on, users continue to report that Microsoft's BitLocker disk encryption technology turns itself off during security updates.…
Microsoft ‘kills’ passwords, throws up threat manager, and APIs Graph Security
Cloud lineup gets security overhaul with 2FA and new monitoring tools Ignite Microsoft is beefing up the security in its cloud services lineup with a handful of unveilings today at this year's Ignite conference.…
Baddies just need one email account with clout to unleash phishing hell
Third parties realised uni was compromised before uni did A single account compromise at an unnamed "major university" in the UK led to a large-scale phishing attack against third parties, according to data protection outfit Barracuda Networks.…
Some credential-stuffing botnets don’t care about being noticed any more
They just take a battering ram to the gates The bots spewing out malicious login attempts by the bucketload appear to have cranked it up a notch.…
The curious sudden rise of free US election ‘net security guardians
There is no such thing as a gratis lunch, after all Analysis Nothing super-fuels a security sales pitch like the sort of threat it’s hard to ignore.…
Virus screener goes down, Intel patches more chips, Pegasus government spying code spreads across globe
Plus: Gov pay sites take a dive, and more Roundup When we weren't dealing with malware bricked-breweries, poorly-wiped servers or litigious vendors, we had a number of other security headaches to keep busy with.…
Twitter: Don’t panic, but we may have leaked your DMs to rando devs
Internet outrage mobile insists year-long API bug would have been super-hard to exploit Twitter is in full damage control mode after disclosing that it may have inappropriately exposed some unlucky twits' private tweets and direct messages to strangers.…
Couldn’t give a fsck about patching? Well, that’s your WordPress website pwned, then
CMS vulnerabilities getting hammered by cyber-fiends Website admins are urged to update their WordPress installations as soon as possible to the latest version following a rash of attacks exploiting known vulnerabilities in the web publishing software.…
Enigma message crack honours pioneering Polish codebreakers
Plus: The Reg chats to wartime Bombe operator Ruth Bourne The Bombe team at The National Museum Of Computing has succeeded in breaking an Enigma-encrypted message in a live Poland-to-England demo.…
Scottish brewery recovers from ransomware attack
Trouble ferments after hackers lock system and Arran with it Staff at Arran Brewery were locked out of its computer systems this week following a ransomware attack.…
Never mind Brexit. UK must fling more £billions at nuke subs, say MPs
New boats, decommissioning old ones, skills shortage... The Ministry of Defence has too many too many bigshots and not enough grunts – or cash – to reliably keep Britain’s nuclear deterrent hiding beneath the ocean waves, according to Parliament’s...
Dead retailer’s ‘customer data’ turns up on seized kit, unencrypted and very much for sale
Infosec bod claims he glimpsed sensitive personal info left on unwiped servers Servers that once belonged to defunct Canadian gadget retailer NCIX turned up on the second-hand market without being wiped – and their customer data sold overseas –...
Guilty: The Romanian ransomware mastermind who infected Trump inauguration CCTV cams
Mediocre malware operator 'fesses up to DC infection A Romanian woman has admitted running a ransomware operation from infected Washington DC's CCTV systems just days before President Trump was sworn into office in the US capital.…
Microsoft’s Jet crash: Zero-day flaw drops after deadline passes
Don't click on the link, people – well, people using the database on a vulnerable installation The Zero Day Initiative has gone public with an unpatched remote-code execution bug in Microsoft's Jet database engine, after giving Redmond 120 days...
Microsoft’s Jet crash: Zero-day flaw drops after deadline passes
Don't click on the link, people – well, people using the database on a vulnerable installation The Zero Day Initiative has gone public with an unpatched remote-code execution bug in Microsoft's Jet database engine, after giving Redmond 120 days...
Developer goes rogue, shoots four colleagues at ERP code maker
Shooter dead and now named by cops, one worker in critical condition, two serious Cops have named the programmer who went on a gun rampage at WTS Paradigm – a US maker of enterprise resource planning software – this...
NSS Labs fires anti-malware testing lawsuit
Alleges CrowdStrike, Symantec, ESET and Anti-Malware Testing Standards Organization collusion NSS Labs has thrown a hand grenade into the always fractious but slightly obscure world of security product testing by suing multiple vendors as well as an industry standards...
No, that Sunspot Solar Observatory didn’t see aliens. It’s far more grim
Janitor probed over child sex abuse image allegations, facility reopens On September 6, the Sunspot Solar Observatory in New Mexico, USA, was evacuated and sealed off without explanation, sparking wild conspiracy theories as to why.…
No, Sunspot Solar Observatory didn’t see aliens
Janitor nabbed over child porn images, facility re-opens On September 6, the Sunspot Solar Observatory in New Mexico was evacuated and sealed off without explanation, sparking wild conspiracy theories as to why.…
Securing industrial IoT passwords: For Pete’s sake, engineers, don’t all jump in at once
If the networked kit needs to work for 10 years, you need to think policy Cybersecurity has become an increasing priority in operations technology thanks to the growing appetite for the industrial internet of things.…
Breach at US Retailer SHEIN Hits Over Six Million Users
Breach at US Retailer SHEIN Hits Over Six Million UsersUS fashion retailer SHEIN has admitted suffering a major breach affecting the personal information of over six million customers.
The women’s clothing company revealed at the end of last week that...
Bug? Feature? Power users baffled as BitLocker update switch-off continues
Microsoft claims issue confined to older kit Three months on, users continue to report that Microsoft's BitLocker disk encryption technology turns itself off during security updates.…
UK issues first-ever GDPR notice in connection to Facebook data scandal
Canadian firm AggregateIQ, linked to the Facebook & Cambridge Analytica data scandal, is the first to be put on notice.
Symantec Completes Internal Accounting Investigation
Symantec announced on Monday that it has completed its internal accounting audit, and while some issues have been uncovered, only one customer transaction has an impact on financial statements.
read more
Are Colleges Teaching Real-World Cyber Security Skills?
The cybersecurity skill shortage is a well-recognized industry challenge, but the problem isn’t that there are too few people rather that many of them lack suitable skills and experience. Cybersecurity is a fast-growing profession, and talented graduates are in...
