Ransomware drops the Lillehammer on Norsk Hydro: Aluminium giant forced into manual mode after systems scrambled
Norway the power and metals wrangler could have seen this one coming Norwegian power and metals giant Norsk Hydro is battling an extensive ransomware infection on its computers.…
Sorry, Linux. We know you want to be popular, but cyber-crooks are all about Microsoft for now
Oh, and Flash! Arrrrrggghhh Eight out of the ten most exploited vulnerabilities tracked by threat intelligence biz Recorded Future in 2018 targeted Microsoft products – though number two on its list was, surprise surprise, a Flash flaw.…
PuTTY in your hands: SSH client gets patched after RSA key exchange memory vuln spotted
Bunch of bugs stomped with version 0.71 Venerable SSH client PuTTY has received a pile of security patches, with its lead maintainer admitting to the The Register that one fixed a "'game over' level vulnerability".…
Bandersnatch to gander snatched: Black Mirror choices can be snooped on, thanks to privacy-leaking Netflix streams
Interactive entertainment tells on itself despite encryption Boffins have found a side channel to observe the choices netizens make when viewing interactive streaming videos.…
Bad cup of Java leaves nasty taste in IBM Watson’s ‘AI’ mouth: Five security bugs to splat in analytics gear
Worst brew than that time El Reg went on a road trip and stopped at a Denny's IBM has issued a security alert over five vulnerabilities in its golden boy Watson analytics system.…
This headline is proudly brought to you by wired keyboards: Wireless Fujitsu model hacked
If you have an LX901, you are at risk of mild embuggerance A German security researcher has revealed that one model of Fujitsu wireless keyboard will accept unauthenticated input, despite the presence of AES-128 encryption.…
Lone staffer killed our shields, claims etailer Gearbest after infosec bods peep at user deets
Whether it's 1.5m or 280k exposed, it's not a great look Researchers working for VPNMentor have accused Chinese e-commerce site Gearbest of storing user information in "completely unsecured" Elasticsearch databases after discovering "1.5 million records" which they were able...
Karpeles walks, Google and Microsoft board up Windows hole, and Android AV still sucks
Plus, BlackBerry wants to be Uncle Sam's go-to security firm, thousands of legal docs pill online, and more Roundup Last week we saw a conservative app exposed, the revelation of Beto's hacker past, and the rise of Slub.…
UK code breakers drop Bombe, Enigma and Typex simulators onto the web for all to try
You have to run GCHQ code? Nice try, spy guys UK signals intelligence agency GCHQ, celebrating its centenary, has released emulators for famed World War II-era cipher machines that can be run within its web-based educational encryption app CodeChef.…
Q&A: Crypto-guru Bruce Schneier on teaching tech to lawmakers, plus privacy failures – and a call to techies to act
'Politicians are reluctant to disrupt the enormous wealth creation machine technology has turned out to be' RSA Politicians are, by and large, clueless about technology, and it's going to be up to engineers and other techies to rectify that,...
What was that P word? Ah. Privacy. Yes, we’ll think about privacy, says FCC mulling cellphone location data overhaul
Commissioners still doing their best to ignore bounty hunter stalking scandal Analysis America's comms regulator has finally pinky-promised to at least consider people's privacy when it looks into how cellphone location data can be made more accurate.…
Beto O’Dork: White House hopeful O’Rourke was a member of America’s top hacking crew Cult of Dead Cow
Revealed: Dem golden boy's past as BBS-dwelling l33t teen Newly minted US presidential hopeful Beto O'Rourke says he was a member of Cult of the Dead Cow, one of the most legendary hacking groups in cyber-history.…
Welcome. You’re now in the timeline in which US presidential hopeful Beto was a member of a legendary hacking crew
From O'Dork to O'Rourke: Dem golden boy's past as BBS-dwelling l33t teen revealed Newly minted US presidential hopeful Beto O'Rourke says he was a member of Cult of the Dead Cow, one of the most legendary hacking groups in...
Public spending watchdog snipes at UK.gov’s £1.3bn infosec plan – but broadly nods it through
Less hiding behind 'national security' to hush up failures, please Britain's Cabinet Office (CO) hasn’t quite bungled the National Cyber Security Programme (NCSP) but it could certainly be doing things a lot better, the National Audit Office said today.…
So you need an IT security center. Fret not: Let an automated solution take the strain
Comarch offers all-in-one infrastructure monitoring Promo Today's businesses are so heavily dependent on their IT infrastructure that the slightest disruption in service can incur damaging losses.…
Don’t be a WordPress RCE-hole and patch up this XSS vuln, pronto
Not on 5.1.1? You should be A newly revealed vuln in the open-source CMS WordPress allows an unauthenticated website attacker to remotely execute code – potentially letting naughty folk delete or edit blog posts.…
Protip: If you’d rather cyber-scoundrels didn’t know the contents of your comp, don’t apply for a Pakistani passport
Compromised government website slurps buttload of data about applicants A Pakistani government website was compromised with a keylogger and other malware that hoovered up a whole host of information about people checking on their passport application status.…
Hackers cop a FILA thousands of UK card deets after slinking onto clothing brand’s servers
Pesky JavaScript malware harvester strikes again Sportswear brand FILA is the latest company to fall victim to the card-stealing JavaScript infection that menaced British Airways and Ticketmaster last year.…
What do sexy selfies, search warrants, tax files have in common? They’ve all been found on resold USB sticks
You do know just dragging stuff to the delete folder doesn't wipe stuff, right? Apparently not About two-thirds of USB memory sticks bought secondhand in the US and UK have recoverable and sometimes sensitive data, and in one-fifth of...
Thought you were done patching this week? Not if you’re using an Intel-powered PC or server
Here comes Chipzilla with a big bunch of security fixes for graphics drivers, server and workstation firmware, and more Hot on the heels of this month's security updates from Microsoft, Adobe, and SAP, Intel has kicked out a batch...
Norwegian aluminum producer Norsk Hydro hit by an unspecified cyberattack
Norwegian aluminum producer Norsk Hydro was hit by a cyber attack which began Monday evening and escalated into the night.
The Norwegian National Security Authority (NSM) declined to comment on what type of attack it was but said the extent...
Glitch exposes Sprint customer data to other users
A bug
has allowed some Sprint customers to see the personal data of other customers from
their online accounts.
The information visible includes names, cell phone numbers as well as calls made by other users and, and a Tech Crunch report cited...
6 Ways Mature DevOps Teams Are Killing It in Security
New survey shows where "elite" DevOps organizations are better able to incorporate security into application security.
Ransomware drops the Lillehammer on Norsk Hydro: Aluminium giant forced into manual mode after systems scrambled
Norway the power and metals wrangler could have seen this one coming Norwegian power and metals giant Norsk Hydro is battling an extensive ransomware infection on its computers.…
Old Tech Spills Digital Dirt on Past Owners
Researcher buys old computers, flash drives, phones and hard drives and finds only two properly wiped devices out of 85 examined.
