Epic Games floats $1m bounty to ID source of ‘commercial smear’ claiming Houseparty chat app has been hacked
Lots of non-savvy users may be recycling previously hacked creds Group video chat app Houseparty has offered a $1m bounty to identify what it claims is an organised campaign to falsely depict it as a hackers' backdoor.…
Marriot Hotels breached AGAIN: Two compromised logins abused to exfil guests’ personal deets
How many customers' deets? It's not saying just yet Marriot Hotels has suffered its second data spillage in as many years after an "unexpected amount" of guests' data was accessed through two compromised employee logins, the under-fire chain has...
Marriott Hotels hacked AGAIN: Two compromised employee logins abused to siphon off guests’ personal info
How many customers' deets? It's not saying just yet Marriott Hotels has suffered its second data spillage in as many years after an "unexpected amount" of guests' data was accessed through two compromised employee logins, the under-fire chain has...
Poured your info out on a call to 118 118 Money? Bad luck. Credit provider ‘fesses up that hacker nabbed customer service phone recordings
Don't worry, though. Any 'systematic' data extraction would be 'time-consuming' The digital burglary at 118 118 Money exposed recordings of customer service calls that included a raft of personal information although thankfully not payment data.…
You know all those stories of leaky cloud buckets taken offline? Well, some may still be there, just badly hidden
Plus, Google warns of fake journo phishing attacks Roundup It's once again time for the El Reg security roundup.…
First-ever SANS Women in Cybersecurity survey reveals significant mentorship gaps
'The future of cybersecurity is the responsibility of everyone' Promo As women take more senior positions in the field of cybersecurity, there's a shortage of women available to mentor others.…
Yeah, that Zoom app you’re trusting with work chatter? It lives with ‘vampires feeding on the blood of human data’
Doc Frown: Searls decries video-conferencing software's 'creepy' closeness with ad tracking As the global coronavirus pandemic pushes the popularity of videoconferencing app Zoom to new heights, one web veteran has sounded the alarm over the app's "creepily chummy" relationship...
AMD dials 911, emits DMCA takedowns after miscreant steals a load of GPU hardware blueprints, leaks on GitHub
'We believe the stolen graphics IP is not core to the competitiveness or security of our graphics products' On Wednesday, AMD confirmed intellectual property related to its graphics processors was stolen last year, though insisted the leaked files will...
Hey, China. Maybe you should have held your hackers off for a bit while COVID-19 ravaged the planet. Just a suggestion
Citrix, Cisco and Zoho-pwning APT41 attack wave seems in awfully bad taste Proving that no good crisis ever goes to waste, Chinese government hacking crew APT41 launched a campaign that abuses vulns in Citrix Netscaler and Zoho ManageEngine, according...
SANS is offering fully certified cybersecurity training – without leaving your bunker
Isolation is the perfect time to learn new skills Promo Amid this planet's ongoing pandemic, if you’re keen to repurpose all that time previously spent commuting, attending conferences, and so on, why not take a look at the SANS...
If there’s something strange in Symantec’s neighbourhood, who you gonna call, not Broadcom it seems
Datacenters fall over around the globe Symantec customers, or rather Broadcom these days, were taken offline for a while on Wednesday when the security services datacenters around the planet went down.…
Tupperware-dot-com has a live credit card skimmer on its payment page, warns Malwarebytes
Branded lunchbox biz didn't answer for 5 days, alleges infosec firm Tupperware, maker of the plastic food containers beloved of the Western middle classes, has an active and ongoing malware infection on its website that steals credit card data...
Brit housing association blabs 3,500 folks’ sexual orientation, ethnicity in email blunder
Please update your contact details in this handy spreadsheet ... oh A UK housing association blurted 3,500 people's sensitive personal data as part of a bungled "please update your contact details" email exercise, The Register has been told.…
Stuck inside with nothing to do? Apple fires out security fixes for iOS, macOS, wrist-puters… and something weird called iTunes for Windows
Dozens of bugs swatted in latest Cupertino updates Apple has emitted a bundle of security fixes ranging across its product lines.…
Palantir, The $20 Billion, Peter Thiel-Backed Big Data Giant, Is Providing A Coronavirus Monitoring Tool To The CDC
Palantir will help the Centers for Disease Control keep on top of ventilator and mask needs to treat coronavirus victims, sources say.
Defense Evasion Dominated 2019 Attack Tactics
Researchers mapped tactics and techniques to the MITRE ATT&CK framework to determine which were most popular last year.
Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy
About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.
OpenWRT is vulnerable to attacks that execute malicious code
Enlarge (credit: OpenWRT)
For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital...
Privacy in critical care after telehealth demands jump
As coughs and body aches drive anxious Americans to telemed services in record numbers, relieving the burden on medical facilities stressed to breaking with COVID-19 cases, the subsequent relaxation of privacy requirements puts them at risk of PHI compromises,...
