Sophos tells users to roll back Microsoft’s Patch Tuesday run if they want PC to boot
Yes, the one with the critical security fixes Brit security software slinger Sophos has advised its customers to uninstall Microsoft's most recent Patch Tuesday run – the same patches that protect servers against the latest Intel cockups.…
Boeing admits 737 Max sims didn’t accurately reproduce what flying without MCAS was like
Turning off trim control software in training wouldn't give realistic results – report Boeing has admitted that pilot training simulators for the controversial 737 Max did not accurately reproduce what happened if the infamous MCAS system went gaga.…
Let adware be treated as malware, Canuck boffins declare after breaking open Wajam ad injector
If it walks like a duck and quacks like a duck then... Analysis The technology industry has numerous terms for sneaky software, including malware, adware, spyware, ransomware, and the ever adorable PUPs – potentially unwanted programs. But there isn't...
CIA traitor spy thrown in the clink for selling secrets to China. Stack Overflow, TeamViewer admit: We were hacked…
...And more from the world of infosec this week Roundup Here's a quick catch-up of all things infosec beyond what we've already reported this week.…
Giga-hurts radio: Terrorists build Wi-Fi bombs to dodge cops’ cellphone jammers
Explosives activated by wireless networking signals discovered amid election Terrorists have been caught strapping Wi-Fi-activated backup triggers to bombs in Indonesia, police revealed this week.…
It’s not chicken feed: Million-dollar meal deal for livestock sabotaged by hackers… and, er, exchange rates
Six-week investigation delay shrank payment by 13% A $1.2m shipment of livestock feed went awry when "hackers" intercepted and tweaked emails with payment details, eventually costing the cheeky buyers an extra $161,000 after exchange rates moved during the legal...
Get out of Huawei, it’s an avalanche of news from everyone’s favourite Chinese bogeyman
We read this week's Huawei happenings and filleted it so you don't have to Roundup Huawei has been kicked by a US national emergency proclamation hitting "foreign" gear, spent some cash in France, claimed it's worth billions to Britain...
Good heavens, is it time to patch Cisco kit again? Prime Infrastructure root privileges hole plugged
Do the thing ASAP, you know how it works by now Among a bumper crop of 57 security issues Cisco divulged on Wednesday was a fix for a trio of vulns, one critical, in networks management tool Prime Infrastructure.…
Freed whistleblower Chelsea Manning back in jail for refusing to testify before secret grand jury
If orange is the new black, she's back in black After seven days of freedom, US Army whistleblower Chelsea Manning is back behind bars for refusing to testify before a secret federal grand jury investigating WikiLeaks.…
Bank-account-raiding Goznym malware bust: Five suspects collared, five still on the run. $100m feared stolen
Most exciting Enid Blyton book yet – Five accused of international fraud? Ten people have been accused of masterminded the theft of roughly $100m from bank accounts using the Goznym malware. Five have been arrested, charged, and are facing...
The plane, it’s ‘splained, falls mainly without the brain: We chat to boffins who’ve found a way to disrupt landings using off-the-shelf radio kit
DoS cyber-attacks are not just for websites, they may also be for aircraft ILS Video Aircraft instrument landing systems (ILS) are susceptible to radio signal spoofing using off-the-shelf equipment, boffins have found, calling into question the adequacy of aviation...
Office 365 user security practices are woeful, yet it’s still ‘Microsoft’s fault’ when an org is breached
As soon as defences are sold as a product, hygiene suffers The US Cybersecurity and Infrastructure Security Agency (CISA) has become the latest government body to plead with admins to implement security best practices on Microsoft's Office 365 platform.…
Breaking news: Bank-card-slurping malware sneaks into Forbes’ mag subscription website
Dead-tree devotees who recently signed up may want to check their statements The Magecart credit-card-skimming malware that is the bane of internet shoppers has been spotted again, this time on the Forbes magazine subscription website.…
Google warns of Titan(ic) Bluetooth issue sinking its security keys, recalls early builds
A pairing problem makes an account compromise possible, although improbable Google is recalling some of its Titan Security Keys, used for two-factor authentication, after finding a security flaw exposed the key's Bluetooth connections to an attacker…
Titan-ic disaster: Bluetooth blunder sinks Google’s 2FA keys, free replacements offered
A pairing problem makes an account compromise possible, although improbable Google is offering free replacements of its Titan Security Keys, used for two-factor authentication, after learning the widgets' Bluetooth connections could be compromised by nearby hackers.…
We like transparency and we’re a CA, hackers hack all night and we log all day
Cert authority Sectigo funds Lets Encrypt transparency log Let’s Encrypt has wheeled out a new certificate transparency log called Oak, which is funded for a year by the certificates arm of Sectigo (formerly known as Comodo).…
Supreme Court says secret UK spy court’s judgments can be overruled after all
It all went a bit Pete Tong for the Peeping Toms Britain's Supreme Court said today that rulings from a secretive UK spy tribunal can now be appealed against after a legal challenge from pressure group Privacy International.…
MI5 slapped on the wrist for ‘serious’ surveillance data breach
Auditors poked around for a week after too many Peeping Toms had a trawl Home Secretary Sajid Javid has confessed to Parliament that MI5 bungled the security of "certain technology environments used to store and analyse data," including that...
Microsoft emits free remote-desktop security patches for WinXP to Server 2008 to avoid another WannaCry
Plus plenty of other fixes from Redmond and Adobe – and special guest star Citrix Patch Tuesday It’s that time of the month again, and Microsoft has released a bumper bundle of security fixes for Patch Tuesday, including one...
Buffer the Intel flayer: Chipzilla, Microsoft, Linux world, etc emit fixes for yet more data-leaking processor flaws
Intel CPUs dating back a decade are vulnerable to latest cousin of Spectre Intel on Tuesday plans to release a set of processor microcode fixes, in conjunction with operating system and hypervisor patches from vendors like Microsoft and those...
HawkEye Attack Wave Sends Stolen Data to Another Keylogger Provider
A recent attack wave involving HawkEye malware sends data stolen from its victims to another keylogger provider’s website. On 21 May, My Online Security came across a new sample of HawkEye. The actual delivery mechanism itself wasn’t unique compared...
Washington Issues Temporary License to Huawei
Washington Issues Temporary License to Huawei The US government has issued a temporary license to Huawei and its affiliates, allowing American companies to supply the telecoms and handset giant until August.
Despite reports emerging over the weekend of various chipmakers...
GDPR: The Best Strategy For International Businesses
The EU’s General Data Protection Regulation (GDPR) was created with the aim of homogenising data privacy laws across the EU. GDPR also applies to organisations outside the EU, if they monitor EU data subjects, or offer goods and services...
How Cyber-Secure Are Business Travelers? New Report Says Not Very
I travel frequently for business — to industry conferences such as RSA Conference and Black Hat and meeting with clients. Whenever I travel, I bring my work laptop, my personal cellphone enabled with work email and calendar, and, of...
Haas F1 team leans on service providers as security force multipliers
If today’s cars are smartphones on wheels, then race cars are supercomputers with engines attached. As the fastest racing sport in the world, Formula One cars come laden with over 100 sensors measuring every aspect of a car’s internal...
