Viry a Červi

Tight-lipped bank has fixed the weirdness - but not said why it happened

Barclays Bank appears to have been using no less than the Internet Archive's Wayback Machine as a "content distribution network" to serve up a Javascript file.…

Four-year investigation shuts down EncroChat and busts 746 alleged criminals for planning murders, selling drugs and laundering money.

At the risk of giving you a feeling of déjà vu all over again, it's time to talk about Facebook hoaxes once more.

Amazon has placed a moratorium on police use of its facial recognition platform - but a congressman asked if that extends to its Ring smart doorbell in a new inquiry.

They're not surveillance spectacles, says Google, just a piece in the jigsaw of "ambient computing", where helpfulness is all around you.

No organisation is immune: Nearly nine in ten experienced these attacks last year

Sponsored  Business Email Compromise (BEC) and Email Account Compromise (EAC) are the most expensive cyber threats facing businesses around the globe. The FBI’s Internet Crime Complaint Center (IC3) reports that both scams have resulted in worldwide losses of $26 billion since 2016 – with $1.7 billion in the last year alone.…

Not to worry, there are only *searches* several thousand devices apparently exposed online

Network administrators are urged to patch their F5 BIG-IP application delivery controllers following the disclosure of a pair of critical remote takeover bugs.…

Best get updating pronto, folks

The Apache Project's popular Guacamole open-source remote desktop software contained vulns allowing remote attackers to steal login creds and hijack targeted machines, researchers have said.…

Continental capers lead to 750 UK arrests

French and Dutch police have boasted of infiltrating and killing off encrypted chat service EncroChat, alleging it was used by organised crime gangs to plot murders, sell drugs, launder criminal profits and more.…

Redmond also praised for blocking malware control systems on its clouds

Microsoft has emitted a pair of security patches to address flaws in Windows 10 that can be potentially exploited by miscreants to hijack PCs. A victim simply needs to be tricked into opening a file containing a specially crafted image on a vulnerable system.…

Still thinking "the crooks probably won't find me if I make a security blunder"?

Focus on usability to avoid buyer’s remorse, Echoworx advises

Sponsored  In its raw form, email isn't the most secure channel for carrying national secrets. It was originally designed for plain text, and plenty of modern mainstream email systems still don't support encryption out of the box. So if you're someone like Edward Snowden, you'll want to make darn sure that your correspondent knows how to use encryption.…

Even so, backdoors and droppers are rare in the wild.

Several vulnerabilities can be chained together for a full exploit.

Facebook has fixed a privacy issue that gave developers access to user data long after the 90-day "expiration" date.

New ‘smishing’ campaigns from the Roaming Mantis threat group infect Android users with the FakeSpy infostealer.

VPN gear vulnerable to remote hijackings

Cisco has patched a cross-site scripting vulnerability in two VPN routers it sells to small businesses and branch offices.…

Databases can be had for as little as $100, on up to $1,100. Most, if not all, are being sold by the hacking group Shiny Hunters.

A high-severity flaw allows remote, unauthenticated attackers to potentially gain administrative privileges for Cisco small business switches.

The malware is using DNS tunneling to exfiltrate payment-card data.