Viry a Červi

An attacker can supply a malicious hyperlink in order to secretly alter the download path for files shared in a Slack channel.

Daniel Gruss, the researcher behind Spectre, Meltdown - and most recently, ZombieLoad - Intel CPU side channel attacks, gives an inside look into how he discovered the flaws.

A company accused of fraudulently obtaining 757,000 IPv4 addresses has been ordered to hand them back.

Privacy-focused browser Brave has criticised an industry proposal it says would make browser fingerprinting easier.

It's not clear who paid Archimedes Group for its reality-warping campaigns, but it's clear disinformation is now a global scourge.

It turns out that robo-dialed calls accounted for 56.5% of the phone-in vote for the millionaire's daughter.

If it walks like a duck and quacks like a duck then...

Analysis  The technology industry has numerous terms for sneaky software, including malware, adware, spyware, ransomware, and the ever adorable PUPs – potentially unwanted programs. But there isn't always a clear difference between malware and less threatening descriptors.…

It was a week of patches - from a severe Linux kernel flaw to a new 'wormable' Windows bug, here's a roundup of the week's top stories.

...And more from the world of infosec this week

Roundup  Here's a quick catch-up of all things infosec beyond what we've already reported this week.…

Explosives activated by wireless networking signals discovered amid election

Terrorists have been caught strapping Wi-Fi-activated backup triggers to bombs in Indonesia, police claimed this week.…

A cross-site scripting flaw in a popular WordPress plugin enables an unauthenticated attacker to insert JavaScript payloads into impacted websites.

Six-week investigation delay shrank payment by 13%

A $1.2m shipment of livestock feed went awry when "hackers" intercepted and tweaked emails with payment details, eventually costing the cheeky buyers an extra $161,000 after exchange rates moved during the legal fallout.…

The decision to pay a ransom in the case of a ransomware attack can be a complex one for businesses.

The importance of reading the network tealeaves of a company’s network traffic to head off an attack.

We read this week's Huawei happenings and filleted it so you don't have to

Roundup  Huawei has been kicked by a US national emergency proclamation hitting "foreign" gear, spent some cash in France, claimed it's worth billions to Britain and was described as "a potential security risk" by a former head of MI6. And that's just the last five days.…

From a zero day flaw in WhatsApp, to Patch Tuesday fixes, Threatpost breaks down the top vulnerabilities of this week.

Google had egg on its face this week after it had to recall some of its Titan hardware security keys for being insecure.

Six alleged members of "The Community" were indicted, along with three phone service employees who allegedly helped target subscribers.

Arrests in Europe and the US appear to have ended the cybercrime careers of the gang behind the GozNym banking malware.

A tool from the White House invites those who suspect political bias in social media censorship to "share their story with President Trump."