Viry a Červi

Tales from the honeypot: this time a MySQL-based attack. Old tricks still work, because we're still making old mistakes - here's what to do.

Your two-minute guide to all the other security news this week

Roundup  It's a bumper three-day weekend in the US and UK, so we won't keep you long. Here's a rapid summary of information security news from the past week beyond what El Reg has already covered.…

After a report found that Snap employees were abusing their access to Snapchat data, experts are warning that insider threats will continue to be a top challenge for privacy.

New .htaccess injector threat on Joomla and WordPress websites redirects to malicious websites.

The Windows 10 update that's rolling out addresses insecure Wi-Fi hotspots with new user notifications.

The Threatpost team breaks down the top privacy-related data incidents of the week - including data leaks from HCL and a golfing app - and highlights some surprisingly good privacy news.

Can you ever call malware art? That question is now up for debate as a Chinese internet artist puts a laptop full of viruses up for auction.

Apple thinks it has come up with a way for advertisers to track how well their ads are doing without compromising user privacy.

Competition regulators investigated Apple due to concerns that people were needlessly repairing or replacing slow phones.

It was triggered by a complaint filed by Dr. Johnny Ryan, CPO of privacy-focused Brave browser, which is fighting Google's search domination.

Perceptics confirms intrusion and theft, stays quiet on details

Exclusive  The maker of vehicle license plate readers used extensively by the US government and cities to identify and track citizens and immigrants has been hacked. Its internal files were pilfered, and are presently being offered for free on the dark web to download.…

Prosecutors try to paint a line between journos and internet dump lord in case with significant free speech implications

Julian Assange has been formally accused by the US government of breaking the Espionage Act, expanding the legal case against him and raising significant free speech issues.…

As passwords are increasingly viewed as security liabilities, Identity Management solutions are picking up the slack.

Privacy slip allegations dog US cellular network giants... while FCC twiddles its thumbs

A bounty hunter was able to get the live location of a number of different individuals from American cellphone networks through a single phone call, it is claimed.…

Coming to America: The Shade ransomware, which has historically targeted Russian victims, was recently spotted expanding its sights.

A new way of tracking mobile users creates a globally unique device fingerprint that browsers and other protections can't stop.

Part-timers needed

The British Army's psyops unit 77 Brigade is still falling short of recruiting targets, despite cyber skills being bigged up repeatedly by the military and government.…

As promised, developer SandboxEscaper has dropped exploit code for four more bugs, on the heels of releasing a Windows zero-day yesterday.

As Bitcoin prices surge, so too are malicious apps, malware-ridden scams and cryptojacking attacks looking to profit from the cryptocurrency industry.

Nobody got at the subset of G Suite passwords, Google said, apologizing and saying that it's working to ensure this is an isolated incident.