The Register - Anti-Virus

Dnsmasq, used in only a million or more internet-facing devices globally, patches not-so-secret seven spoofing, hijacking flaws
Seven vulnerabilities have been found in a popular DNS caching proxy and DHCP server known as dnsmasq, raising the possibility of widespread online attacks on networking devices.…
FireEye publishes details of SolarWinds hacking techniques, gives out free tool to detect signs of intrusion
Any organizations that used the backdoored SolarWinds network-monitoring software should take another look at their logs for signs of intrusion in light of new guidance and tooling.…
Labour Party urges UK data watchdog to update its Code of Employment Practices to tackle workplace snooping
The UK's Information Commissioner's Office needs to update its Code of Employment Practices to tackle workplace spying by bosses, the Prospect trade union and the Labour Party have said.…
AnyVan confirms digital break-in, says customer names, emails and hashed passwords exposed
Updated Anyvan, the European online marketplace that lets users buy delivery, transport or removal services from a network of providers, has confirmed it was the victim of a digital burglary that involved the theft of customers' personal data.…
Scottish Environment Protection Agency refuses to pay ransomware crooks over 1.2GB of stolen data
Scotland's environmental watchdog has confirmed it is dealing with an "ongoing ransomware attack" likely masterminded by international "serious and organised" criminals during the last week of 2020.…
Bye bye, said Trump admin to Huawei: You give a cheque-ie to our techies, but there's no licence to ply
As parting gifts go, this one ranks pretty low. With less than three days until the inauguration of Joe Biden, the Trump Administration has reportedly revoked several licences that would allow Huawei to buy US-made tech, and plans to deny over 150 pending requests.…
Hallowed Bugtraq infosec list killed then resurrected over the weekend: We heard your feedback, says Accenture
In brief Last week ended with news that the venerable infosec mailing list Bugtraq was being shutdown at the end of the month.…
Signal boost: Secure chat app is wobbly at the moment. Not surprising after gaining 30m+ users in a week, though
Updated Signal is experiencing a partial outage as tens of millions of netizens flood the free secure messaging service.…
Coming in at number 5, it's a blast from the past! Tenable's 2020 security flaw chart show features hits of yesteryear
Out of the top five vulnerabilities for 2020 three dated back to 2019 or earlier, according to infosec firm Tenable's annual threat report.…
Ministry of Defence's cyber warfare drive is helping burn a hole through its budget, warns UK's National Audit Office
The Ministry of Defence's multibillion budget overrun has been caused in part because of its spending splurge on flashy new "cyber" capabilities, according to the National Audit Office.…
Is a remote workforce making your organisation less secure?
Webcast Last year your bosses embraced remote working because, let’s face it, none of us had a choice.…
World’s largest dark-web marketplace shuttered after Euro cybercops cuff Aussie
Europol cops have taken down dark-web souk DarkMarket, after arresting an Australian citizen living in Germany who they claim was operating the world's biggest online bazaar of its kind.…
Microsoft emits 83 security fixes – and miscreants are already exploiting one of the vulns in Windows Defender
Patch Tuesday Microsoft on Tuesday released updates addressing 83 vulnerabilities in its software, which doesn't include the 13 flaws fixed in its Edge browser last week.…
SolarWinds malware was sneaked out of the firm's Orion build environment 6 months before anyone realised it was there – report
The malware that was utilised to hack SolarWinds checked to see whether software used to compile the firm's Orion product was running before deploying its payload, according to Crowdstrike.…
Microsoft's beefed-up take on Linux server security has hit general availability
After a few months in preview, Microsoft has made Defender Endpoint Detection and Response (EDR) generally available for Linux servers.…
Kaspersky Lab autopsies evidence on SolarWinds hack
Kaspersky Lab reckons the SolarWinds hackers may have hailed from the Turla malware group, itself linked to Russia’s FSB security service.…
How I found a bug in YouTube that let me watch private videos I wasn't allowed to, says compsci student
Until early last year, Google's YouTube had a security flaw that made private videos visible at reduced resolution, though not audible, to anyone who knew or guessed the video identifier and possessed the technical knowledge to take advantage of the snafu.…
Ubiquiti iniquity: Wi-Fi box slinger warns hackers may have peeked at customers' personal information
Networking vendor Ubiquiti has written to its customers to advise them of a possible leak of their personal information.…
That's it. It's over. It's really over. From today, Adobe Flash Player no longer works. We're free. We can just leave
Adobe has finally and formally killed Flash.…
Thou shalt not hack indiscriminately, High Court of England tells Britain's spy agencies
A landmark High Court ruling has struck down Britain's ability to hack millions of people at a time through so-called "general warrants" in what privacy campaigners are hailing as a major victory.…