Security News > 2018 > April

T-Mobile Austria stores passwords as plain text, Outlook gets message crypto, and more
2018-04-01 00:00

Warning: Contains extreme stupidity Roundup While Facebook caught most of the security-related flak this week, there were other infosec stories out there.…

Linux Beep bug joke backfires as branded fix falls short
2018-04-01 00:00

PCs don't have beepers any more, but code to make' em sound off lets you see files Retro programmers may need to reconsider using the Linux beep command as an activity or progress alert.…

Political ad campaign biz AggregateIQ exposes tools, DB logins online
2018-04-01 00:00

Denies ties to Cambridge Analytica and insists it didn't knowingly break the law AggregateIQ – a Canadian political advertising firm that played a role in the 2016 US election and the UK's "Vote...

Hurrah! TLS 1.3 is here. Now to implement it and put it into software
2018-04-01 00:00

Which won't be terrifyingly hard: it's pretty good at making old kit like the way it moves The ink has dried, so to speak, on TLS 1.3, so it's time for work developing software to implement the...

How a QR code can fool iOS 11's Camera app into opening evil.com rather than nice.co.uk
2018-04-01 00:00

Miscreants can spoof URL with potentially nasty results A security researcher based in Germany has identified a flaw in the way Apple's iOS 11 handles QR codes in its Camera app.…

Cash-machine-draining €1bn cybercrime kingpin suspect cuffed by plod
2018-04-01 00:00

Bod accused of masterminding malware attacks on banks around the world European cyber-cops have felt the collar of a bloke suspected of running a network of crims that used malware to pinch €1bn...

GCHQ's infosec crew plans to 'scale up' Web Check to improve uk.gov site security
2018-04-01 00:00

That's the National Cyber Security Centre when it's at home Efforts to improve the UK.gov's secure server setup are being ramped up through an expansion of a scheme from the National Cyber...

Exploit kit development has gone to sh$t... ever since Adobe Flash was kicked to the curb
2018-04-01 00:00

Coinkidink? Nah. Crooks are switching tactics There was a big drop in exploit kit development last year, and experts have equated this to the phasing out of Adobe Flash.…

Cisco mess from 2017 becomes tool for state-sponsored infrastructure attacks and defacements
2018-04-01 00:00

Sigh. 160,000 un-patched boxen await p0wnage Cisco's Smart Install software has become the vector for a series of infrastructure attacks and politically-motivated defacements.…