Security News

Last rites for the UK's Online Safety Bill, an idea too stupid to notice it's dead
2023-08-21 08:31

The open source project has recently announced a secure communications framework, designed for decentralized peer-to-peer use through a multi-hop mesh routing system that combines strong encryption with untraceability. This same state is, of course, the one demanding that to "Protect children," it should get access to whatever encrypted citizen communication it likes via the Online Safety Bill, which is now rumored to be going through British Parliament in October.

Cumbrian Police accidentally publish all officers' details online
2023-08-14 11:38

Cumbria Constabulary inadvertently published the names and salaries of all its officers and staff online earlier this year, making it the second UK force in a fortnight to admit disclosing personal information about its employees. In a statement, the force told The Register: "Cumbria Constabulary became aware of a data breach on Monday 6th March 2023 where information about the pay and allowances of every police officer and police staff roles as at 31st March 2022 was uploaded to the Constabulary's website, which was a human error."

Northern Ireland police may have endangered its own officers by posting details online in error
2023-08-09 13:00

A spreadsheet containing details of serving Northern Ireland police officers was mistakenly posted online yesterday, potentially endangering the safety of officers, given the volatile politics of the region. The data leak involved a spreadsheet detailing the surnames and initials of all serving officers in the Police Service of Northern Ireland, plus civilian staff members.

Microsoft Exchange Online hit by new outage blocking emails
2023-07-18 09:06

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

Microsoft admits unauthorized access to Exchange Online, blames Chinese gang
2023-07-13 06:26

US commerce secretary Gina Raimondo and other State and Commerce Department officials were reportedly among the victims of a China-based group's attack on Microsoft's hosted email services. The US Cybersecurity and Infrastructure Security Agency and the FBI issued a joint advisory detailing how a Federal Civilian Executive Branch agency was tipped off when it observed MailItemsAccessed events with an unexpected ClientAppID and AppID in Microsoft 365 Audit Logs - as the AppId did not normally access mailbox items in that manner.

Over 130,000 solar energy monitoring systems exposed online
2023-07-06 09:04

Security researchers are warning that tens of thousands of photovoltaic monitoring and diagnostic systems are reachable over the public web, making them potential targets for hackers. These systems are used for remote performance monitoring, troubleshooting, system optimization, and other functions to allow remote management of renewable energy production units.

Week in review: 5 free online cybersecurity courses, 8Base ransomware group leaks data
2023-07-02 08:00

Unlocking internet's secrets via monitoring, data collection, and analysisIn this Help Net Security interview, Ryan Woodley, CEO of Netcraft, discusses the importance of monitoring, collecting, and analyzing internet data to gain a profound understanding of the internet. Preparing health systems for cyber risks and insurance coverageIn this Help Net Security interview, Dennis Fridrich, VP of Cybersecurity at TRIMEDX, delves into the hidden costs of cyberattacks on health systems, the role of insurers in promoting cybersecurity preparedness, and how organizations can better manage their cyber risk.

5 free online cybersecurity courses you should check out
2023-06-26 03:30

Describe procedures for operating and configuring networked-based security devices6. Ethical considerations in general, and the² Code of Ethics in particular, provide the backdrop for any discussion of information security and SSCP candidates will be tested on both.

How to bypass CAPTCHAs online with Safari on iOS 16
2023-06-22 19:00

Tired of those annoying CAPTCHA images that leave you feeling like you're solving a puzzle just to log in online? Learn how to use Apple's "CAPTCHA killer" feature called Automatic Verification in iOS 16. CAPTCHAs can be quite annoying when you just want to try to create a new account or log in to a website.

Online muggers make serious moves on unpatched Microsoft bugs
2023-06-09 23:47

Two flaws in Microsoft software are under attack on systems that haven't been patched by admins. Redmond issued fixes for the vulnerabilities - one affecting Visual Studio and the other the Win32k subsystem - in April and May, but in separate reports this week, security researchers with Varonis Threat Labs and Numen Cyber warned that unpatched systems are already being exploited.