Security News

The CIA is running a secret cyberwar including Russian-style hack-and-leak operations with little or no oversight, US officials have warned. The approval for the operations stems from a National Security Presidential Memorandum signed in 2018 by President Trump which has long been known about but the contents of which remain top secret.

Cisco has launched an investigation after researchers at F-Secure analyzed two counterfeit Cisco switches that appeared to exploit a previously unknown vulnerability. F-Secure's analysis of the fake Cisco switches focused on the security implications of using such fake devices, particularly if the manufacturer attempted to plant any backdoors.

A security review of 127 popular home routers found most contained at least one critical security flaw, according to researchers. On average, the routers analyzed-by vendors such as D-Link, Netgear, ASUS, Linksys, TP-Link and Zyxel-were affected by 53 critical-rated vulnerabilities, with even the most "Secure" device of the bunch having 21 CVEs, according to the report.

German authorities have reportedly seized a server hosting the massive BlueLeaks data dump, which was released earlier in June and exposed thousands of sensitive police department and law enforcement files. "We have received official confirmation that #DDoSecrets' primary public download server was seized by German authorities," said Emma Best, founder of DDoSecrets, in a Tuesday Twitter post.

You upload the file to a file sharing site, optionally setting various options that describe which other users can see it, and for how long, and then send the recipient an email that contains a download link where they can fetch the file at their leisure. Which is why we are occasional but enthusiastic users of Firefox Send, a free service from Mozilla that aims to let you share large files easily, but without the worry of what gets left behind and forgotten about.

China's ambassador to Britain on Monday warned that London faced a risk to its international reputation if it blocked Huawei from the nation's 5G network. A UK security investigation, yet to be published, has raised "Very, very serious" questions over Huawei's limited 5G role in Britain, the financial daily added.

China's Huawei is not totally banned from France's next-generation 5G wireless market, but French operators using them will only get limited licences, the head of the national cybersecurity agency told Les Echos newspaper Sunday. The comments were the latest development in the controversy over Huawei's involvement, after several Western nations barred the company from participation in their 5G networks over security fears.

1Password is launching a first-of-its-kind domain breach report. Now, companies using 1Password's enterprise password manager can swiftly identify compromised accounts and take action to protect the enterprise by alerting users to create new secure passwords generated via 1Password.

Thousands of sensitive police department files - including police and FBI reports - were published on Friday by DDoSecrets, a self-proclaimed "Transparency collective" that publishes covert data. DDoSecrets said on Twitter that it contains ten years of data, from over 200 police departments, law enforcement training and support resources and fusion centers, which are state-owned entities that gather public safety data.

Brit cycling equipment shop Wiggle confirmed to The Reg today it was delinking customers' payment cards from their accounts, two weeks after first receiving complaints that orders were appearing on customers' accounts that they had not made themselves. Ross Clemmow, CEO at Wiggle, told The Reg: "[W]e understand a small number of customers' login details have been acquired outside of Wiggle's systems and some have been used to gain access to Wiggle accounts and purchases made.