Security News
Internet, phone lines, websites, and more went down on Saturday morning The British Library has confirmed to The Register that a "cyber incident" is the cause of a "major" multi-day IT outage.…
The University of Michigan has isolated itself from the internet but, hey, everything's fine! The institute's president on Tuesday published a letter to the school community thanking everyone for their patience as technical staff work to restore internet access following an undisclosed security incident.
Colourful web forum Reddit has revealed it has suffered a security breach. Here's what we know Reddit's founding engineer and CTO "KeyserSosa" - aka Christopher Slowe - explained that late on February 5th "We became aware of a sophisticated phishing campaign that targeted Reddit employees."
Dashlane's sixth annual list of the year's worst password offenders reveals the biggest password security mishaps for 2021. A weak password can create far more trouble for an organization that holds user data and other sensitive information.
A 3D printer remote monitoring company accidentally exposed users' printers to each other after a cloud reconfiguration snafu.Jiang added that his team had been "Notified of a case in which a user started a print on someone else's printer" - and linked through to a Reddit post where someone had used a stranger's printer to print the words: "TSD is not secure/ I randomly connected /sorry had to inform u.".
A 3D printer remote monitoring company accidentally exposed users' printers to each other after a cloud reconfiguration snafu. Jiang added that his team had been "Notified of a case in which a user started a print on someone else's printer" - and linked through to a Reddit post where someone had used a stranger's printer to print the words: "TSD is not secure/ I randomly connected /sorry had to inform u.".
Poly Network, a Chinese software biz that processes cryptocurrency transactions across different blockchain platforms, urged hackers to return $600m worth of stolen digital cash in what it called the "Biggest [attack] in DeFi history." Protocols like Poly Network allow cryptocurrency traders to exchange digicash across various blockchains; they can be used to swap Bitcoin for Ethereum, for example.
US-based Zoom users may have a little cash coming their way after the video meeting outfit lodged a preliminary settlement in a class action related to some of its less-than-brilliant security and data protection practices. The settlement was filed Saturday in an attempt to end a class action that alleged Zoom indulged in unlawful activities - including misrepresenting its end-to-end encryption capabilities and unauthorized transfer of personal data to third parties like Facebook, Google and LinkedIn - as well as implementing grossly inadequate security and privacy controls.
Fans of John le Carré's Tinker Tailor Soldier Spy know how top military secrets are extracted from the enemy. If head KGB spy Karla wanted to learn intricate details of the British military today, he'd just have to check WhatsApp.
Mozilla Thunderbird spent the last couple of months saving some users' OpenPGP keys in plain text - but that's now been patched, the author of both the bug and the patch fixing it has told The Register. The vulnerability, assessed as "Low" impact by Mozilla, existed in the free open source Thunderbird email client between version 78.8.1 and version 78.10.1 after a crestfallen maintainer realised carefully designed protections were in fact not protecting users' private OpenPGP keys.