Privacy is for paedophiles, UK government seems to be saying while spending £500k demonising online chat encryption

So far we've got a pisspoor video and... er, that's it Opinion  The British government's PR campaign to destroy popular support for end-to-end encryption on messaging platforms has kicked off, under the handle "No Place To Hide", and it's as broad as any previous attack on the safety-guaranteeing technology.…

1h

'Now' would be the right time to patch Ubuntu container hosts and ditch 21.04 thanks to heap buffer overflow bug

Red Hat agrees The CVE-2022-0185 vulnerability in Ubuntu is severe enough that Red Hat is also advising immediate patching.…

1h

NortonLockLife and Avast tie-up falls under UK competition regulator's spotlight

CMA invites comments from 'interested parties' on what merger means to them The UK's Competition and Markets Authority has invited comments from industry and interested parties about NortonLifeLock's proposed $8bn purchase of fellow infosec outfit Avast.…

5h

Red Cross forced to shutter family reunion service following cyberattack and data leak

Director-general pleads with cyber-scum: leave this data alone, because the people involved have suffered enough Humanitarian organization the International Red Cross disclosed this week that it has fallen foul of a cyberattack that saw the data of over 515,000 "highly vulnerable people" exposed to an unknown entity.…

8h

Being “Threat-Led” is the answer. Your ISO certificate won’t save you from a breach!

The Vectra Masked CISO series gives security leaders a place to expose the biggest issues in security and advise peers on how to overcome them. Advertorial  I’ve seen it countless times. Another CISO walks into a board meeting and muddles through stats showing their compliance status. Great, you’re 75% compliant with ISO 27001, but what does this tell...

8h

McAfee and FireEye rename themselves ‘Trellix’

To evoke support for growing things, not the 1990s vendor of web-pages-made-easy-ware LogoWatch  Newly combined security outfits McAfee and FireEye have revealed a new name: "Trellix".…

9h

Singapore gives banks two-week deadline to fix SMS security

Edict follows widespread bank phishing scam claiming well over $6.3 million A widespread phishing operation targeting Southeast Asia's second-largest bank – Oversea-Chinese Banking Corporation (OCBC) – has prompted the Monetary Authority of Singapore (MAS) to introduce regulations for internet banking that include use of an SMS Sender ID registry.…

10h

Need to prioritize security bug patches? Don't forget to scan Twitter as well as use CVSS scores

Exploit, vulnerability discussion online can offer useful signals Organizations looking to minimize exposure to exploitable software should scan Twitter for mentions of security bugs as well as use the Common Vulnerability Scoring System or CVSS, Kenna Security argues.…

18h

Sniff those Ukrainian emails a little more carefully, advises Uncle Sam in wake of Belarusian digital vandalism

NotPetya started over there, don't forget US companies should be on the lookout for security nasties from Ukrainian partners following the digital graffiti and malware attack launched against Ukraine by Belarus, the CISA has warned.…

20h

Vulnerabilities and censorship tools among hot new features in Beijing's Olympics app

Visitors have to install it 14 days prior to arrival in China until their departure Toronto-based Citizen Lab has warned that an app required by Beijing law to attend the 2022 Olympics contains vulnerabilities that can leak calls and data to malicious users, as well as the potential to subject the user to scanning for censored keywords.…

21h