Tuesday 22 December 2020

NSO ‘Pegasus’ Hacking Tool Targets Journalists Again - Security Boulevard

Winged Stallion Sadly Not a Myth

Monday 21 December 2020

Zoom Exec Charged With Tiananmen Square Massacre Censorship - Security Boulevard

Jin Jin Jin in Sin Bin

Thursday 17 December 2020

3 Million Chrome Users Infected via Extensions—Here We Go Again - Security Boulevard

Have a Nice Latte and Stop Worrying

FTC digs into social ad-tech data privacy—pay attention - TechBeacon

The Washington winds are a-changin’. Is your app next for scrutiny?

Tuesday 15 December 2020

Signal App Crypto Cracked, Claims Cellebrite - Security Boulevard


Monday 14 December 2020

SUNBURST: Russia Fingered in ‘Perfect 10’ Supply Chain Attack - Security Boulevard

FireEye’s Other Shoe Drops

Thursday 10 December 2020

EU Vaccine Regulator Hacked for Pfizer/BioNTech Info - Security Boulevard

Just a Little Prick

FireEye hacked ‘by Russia.’ Who’s next?

Reds school the red team

Monday 7 December 2020

Kazakhstan Spies on its People via Man-in-the-Middle Attack, Again - Security Boulevard

Please Read: If it not Success, I Will Be Execute

Friday 4 December 2020

Brazil Govt’s Huge Leak: Health Data of 243M - Security Boulevard

Zello FAIL (no, not that one)

Thursday 3 December 2020

Wormable RCE/PE flaw in iPhone Wi-Fi code: In a word, ‘incredible’ - TechBeacon

Monday 30 November 2020

Second Swiss Firm Said to Be CIA Encryption Puppet - Security Boulevard

Wednesday 25 November 2020

Google Finally Pulls Chinese Apps Stealing Personal Data - Security Boulevard

Bogus Baidu Boo-Boo

Should you pen-test WFH staff? Consumer gear has terrible security. - TechBeacon

The moral of the story? Audit the equipment your users use in their working-from-home networks. You’re going to have to keep up with the security status of that too, and mandate replacement of devices that can’t be secured

Monday 23 November 2020

Congress Passes IoT Security Act, but is it Toothless? - Security Boulevard

NIST and OMB to Lead

Friday 20 November 2020

Japanese Orgs Hacked ‘by China’ in Long, Widespread Campaign - Security Boulevard

Stop Monkeying Around

Thursday 19 November 2020

App SDKs sell location data to US military in ‘war on terror’ - TechBeacon

Your tax dollars at work.

The moral of the story?
Dev: Don’t use third-party SDKs unless you’re sure what data is collected.
IT: Help your users choose the best privacy settings on their devices.

Wednesday 18 November 2020

Trump Fires DHS Cybersecurity Agency Head, Over Election Remarks - Security Boulevard

The Donald’s Signature Move

Monday 16 November 2020

Vertafore Leak: Private Data of 28M Texans - Security Boulevard


Friday 13 November 2020

Disconnect Your TCL Smart TV From the Internet—NOW - Security Boulevard

Pull the Plug

Thursday 12 November 2020

‘Solid’ privacy pods: Can Tim Berners-Lee keep his dream alive? - TechBeacon

Monday 9 November 2020

Great British Prank: Company Name Contains XSS Hack - Security Boulevard

Ob. Bobby Tables

Thursday 5 November 2020

23% of Windows in Use is Old, Insecure Win7 or XP - Security Boulevard

Remember, Remember

Who you gonna trust? Not your default CA root store, says Chrome - TechBeacon

In GOOG we trust

Monday 2 November 2020

Google ‘Irresponsibly’ Discloses Windows Zero-Day - Security Boulevard

Thursday 29 October 2020

Messenger apps: A security nightmare to haunt SecOps - TechBeacon

Crouching feature; hidden threat

Tuesday 27 October 2020

Therapy Center Hacked, 40,000 Patients Sent Ransom Demands - Security Boulevard

What’s Finnish for HIPAA?

Friday 23 October 2020

Fake News? Trump’s Twitter ‘Twice Hacked’ - Security Boulevard

‘Nobody gets hacked.’

Thursday 22 October 2020

Check your dependencies: GitHub's npm finds nasty Trojan packages - TechBeacon

The moral of the story? Code reuse is a wonderful thing. But only if you trust ALL the code you’re reusing.

Tuesday 20 October 2020

GRU Agents Indicted for Hacking Multiple Targets - Security Boulevard

Enter Sandworm

Friday 16 October 2020

BleedingTooth: Intel Discloses Early, Angering Linux Lovers - Security Boulevard

Intel Disclosure FAIL

Thursday 15 October 2020

Think of the children: Elites want to ban E2E encryption (yet again) - TechBeacon

Irresistible force meets immovable objec

Tuesday 13 October 2020

Xplora Watches for Kids: Chinese Spyware - Security Boulevard

Hey, Kids! What Time Is It?

Monday 12 October 2020

U.S. Cyber Command Says it Nuked Trickbot, but Microsoft and Chums Claim Credit - Security Boulevard

Friday 9 October 2020

Google Gives Cops Your Search Terms – Let the Frog-Boiling Commence - Security Boulevard

Thursday 8 October 2020

Chrome 86 is … HEY DevOps: Wake up and pay attention - TechBeacon

Tuesday 6 October 2020

MosaicRegressor: ‘Chinese’ UEFI Bootkit Snoops on North Korean Foes - Security Boulevard

Monday 5 October 2020

Troy Hunt Flags Up ‘Sensational’ Sextortion Bug in Grindr - Security Boulevard

Thursday 1 October 2020

Access control: Pandemic forces rethink of IT’s trust model - TechBeacon

Zero trustification

Tuesday 29 September 2020

Ransomware Cripples UHS Hospitals Across the Nation - Security Boulevard

Thursday 24 September 2020

TikTok kid schools IT about scam apps - TechBeacon

Tuesday 22 September 2020

Feds Yell PATCH NOW over Windows AD ‘Zerologon’ Vuln - Security Boulevard

Fix It or Can It

Friday 18 September 2020

DuckDuckGo: Crazy Name, Growing Crazy-Fast - Security Boulevard


Thursday 17 September 2020

Zerologon bug is a perfect 10. Patch now or crash hard - TechBeacon

The moral of the story? Run—do not walk—to your AD domain controllers (metaphorically speaking). And start planning for February’s second shoe droppage.

Tuesday 15 September 2020

BlindSide: Intel/AMD Speculation Bugs Under Microscope Again - Security Boulevard

Sky Falling—Film at 11

Friday 11 September 2020

Russia, China, Iran Meddle in 2020 Election (Unsurprisingly) - Security Boulevard

Fancy Bear and Chums Dance on Democracy’s Grave

Thursday 10 September 2020

Ransomware pandemic: This is getting ridiculous - TechBeacon

Schools and banks and healthcare—oh my

Tuesday 8 September 2020

China Trolls U.S. With ‘Fox in Henhouse’ Data Security Plan - Security Boulevard

Don’t Feed the CCP

Saturday 5 September 2020

Apple U-Turn: It Will ‘Delay’ Killing Facebook’s Business Model - Security Boulevard

Tim Blinks

Thursday 3 September 2020

Sendgrid blames lack of 2FA for mountains of spam - TechBeacon

Bloody Vikings.

Tuesday 1 September 2020

Apple’s Big Brother Attitude Fails to Keep Users Safe - Security Boulevard

Friday 28 August 2020

Kiwi Stock Exchange DDoSed Again and Again (and Again) - Security Boulevard

Aotearoa Attack

Thursday 27 August 2020

Preinstalled mobile malware steals money in emerging markets - TechBeacon

Supply chain attack blamed

Tuesday 25 August 2020

Bridgefy FAIL: Insecure for Use in Protests - Security Boulevard

Feds Scoff At Your BT Mesh

Friday 21 August 2020

Uber ex-CISO Charged ‘Obstruction and Misprision,’ say DoJ/FBI - Security Boulevard

Sullivan Charged—is Kalanick Next?

Thursday 20 August 2020

Secret Service dodges location-data warrants … there’s an app for that - TechBeacon

He’d let us in—knows where we’ve been

Wednesday 19 August 2020

Paper Ballots: More Secure Than E-voting or Blockchain - Security Boulevard

Vote Early, Vote Often

Friday 14 August 2020

Drovorub: Russia Pushing Invisible Malware, say NSA and FBI - Security Boulevard

Penguin vs. Bear

Thursday 13 August 2020

TikTok hands over data to police as Microsoft eyes buying the app - TechBeacon

Po-po shut us down

Monday 10 August 2020

Most Android Phones Can Be Pwned Just by Watching a Video - Security Boulevard

Slava FTW, but PR FAIL

Friday 7 August 2020

Intel Leak: 20GB of Secrets Just the Start, Says Perp - Security Boulevard

Swiss Cheese Security

Thursday 6 August 2020

Chrome Web Store FAIL: 300+ More Scam Browser Extensions - Security Boulevard

GOOG Asleep at the Switch

NSA warning on location tracking: ‘Stop using your phone’ - TechBeacon

Your tax dollars at work. But what can you learn from spies like thus?

Tuesday 4 August 2020

Garmin Pays Ransom to Evil Corp – Despite Russian Sanctions - Security Boulevard

Trust Mountain to Climb

Thursday 30 July 2020

‘Russians’ Hack News Websites, Sow Anti-NATO Sentiment - Security Boulevard

Negative, Ghostwriter—the CMS is Pwned

Twitter insiders are out of control, SecOps alumni allege - TechBeacon

Fix it, or bluebird gets it

Monday 27 July 2020

Hack of Payday Lender ‘Dave’: All 7.5M Users Breached - Security Boulevard

I’m Sorry, Dave

Friday 24 July 2020

Garmin Users Furious as Ransomware Freezes Firm - Security Boulevard

Where Was I?

Thursday 23 July 2020

BIMI email standard: Security fix or privacy fail? - TechBeacon

GOOG: benevolent cloud provider or evil marketer?

Tuesday 21 July 2020

CBP Scandal: Buying License Plate Scans - Security Boulevard

Big Brother Watching

Friday 17 July 2020

Twitter is Dead to Me – What Really Happened This Week - Security Boulevard

Avian Blu’

Thursday 16 July 2020

Clock ticks for TikTok: RNC and DNC nuke app, US mulls ban - TechBeacon

Stop the clock

Tuesday 14 July 2020

Microsoft Sued for LinkedIn Clipboard Snooping Scare - Security Boulevard

Sneaky Paste

Friday 10 July 2020

Police Buy Hacked Data, to Fish for Evidence—Is That Even Legal? - Security Boulevard

Quis Custodiet Ipsos Custodes?

Thursday 9 July 2020

Feds warn: MSPs being hacked—so stop your complacency - TechBeacon

Mismanaged SP?

Tuesday 7 July 2020

F5 BIG-IP Has Huge, Enormous, Bad, Scary Security Holes (Patch NOW) - Security Boulevard

Hair. On. Fire.

Friday 3 July 2020

1,000 False Wakewords: A Letter! Buy 200 Toilet Rolls - Security Boulevard

Election! Confirm Purchase.

Thursday 2 July 2020

Google, Apple, Mozilla enforce 1-year max certificate expiration - TechBeacon

Time’s up for lazy DevOps

Wednesday 1 July 2020

TikTok Banned: 59 Chinese Apps Blocked in India - Security Boulevard

Stop the Clock

Thursday 25 June 2020

Encryption: Politicians Try to Outlaw Math (Again) - Security Boulevard

Think of the Children!

Try harder: CSP won’t save you from Magecart-style attacks - TechBeacon

New trick in the wild

Tuesday 23 June 2020

BlueLeaks is Huge FAIL for Anonymous and DDoSecrets - Security Boulevard

BlueLeaks: Not Clever

Friday 19 June 2020

HUGE Google Chrome Spyware Ring: 111 Add-ons,15K Domains - Security Boulevard


Thursday 18 June 2020

Anonymous tweets ‘DDoS’; everyone freaks out - TechBeacon

T reconfig FAIL

Monday 15 June 2020

Twitter Nukes 32,000 More State Trolls, Mostly From China - Security Boulevard

五毛 FAIL; Hungry Тролли

Thursday 11 June 2020

Is Zoom the Next Huawei? ‘Puppet of Chinese,’ Say Critics - Security Boulevard

$ZM PR FAIL (yet again)

‘Dark Basin’: Prolific spear-phishers for hire - TechBeacon

Allegedly Sumit & Co.

Tuesday 9 June 2020

IBM Jumps on BLM Bus, Drops Failing Facial Biz - Security Boulevard

But Clearview AI Doesn’t

Monday 8 June 2020

Open Source Sucks, Says Ballsy Infosec Firm - Security Boulevard

Duck and Cover

Friday 5 June 2020

Who’s DDoSing Anti-Racism Groups? - Security Boulevard

The Ultimate Whataboutists

Thursday 4 June 2020

Your passwordless future: Make it sooner rather than later - TechBeacon

It’s a kind of magic

Monday 1 June 2020

Zoom’s New Model is Making Heads Hurt - Security Boulevard

E2EE for Reelz This Time

Friday 29 May 2020

NSA: Russia Hacking U.S. Firms, via Old Exim Flaw - Security Boulevard

GRU GTsST vs. the World

Thursday 28 May 2020

Remember this: Chrome’s security flaws put Rust in the hotseat - TechBeacon

Beware baby+bathwater bogosity

Tuesday 26 May 2020

Is eBay Port Scanning Your PC? (Probably) - Security Boulevard

L@@K fleaBay Trix

Friday 22 May 2020

Mom, You Can’t Post Pictures of My Child—Because GDPR - Security Boulevard


Thursday 21 May 2020

Whistleblower Says Apple Built Secret Dossier on You, via Siri - Security Boulevard

GDPR Toothless?

Mercedes software leaks via Git and Google dork - TechBeacon


Monday 18 May 2020

11-Plus Supercomputers Hacked With Cryptominers - Security Boulevard

Thursday 14 May 2020

Was This Huawei’s Failed Attempt at a Linux Backdoor? - Security Boulevard

‘Thunderspy’ enlightening—very, very frightening - TechBeacon

Monday 11 May 2020

DEF CON is Canceled. Wanna Buy a Bridge? - Security Bloulevard

Thursday 7 May 2020

Cracked Apple: iOS security researchers intimidated into silence - TechBeacon

Wednesday 6 May 2020

Xiaomi U-Turn: Admits Sending Private Data it Said it Didn’t - Security Boulevard

Tuesday 5 May 2020

Steal Data Through Sound, Sans Speaker? - Security Boulevard

Friday 1 May 2020

Quibi, JetBlue, Others Leaked Millions of Emails - Security Boulevard

Thursday 30 April 2020

8.6M PII leaked from UK city's CCTV DB; Neology denies responsibility - TechBeacon

Monday 27 April 2020

COVID-19 Contact Tracing Apps Fight Privacy Fears - Security Boulevard

Friday 24 April 2020

China Wants to Control All the Internet With 'New IP' Plan - Security Boulevard

Thursday 23 April 2020

Apple Scrambles to Patch Old iOS Mail Bugs - Security Boulevard

Over a quarter-billion Facebook profiles served (at 0.0002¢ each) - TechBeacon

Monday 20 April 2020

Thursday 16 April 2020

Monday 13 April 2020

Friday 10 April 2020

Thursday 9 April 2020

Tuesday 7 April 2020