Developers working on open-source ad-blocker uBlock Origin have uncovered a mechanism for tracking web browsers around the internet that defies today's blocking techniques. A method to block this so-called unblockable tracker has been developed by the team, though it only works in Firefox, leaving Chrome and possibly other …

The UK’s tax authorities have issued an official warning to contractors to watch out for self-assessment scams - and they don’t mean IR35 for a change. According to Her Majesty’s Revenue and Customs (HMRC), fraudsters see self-employed individuals as a good target and are pulling off a wide variety of cons around purported tax …

Amnesty International says the "pervasive surveillance" practiced by Facebook and Google represents a threat to human rights, a claim the two companies dispute. On Thursday in the UK, the advocacy group, known for documenting torture and ethnic cleansing, published a report taking the two ad giants to task for business models …

Amazon's camera-infused doorbell biz Ring offers virtually nothing in the way of privacy or civil-rights protection for the surveillance video it collects and shares with police – according to US Senator Edward Markey (D-MA). On Tuesday, Markey said an inquiry he'd launched in September to assess Ring's corporate privacy …

Microsoft has put its weight behind the DNS-over-HTTPS (DoH) security protocol, greatly increasing the likelihood of it becoming a default internet standard. In a post published Sunday on its networking blog, Microsoft engineers confirmed plans to adopt DoH as a default, explaining that it would “close one of the last …

GitHub, Microsoft's cloud version control service and gripe forum, has joined with a handful of like-minded partners to form GitHub Security Lab (GSL) to better find bugs in open source software. Consisting of GitHub security researchers, third-party code maintainers and interested parties from partner companies, GSL aspires …

Reports that the Home Office's Brexit app contains "serious vulnerabilities" that could expose the phone numbers, addresses and passport details of EU citizens are overblown, say security experts. To date, one million EU nationals have downloaded the Android settled status app, which asks users to take a selfie and scans the …

On Tuesday Fastly, Intel, Mozilla, and Red Hat teamed up to form the Bytecode Alliance, an industry group intent on making WebAssembly work more consistently and securely outside of web browsers. WebAssembly is a form of low-level bytecode that can be created by passing code in higher-level languages, like C/C++ and Rust, …

Facebook’s iPhone app has a new feature – and one that netizens aren't too happy about: it opens the phone’s camera app in the background without your knowledge. A number of users have noticed the unusual behavior and posted videos demonstrating it. In each, the rear camera is clearly turned on and can be seen behind the main …

Trusted Platform Modules, specialized processors or firmware that protect the cryptographic keys used to secure operating systems, are not entirely trustworthy. Boffins from the Worcester Polytechnic Institute and University of California, San Diego, in the US, and the University of Lübeck in Germany, have found that TPMs …

Huawei, America's favourite bogeyman, is to dish out ¥2bn (£219m) as a reward to employees working their arses off on contingency plans to mitigate the anti-China rhetoric coming from the US government. In May the US barred Huawei from buying American components and software without a special licence, though certain suppliers …

GitLab's director of global risk and compliance, Candice Ciresi, has resigned from the company, accusing the code hosting biz of engaging in discriminatory and retaliatory behavior. Ciresi declined to discuss the matter with The Register, but the cause of her departure appears to be a company plan to refuse to hire engineers …

It has been revealed that Adobe's Experience Platform mobile SDKs, used to create apps that interact with the company's cloud services, until recently contained sample configuration files that created insecure default settings. Developers creating apps that utilize those files as templates or examples could find that their …

Google, after more than a decade of dealing with Android malware, has formed an alliance with three security companies to help it defend its mobile platform. The Chocolate Factory on Wednesday announced the App Defense Alliance, by which partners ESET, Lookout, and Zimperium will be able to scan Android apps submitted to …

The month after Rudy Giuliani was named the US president’s cybersecurity adviser, the former mayor of New York queued up outside an Apple Store in San Francisco to get staff to reset his iPhone because he couldn’t remember the passcode. Giuliani had typed into the wrong code more than 10 times, seizing up the phone and an …

On Tuesday, Don HO, the developer of Notepad++, a free GPL source code editor and notepad application for Microsoft Windows, released version 7.8.1, prompting a social media firestorm and a distributed denial of service attack. Notepad++ v7.8.1 was designated "the Free Uyghur edition," in reference to the predominantly Muslim …

UpdatedFacebook and its WhatsApp subsidiary on Tuesday sued NSO Group alleging the Israel-based spyware maker unlawfully hacked smartphones using a vulnerability in the popular chat app. The complaint [PDF], filed in a US district court in San Francisco, blames NSO for a cyberattack on WhatsApp users that was publicly disclosed in …

AnalysisA key internet infrastructure organization is undercutting efforts to make the internet more secure by insisting ISPs accept a legal agreement before using a security framework, critics charge. The org in question – US-based regional internet registry ARIN – argues that under American law, it has to have people consciously …