A man from the US state of Georgia who pleaded guilty in March to breaking into the Apple iCloud accounts of sports and entertainment figures was sentenced on Thursday to three years and one month in federal prison – and ordered to pay almost $700,000 in restitution. Kwamaine Jerell Ford was indicted in April, 2018, at the age …

Two driverless vehicle trials were temporarily halted this week after self-driving mini-buses encountered obstacles – or think they did – resulting in minor injuries to a rider and a pedestrian. To play devil's advocate for a second, are these accidents a sign that machine-learning software is still unprepared for motoring in …

Excluding Huawei from the UK's 5G network infrastructure would harm resilience and "lower security standards", the Intelligence and Security Committee (ISC) warned today. It also called for Britain's next prime minister, which most think will be uncombable hair syndrome sufferer Boris Johnson, to help make a decision on the …

Microsoft has demonstrated its ElectionGuard electronic vote system at the Aspen Security Forum under way in Colorado and warned that nearly 10,000 of its customers have been targeted by nation-state attacks. ElectionGuard aims to enable end-to-end verification of voting. Voters receive a tracking code and can check via a web …

A former Microsoft software engineer was arrested on Tuesday and charged with mail fraud for allegedly attempting to steal $10m in digital currency from his former employer, US prosecutors said today. Volodymyr Kvashuk, 25, a citizen of Ukraine residing in Renton, Washington, initially worked for Microsoft as a contractor and …

Lenovo is emitting an emergency firmware patch for Iomega NAS devices after the network-attached storage boxes were discovered inadvertently offering millions of files to the internet via an insecure software interface. Infosec outfits Vertical Structure, based in the Northern Ireland, and WhiteHat Security, headquartered in …

Another JavaScript package in the npm registry - the installer for PureScript - has been tampered with, leading project maintainers to revise their software to purge the malicious code. After a week of reports of unexpected behavior, software developer and PureScript contributor Harry Garrood on Friday published his account of …

Two US lawmakers are pushing a bipartisan bill that would force the Department of Homeland Security (DHS) to alert the public of hacking attempts on election computer systems. House reps Mike Waltz (R-FL) and Stephanie Murphy (D-FL) agreed to reach across the aisle to sponsor HR 3259, the Achieving Lasting Electoral Reforms on …

Five boffins from four US universities have explored AMD's Secure Encrypted Virtualization (SEV) technology – and found its defenses can be, in certain circumstances, bypassed with a bit of effort. In a paper [PDF] presented Tuesday at the ACM Asia Conference on Computer and Communications Security in Auckland, New Zealand, …

Mozilla on Tuesday added digital certificates belonging to security biz DarkMatter and its subsidiaries to Firefox's OneCRL blocklist, based on concerns that the UAE-based company will misuse its power as a certificate authority (CA) to intercept online communications. In a post to Mozilla's security policy forum, Wayne Thayer …

A former IT administrator has been sentenced to more than two years in prison for accessing his employer's computers without authorization and deleting company files. The US Attorney's Office for the Central District of California today said Nikishna Polequaptewa, 37, of Avondale, Arizona, has been sentenced to 27 months in …

Microsoft's latest official Windows 10 update, OS Build 18362.207, from June 27, 2019, can potentially break your VPN. But it probably won't because it's an edge case that can be expected to affect very few people. We saw some signal flares raising the alarm and, upon looking into the issue, it's clear there's less than meets …

Mozilla says it is baffled by the UK Internet Services Providers’ Association's decision to nominate the browser maker as the internet's 2019 villain of the year. The UK ISPA earlier this week proposed Mozilla, self-styled defender of internet freedom, as a black hat for its "proposed approach to introduce DNS-over-HTTPS in …

A software developer employed by two different IT subcontractors participating in separate National Security Agency (NSA) contracts has pleaded guilty to submitting false claims about the number of hours he worked, according to the US Department of Justice. Kyle Duran Smego, a 40-year-old software engineer residing in Raleigh …

UpdatedYouTube – under fire since inception for building a business on other people's copyrighted content and in recent years for its vacillating policies on irredeemable material – recently decided it no longer wants to host instructional hacking videos. The written policy first appears in the Internet Wayback Machine's archive of …

Smart home company Zipato hardcoded the same private SSH key into every one of its hubs, leaving its system open to hacking, researchers revealed this week. The eggheads at security shop Black Marble demonstrated in a blog post how that flaw, combined with two related vulnerabilities, allows them to access the hub and devices …

Superhuman, an email startup betting people who deal with a lot of messages will pay $30 a month for a more organized inbox, has come under fire for not providing privacy by default. "Superhuman is a surveillance tool that intentionally violates privacy by notifying senders every time their emails have been viewed by …

In yet another example of absent security controls, troves of police body camera footage were left open to the world for anyone to siphon off, according to an infosec biz. Jasun Tate, CEO of Black Alchemy Solutions Group, told The Register on Monday he and his team had identified about a terabyte of officer body cam videos, …