Articles about security

Google Cloud sign on HQ

Google Cloud Platform reins in its trigger-happy account-axing AI cops

With no mention of Tuesday's Cloud Platform service troubles, Google on Wednesday heralded the arrival of click-to-deploy Kubernetes apps in the Google Cloud Platform Marketplace. "With GCP Marketplace, you can now easily find prepackaged apps and deploy them onto the cluster of your choice," said Anil Dhawan, product manager …
Thomas Claburn, 18 Jul 2018
Hacker

Blood test biz LabCorp pulls plug on systems over hacker fears

Medical biz LabCorp shut down some of its systems last week after it detected "suspicious activity" on its network. A company spokesperson told The Register that, contrary to early claims the "entire network" was shut down and "millions" of records swiped, only its Diagnostics service was affected – the Covance pharmaceutical …
Shaun Nichols, 17 Jul 2018
People wearing biohazard suits after nuclear explosion

Crooks swipe plutonium, cesium from US govt nuke wranglers' car. And yes, it's still missing

Analysis While staying at a Marriott hotel in San Antonio, Texas, US government staffers left nuclear material, recovered from a non-profit research lab, in a rented SUV overnight. The following morning, these individuals – described as "security experts" at the US Department of Energy’s Idaho National Laboratory – found their Ford …
Thomas Claburn, 16 Jul 2018
FBI agent on a phone

Apple emits iPhone cop-block update – plus iOS, macOS, Safari patches

Apple has released the latest version of its mobile operating system complete with its Fed-blocking option. The iOS 11.4.1 upgrade is small by Apple standards – coming in at around 200MB – but it represents a big headache for the FBI and other organizations that want to gain access to someone else's phone because it kills off …
Drowning in a smartphone

Snooping passwords from literally hot keys, China's AK-47 laser, malware, and more

Roundup The week surrounding America's "Huzzah, we kicked out the Brits, and will now spell color any way we like" Day, on July 4, is traditionally one of the slowest periods in the annual business tech news cycle. IT security, on the other hand, never rests. We've covered Google cracking down on non-HTTPS sites, Fortnite cheats …
Iain Thomson, 7 Jul 2018
Google's new Endpoint Verification Chrome extension

Google releases lite PC-snooper, 'cos full mobile management is hard

Google’s released a Chrome extension that lets admins snoop on the state of PCs accessing its cloudy productivity and infrastructure products. The “Endpoint Verification” extension works on Chrome OS, MacOS or Windows devices. The latter two platforms need a “native helper” too. Once installed, the software lets admins create …
Brave Browser with Tor

Brave Brave browser's hamburger menu serves Tor onion routing

Brave Software has updated its web browser so that its private mode actually supports privacy, or nearly – a few lingering technical issues still need to get ironed out. The outfit's latest desktop release, Brave 0.23, integrates Tor, the free open-source software that aims to help netizens evade online surveillance, in its …
Thomas Claburn, 29 Jun 2018
"Bad dog": Owner wags finger at naughty bulldog

That'll learn ya! Data watchdog spanks two Brit phone botherers

Two nuisance callers were today named and shamed – only one was fined – by the UK's data watchdog for illegal marketing activities. Our Vault Ltd in Chorley, Lancashire, was hit with a £70,000 penalty by the Information Commissioner's Office (ICO) for making more than 55,000 unsolicited calls to householders that had …
Paul Kunert, 28 Jun 2018
Window Snyder

Intel finds a cure for its software security pain: Window Snyder

Intel has recruited noted computer security exec Window Snyder into its ranks to help improve its fortunes in the cybersecurity space. Chipzilla said effective July 9, Snyder, formerly the chief security officer at Fastly, will be its new software chief security officer and vice president and general manager of the Intel …
Shaun Nichols, 25 Jun 2018
Statue of Achilles dying

Painful truth: DNS, CDNs and CAs are Achilles' Heel for top websites

Internet infrastructure may be fairly resilient thanks to its distributed nature, but the web we've built on top of it appears to be rather fragile. In a paper distributed last week through the ArXiv preprint server, researchers for Carnegie Mellon University find that third-party services such as domain name service (DNS) …
Thomas Claburn, 25 Jun 2018
Boot crushes duckling - pic Shutterstock

Smyte users not smitten with Twitter: APIs killed minutes after biz gobble

Updated Twitter, known for its rather rocky relationship with developers, cemented its reputation for missteps on Thursday – by announcing the acquisition of content cleansing and security biz Smyte and almost immediately disconnecting the firm's existing customers. The deal, for an undisclosed sum, will allow Twitter to apply Smyte's …
Thomas Claburn, 22 Jun 2018
Lock on a board. Photo by shutterstock

Did you have locking down AI and blockchain as possible Intel SGX uses? If so, congrats...

Israel Cyber Week At the Cyber Week security conference in Israel on Tuesday, chip giant Intel plans to discuss how it is addressing threats to the overexposed tech celebrities known as AI and blockchain. Spoiler: its strategy involves enticing other companies to implement Intel Software Guard Extensions (SGX). In remarks provided in advance …
Thomas Claburn, 20 Jun 2018

How to stealthily poison neural network chips in the supply chain

Computer boffins have devised a potential hardware-based Trojan attack on neural network models that could be used to alter system output without detection. Adversarial attacks on neural networks and related deep learning systems have received considerable attention in recent years due to the growing use of AI-oriented systems …
Thomas Claburn, 19 Jun 2018
Thumbs up for Spectre-Meltdown protection

Boffins offer to make speculative execution great again with Spectre-Meltdown CPU fix

A group of computer science researchers has proposed a way to overcome the security risk posed by speculative execution, the data processing technique behind the Spectre and Meltdown vulnerabilities. In a paper distributed this week through the ArXiv preprint server, "SafeSpec: Banishing the Spectre of a Meltdown with Leakage- …
Thomas Claburn, 16 Jun 2018
tapplock

Unbreakable smart lock devastated to discover screwdrivers exist

Video It's never easy to crack into a market with an innovative new product but makers of the "world's first smart fingerprint padlock" have made one critical error: they forgot about the existence of screwdrivers. Tapplock raised $320,000 in 2016 for their product that would allow you to use just your finger to open the " …
Kieren McCarthy, 15 Jun 2018
Docker CEO Steve Singh

Docker Hub security dissed, dodgy container image data damned

At DockerCon in San Francisco on Wednesday, CEO Steve Singh highlighted security as one of Docker's core principles. Only a day earlier, Germany-based security software development shop Kromtech suggested security wasn't a priority for the code containerizer. Over the past twelve months, Kromtech explained in a blog post, …
Thomas Claburn, 14 Jun 2018
Windows Security

Microsoft reveals which Windows bugs it might decide not to fix

Microsoft’s published a draft “Security Servicing Commitments for Windows” in which it explains the bugs it will and won’t fix. The document (PDF) was revealed on June 12th and is intended for security researchers, to offer “better clarity around the security features, boundaries and mitigations which exist in Windows and the …
Simon Sharwood, 13 Jun 2018
Arcady http://www.shutterstock.com/gallery-450076p1.html

Google plots death of inline installation for Chrome extensions

Google on Tuesday said it plans to discontinue inline installation of Chrome browser extensions, by which code on third-party websites can trigger the installation of extensions from the Chrome Web Store. The decision, which will be implemented in stages, follows a series of complaints in recent years about malicious …
Thomas Claburn, 12 Jun 2018

Create a news alert about security, or find more stories about security.

Biting the hand that feeds IT © 1998–2018