The Register

Syndicate content
Biting the hand that feeds IT — sci/tech news and views for the world
Updated: 1 hour 28 min ago

Snowden-inspired crypto-email service Lavaboom launches

1 hour 44 min ago
German service pays tribute to Lavabit

Lavaboom, a new German-based and supposeldyNSA-proof email service, will go into private beta this week with a mission spread the gospel according to Edward Snowden by making encrypted email accessible to all.…

FOUR DAYS: that's how long it took to crack Galaxy S5 biometrics

3 hours 30 min ago
Sammy's newbie cooked slower than iPhone, also costs more to build

The much-hyped fingerprint scanner on Samsung’s latest flagship handset the Galaxy S5 has already been hacked just days after the device was launched, although a teardown reveals a bill of materials in excess of $250 (£150) – higher than the iPhone 5S.…

Eugene Kaspersky: Ukraine conflict hurts enterprise security

6 hours 1 min ago
With governments occupied, criminals could capitalize

As governments around the world continue to wrangle for a peaceful solution to the political tensions in the Ukraine, cybercriminals could catch governments off guard with online attacks, warns Kaspersky Lab CEO Eugene Kaspersky.…

Oracle working on at least 13 Heartbleed fixes

6 hours 11 min ago
Big Red's cloud is safe and Oracle Linux 6 has been patched, but Java has some issues

Oracle has emitted its formal advice about Heartbleed, revealing it has 13 products that need a patch and 14 more “which may be vulnerable”.…

Kaspersky's Security for Virtualization pushed to XenServer and HyperV

7 hours 20 min ago
Platform looks to slim down security protections in virtual instances

Kaspersky is extending its Security for Virtualuzation Light Agent security tool to the Citrix XenServer and Microsoft HyperV platforms.…

Tom Ridge: Private sector lagging in cybersecurity

Tue, 04/15/2014 - 21:05
Former US Homeland Security boss scorns enterprise security efforts

Poor communications, weak management and a lack of communications with government agencies is leaving many large enterprises vulnerable to targeted cyberattacks, according to former US Homeland Security boss Tom Ridge.…

Akamai scoffs humble pie: Heartbleed defence crumbles, new SSL keys for customers

Tue, 04/15/2014 - 17:54
We got this covered ... er, maybe not

Akamai has issued new SSL certificates to some of its customers after realising its customized OpenSSL was not immune to the Heartbleed bug as first thought.…

Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker

Tue, 04/15/2014 - 11:43
Natter-board tells middle-class Britain to purée its passwords

Twee UK parenting website Mumsnet is the second high-profile organisation to claim it has fallen victim to the infamous Heartbleed OpenSSL vulnerability.…

TrueCrypt audit: Probe's nearly all the way in ... no backdoor hit yet

Tue, 04/15/2014 - 10:34
Crypto tool clears code review hurdle

The first phase of crowd-funded audit of TrueCrypt has turned up several vulnerabilities, but nothing particularly amiss and certainly nothing that looks like a backdoor.…

German space centre endures cyber attack

Tue, 04/15/2014 - 07:30
Chinese code retrieved but NSA hack not ruled out

Germany’s space research centre in Cologne has been the victim of a co-ordinated and covert targeted attack carried out by state-sponsored hackers, according to a Der Spiegel report.…

Pakistan mulls cyber security bill to keep NSA at bay

Tue, 04/15/2014 - 05:31
Calls for founding of National Cyber Security Council

Pakistan’s Upper House this week began debating a new bill seeking to establish a National Cyber Security Council, an agency the nation feels is needed in the wake of Edward Snowden's myriad revelations about NSA surveillance.…

VMware reveals 27-patch Heartbleed fix plan

Tue, 04/15/2014 - 05:01
Go buy your vSysadmins a big choccy egg: their Easter is in peril

VMware has confirmed that 27 of its products need patches for the Heartbleed bug.…

Feds indict nine for making millions from Zeus malware

Mon, 04/14/2014 - 19:58
But cops only have two of them in custody

The FBI and the US Department of Justice have unsealed charges against nine people accused of racketeering, computer fraud, aggravated identity theft, and multiple counts of bank fraud related to their use of the Zeus malware against victims in the state of Nebraska.…

Canadian taxman says hundreds pierced by Heartbleed SSL skewer

Mon, 04/14/2014 - 16:37
900 social insurance numbers nicked, says revenue watchman

The Canadian Revenue Agency has blamed the theft of 900 social insurance numbers on the infamous Heartbleed vulnerability.…

Bad PUPPY: Undead Windows XP deposits fresh scamware on lawn

Mon, 04/14/2014 - 12:38
Installing random interwebs shiz will bork your zombie box

Cybercriminals have already seized upon the end of support for Windows XP as a theme for numerous scams and fake software updates.…

Oz bank in comedy Heartbleed blog FAIL

Mon, 04/14/2014 - 11:33
Bank: 'We are now safely patched.' Customers: 'You were using OpenSSL?'

An attempt by Australia's Commonwealth Bank to reassure customers that they would not be harmed by the Heartbleed vulnerability has backfired spectacularly after tech-savvy customers made mincemeat out of a badly worded blog post.…

Obama allows NSA to exploit 0-days: report

Mon, 04/14/2014 - 03:53
If the spooks say they need it, they get it

The NSA's denial it knew about or exploited the Heartbleed bug raises an obvious question: does it exploit similar flaws?…

Heartbleed exploit, inoculation, both released

Mon, 04/14/2014 - 02:51
File under 'this is going to hurt you more than it hurts me'

As the Heartbleed fallout continues, the good news is that code to protect against similar such attacks has been released. The bad news is that exploit code is also available.…

VMware patches man-in-the-middle vSphere vuln

Sat, 04/12/2014 - 02:09
Still no fix for Heartbleed, though experts say attacks improbable

VMware has released an update to its vSphere Client which addresses a potential – but hard to target – man-in-the-middle vulnerability for the virtualization tool.…

FTC gets judicial thumbs-up to SUE firms over data breaches

Sat, 04/12/2014 - 01:23
If you don't take 'reasonable and appropriate' measures, get ready for court

In a ruling this week, a US federal judge affirmed the Federal Trade Commission's authority to file lawsuits against companies for failing to take "reasonable and appropriate" data security measures, rejecting a claim that the agency lacks that power.…