To evoke support for growing things, not the 1990s vendor of web-pages-made-easy-ware LogoWatch Newly combined security outfits McAfee and FireEye have revealed a new name: "Trellix".... [...]

To evoke support for growing things, not the 1990s vendor of web-pages-made-easy-ware LogoWatch Newly combined security outfits McAfee Enterprise and FireEye have revealed a new name: "Trellix".... [...]

Firm that found the flaw also spotted ChaosDB and OMIGOD, confident this one’s been exploited Microsoft has revealed a vulnerability in its Azure App Service for Linux allowed the download of files that users almost certainly did not intend to be made public.... [...]

‘Chatter’ can be bugged thanks to kindergarten-grade security A Bluetooth phone designed to evoke the carefree days of early childhood has been found to instead threaten the very adult prospect of being surveilled in your home.... [...]

The Ellume COVID-19 Home Test was connected to the internet of woefully insecure things for a while Security vendor F-Secure has faked a COVID test result on a Bluetooth-equipped home COVID Test. Thankfully the vendor’s since fixed the device.... [...]

Shares them with Troy Hunt’s Have I Been Pwned after sweeping them up from ‘compromised cloud storage’ The United Kingdom’s National Crime Agency and National Cyber Crime Unit have uncovered a colossal trove of stolen passwords.... [...]

Third major fix in ten days is an infinite recursion flaw rated 7.5/10 The Apache Software Foundation (ASF) has revealed a third bug in its Log4 Java-based open-source logging library Log4j.... [...]

Workspace ONE Unified Endpoint Management can leak info via server-side request forgery VMware customers have probably had a busy week because more than 100 of the IT giant's products are impacted by the Log4j bug.... [...]

But still allows limited harvesting Meta has expanded its bug bounty program to include payouts for reports of scraping attacks on Facebook – but hold your applause.... [...]

Frontier Software admitted attack three weeks ago, said data was safe... now it's on the dark web Personal information describing names, addresses, bank account details, and taxation IDs of 38,000 Australian government employees has been leaked to the dark web after a ransomware attack.... [...]

Resellers were given exclusive territories to target, and offered tech support Australia's Federal Police force has revealed more about how it distributed a backdoored chat app to criminals.... [...]

Certifies hardware with malware-crimping spec, already common in PCs, for Azure Stack and Windows Server Microsoft has extended the Secured-core concept it applied to PCs in 2019 to servers, and to Windows Server and Azure Stack HCI.... [...]

'Nickel' back in trouble for trying to lift secrets, often by exploiting Microsoft snafus Microsoft has revealed its Digital Crimes Unit (DCU) won court approval to take control of websites a Chinese gang was using to attack targets across the world – often by exploiting vulnerabilities in Microsoft products.... [...]

Poised to reveal similar haul to 2020's €40M loss prevention total The European Cybercrime Centre has again acted against credit card fraud and is poised to reveal success on a similar scale to its 2020 campaign that prevented €40 million of losses.... [...]

Underground industry grows in complexity and sophistication, says Santander Group researcher October 18, 2021, was a tricky day for the ransomware industry. First, the gang that ran the REvil ransomware had its servers compromised, and then three individuals with key roles changed jobs.... [...]

China is on the march, Russia loves to destabilise, no intelligence agency can stop 'em without help The head of the UK's secretive Military Intelligence Section 6 agency – popularly known as MI6 – has delivered a rare speech in which he has warned that China, Iran, and Russia use information …

Spotted the crack after it ended – still not sure what was lost Japanese industrial giant Panasonic has admitted it's been popped, and badly.... [...]

At the same time, will overrule court decision that traditional publishers are liable for comments on social media Australia's government has announced it will compel social media companies to reveal the identities of users who post material considered defamatory.... [...]

Ad giant's first stab at providing the 'world's premier security advisory' starts with the obvious Google's Cybersecurity Action Team has released its first "threat horizon" report on the scary things it's found on the internet.... [...]

Other additions to Entity List are accused of helping Pakistan, North Korea make nukes, missiles The US Dept of Commerce's Bureau of Industry and Security has added 27 companies to its list of entities prohibited from doing business with the USA on grounds they threaten national security – and one …

Beware of Communists bearing internet governance proposals, says Australian Strategic Policy Institute China is actively trying to export its internal internet governance model, according to a paper from the International Cyber Policy Centre at the Australian Strategic Policy Institute.... [...]

Infosec firm says it found unpatched software, Bank admits Exchange may not have been in the best shape India's Punjab National Bank has smacked down a security firm's allegation that it exposed personal and financial data of its 180 million customers – but appears to have admitted its Exchange Server …

Video app promises not to let naughty content cross the border, and to ban those who try Pakistan has allowed TikTok to resume operations on its soil.... [...]

Middle Kingdom floats fresh data security rules, too, with eight-hour privacy breach notification requirement China’s Central Commission for Discipline Inspection has expelled a communist party member for allowing cryptocurrency mining to happen, corruption, and other infractions.... [...]

Looks like feuding hackers wanted to expose Feds' failings as a public service. We want to believe The United States Federal Bureau of Investigation has admitted that a software misconfiguration let parties unknown send email from its servers.... [...]