Organisations

(get it in RSS or Atom)

"Row hammering" - how to exploit a computer by overworking its memory

By overcooking your computer's memory, you may be able cause data corruption. But can you turn that into a deliberate security exploit?

Google's Project Zero researchers say, "Yes!"

Update Tuesday wrap-up, March 2015 - FREAK fixed fast, and lots more from Microsoft

patch-tuesday-denim-250

Adobe published no bulletins for March 2015, so this one is all about Microsoft...

Android Lollipop 5.1 brings promised anti-theft "kill switch"

Android kill switch

Android Lollipop 5.1 is out for some Nexus phones, and it comes with an anti-theft kill switch. Now you can use Android Device Protection to freeze your phone if it’s lost or stolen.

Apple fixes FREAK in iOS, OS X and Apple TV - and numerous other holes besides

Apple's latest security fixes are out.

The FREAK bug is now fixed, but so are numerous other holes worth patching in their own right.

Monday review - the hot 25 stories of the week

Monday review

Catch up with the hot stories of the past week...

...and why not try out our weekly podcast and watch our 60-second video while you're about it?

But surely "export grade" means HIGHER quality? 60 Sec Security [VIDEO]

\

The latest episode of our weekly security news video...

...all in just 60 seconds, as usual.

Adobe launches bountyless bug hunt program on HackerOne

Adobe launches bountyless bug hunt program

Forget cash, Adobe is offering reputational points instead with its new bug bounty program.

Gazon - the Android virus that SMSes everyone

The Android SMS virus "Gazon" sends itself to everyone in your contact list - including your friends, your mum...

...and your customers.

Not a good look.

Google quietly drops promised encryption by default for Android Lollipop

Google quietly drops promised encryption by default for Android Lollipop

Google has confirmed reports: that sweet encryption-by-default it promised for Android Lollipop left a sour taste when it came to device performance.

Google performs U-turn on Blogger smut rule

Google performs U-turn on Blogger smut rule

Google has changed its mind over a new policy on sexually explicit content on its Blogger platform and will target commercial porn instead.

Craig Brittain asks Google to remove links relating to his revenge porn antics

Craig Brittain asks Google to remove links relating to his revenge-porn antics

The guy who ignored women's pleas to take down nude images from his IsAnybodyDown site wants to have his own photos and information expunged from Google.

Google turns Pwnium into an all-year, unlimited-rewards bug-hunting contest

Bug. Image courtesy of Shutterstock.

Google's new thinking around bug hunting: get it to us ASAP, from wherever you are.

Google bans sexually explicit content on Blogger

Nude ban. Image courtesy of Shutterstock.

Unless the content has "public benefit," it will be bumped out of public view as of 23 March (if it's already been published) and banned outright after that date.

YouTube to launch ad free subscription and a kid safe app

YouTube to launch ad-free subscription and a kid-safe app

YouTube's stripping comments from its upcoming Kids app and adverts from its upcoming paid subscription model.

Apple Watch wobbles? Advanced health tracking features dropped for launch

apple-watch-health-250

The rumor mill is shifting into high gear ahead of the expected April 2015 launch of the Apple Watch, and leaked details imply some setbacks - according to recent reports, Apple has dropped groundbreaking health-tracking features.

Forget Google Glass, here's Sony's (not quite as catchy)‏ SmartEyeglass

Those aren't augmented reality spectacles.

THESE are augmented reality spectacles!

But what about the privacy and security side?

RBS and NatWest banks to use Apple's Touch ID fingerprint system for mobile login

Touch ID. Image courtesy of Shutterstock.

The Royal Bank of Scotland and NatWest have launched a new mobile banking service that allows Apple customers to authenticate via Apple's Touch ID.

Windows 10 will work with FIDO specs for password-free access, says Microsoft

Windows 10 logo

Microsoft has announced that its forthcoming revamp of Windows will be compliant with FIDO's current specifications for advanced authentication. Or has it?

SSCC 186 - Just how firm is your firmware? [PODCAST]

chet-chat-logo-featured-250

Here's the latest episode of our weekly security podcast - from firmware and Firefox to Project Zero and Lightning conductors.

Chet and Duck are in fine fettle as usual...enjoy!

Lizard Squad returns, claims attack on Xbox Live and Daybreak Games

Lizard. Image courtesy of Shutterstock.

Hacking group Lizard Squad has returned, apparently disrupting Microsoft's Xbox Live service and Daybreak Games with DDoS attacks.