Security
Microsoft offers $20,000 bug bounties for Xbox security flaws
Microsoft extends bug bounty offerings to Xbox games console vulnerabilities
Government Huawei ruling will cost £500m over five years, claims BT
BT claims that it will need to remove Huawei equipment from the EE mobile network to comply with the government's ruling
Avast to close Jumpshot data-analytics firm following claims it sold anti-virus users' web-browsing data
Avast CEO Ondrej Vlcek claims he made the decision following a review instigated after he joined seven months ago
US urges UK to reconsider Huawei 5G decision
Mike Pompeo describes Huawei as a 'real risk' to security and tells foreign secretary Dominic Raab to reconsider its role in the UK's 5G and fibre networks
Maze ransomware group threatens to post data from victims who refuse to pay-up
Twenty-five alleged victims - many of them previously unknown - listed on Maze's website
Three United Nations offices hacked
Three UN agencies pwned, 22 administrative-level accounts compromised and malware implanted on 40 servers
Ring App packed with third-party trackers and data shared with analytics firms
Privacy group accuses Amazon's Ring security doorbell app of sharing data with analytics firms, including Facebook
UK decision on Huawei's participation in 5G networks due today
Prime Minister Boris Johnson under pressure from both sides over inclusion of Huawei in the UK's 5G networks
Indonesian police arrest three hackers suspected of launching Magecart attacks on ecommerce sites
Indonesian anti-skimming operation was carried out in coordination with Interpol
Government plans new laws to mandate minimum security standards for consumer IoT devices
Government expected to push for legal recognition of emerging TS 103 645 global IoT security standard
Citrix releases final patches for critical CVE-2019-19781 security flaw
Patch ASAP, urges Citrix - then scan your network for any indicator of compromise
UN experts demand detailed investigation into alleged Saudi involvement in Jeff Bezos' phone hacking
UN report based on technical probe by specialists at FTI Consulting
UK to grant Huawei limited role in UK 5G roll out
Government sources indicate that Huawei's role in the UK's 5G networks will be limited to the periphery
Insurer Coalition buys BinaryEdge security search engine to scan policyholders
BinaryEdge acquisition comes as insurers start hiking rates in response to spike in ransomware attacks
Jeff Bezos' phone reportedly hacked via malicious WhatsApp message from Saudi prince
Bezos had shared his number with Crown Prince Mohammed bin Salman at a dinner in Los Angeles
Proof of concept versus production deployments: The case for an enterprise IoT model
Connecting production IoT devices to a public network might be tempting, but a private IoT network will be more secure and reliable, argues Comms365's Nick Sacke
Apple U-turned on iCloud end-to-end encryption plan following FBI complaints
Apple backed down to avoid further disputes with law enforcement and over fears customers could be completely locked out of accounts, say sources
Emotet malware operators now using new spam template to demand $50 extortion from potential targets
Phishing emails falsely tell recipients their machines have been hacked, telling them to open an attached document if they want to rescue their data...
Telnet credentials for half-a-million IoT devices and routers released online
Telnet belongs in a museum, warn security specialists, but is still rolled into modern internet-connected devices
No fix until February for Internet Explorer zero-day being actively exploited in targeted attacks
Internet Explorer vulnerability found in the scripting engine that handles objects in memory
Citrix releases permanent fixes for CVE-2019-19781 security flaw in Citrix ADC 11.1 and 12
Patches for other versions expected to be released on 24th January
BT and Vodafone to lobby government over Huawei ban
Network operators fear higher costs if Huawei is barred from providing 5G and other network hardware in the UK
WeLeakInfo website trading in 12 billion compromised credentials taken down and two men arrested
Arrests in the Netherlands and Northern Ireland accompany cross-border operation against hacker website trading in compromised credentials
Dutch NCSC: Turn off Citrix ADC and Gateway servers NOW as mitigation measures are not effective
Citrix expects to release permanent patches for the critical security flaw by the end of January - despite being informed of it more than three months ago
