Forum owners and users beware! The website of popular forum software maker vBulletin has been breached. Following claims, nay, boasts, of an attack on Sunday evening, the software developer moved quickly to negate the effects of the hack by releasing a series of security patches on Monday, saying: A security issue has been reported to...

Information about the data breach at UK telecom group TalkTalk has continued to drip out since the company announced a “cyberattack” on its website (on 22 October 2015). Yet, with every new piece of the puzzle, we seem to get no closer to the truth about what exactly happened, who was responsible, and what TalkTalk is doing to fix this...

Thanks to new and upcoming mobile apps, members of the public who feel they’ve been unfairly stopped or even harassed by the police won’t have to rely solely on police records or recordings to make their case. Instead, the apps enable you to monitor how stop and search is conducted, either of yourself or someone else, and helps...

The cameras of more than 100 automated license plate readers have been streaming live on the web, “often with totally open Web pages accessible by anyone with a browser,” the Electronic Frontier Foundation (EFF) said in a new report released last week. The EFF says it learned about the lack of security around these cameras...

This week, the White House unveiled a new strategy for modernizing the US government’s cybersecurity, and there’s a lot of work to be done. Last year, a US Senate report found the government’s cybersecurity to be shockingly bad; even computer systems at the US Department of Homeland Security, an agency with significant cybersecurity responsibilities, were found to have...

A controversial hacking company recently ran a competition offering $3m for up to three click-to-own exploits against Apple’s iOS. The exploits would be sold on to “eligible customers” only. The competition is now closed, but one exploit apparently met the grade and will earn $1,000,000. We investigate: what “click-to-own” means, why exploits of this sort...

An extremely serious vulnerability lay undiscovered at the heart of much of The Cloud for seven years. The vulnerability (CVE-2015-7835), which affects the Xen hypervisor software used by Cloud hosting companies like Amazon Web Services, is so serious that it was widely patched under embargo before being disclosed on 29 October 2015. It was discovered by 栾尚聪 (好风) of Alibaba and affects Xen software from...

Anyone who is concerned about their privacy, or the potential impact of government surveillance on their lives, will be pleased to learn that The Onion Router (TOR) Project has released a new, easy-to-use, beta version of its Tor Messenger client. Based on Instantbird, a cross-platform instant messenger tool developed by the Mozilla community, it has been...

UK police are after cyber snooping powers equivalent to what, in an analog world, would be knowing what magazines you read but not which articles or page numbers. The Investigatory Power Bill, a draft of which had been due to be published this week, is being viewed by many as the latest twist on the...

A few readers have contacted us to say that they got going OK with the latest #sophospuzzle… …but then they got stuck and didn’t really know how to continue. We gave a number of hints via the #sophospuzzle hashtag on Twitter, which helped a few of you over the line. But Twitter isn’t really the...