FTC alleges deception in “unbiased” review site’s ratings and rankings

Top picks, star ratings, in-depth reviews. Many consumers don’t buy anything without consulting third-party review sites or checking out the opinions of other customers. But how often are those ratings the product of buying and selling between the “independent” site and companies willing to pay for better play? And are those reviews really from satisfied…

Serious Security – How ‘special case’ code blew a hole in OpenSMTPD

by Paul Ducklin If there’s one open source project with an unashamedly clear focus on security, it’s the OpenBSD operating system. In its own words, its efforts “emphasize portability, standardization, correctness, proactive security and integrated cryptography.” Indeed, numerous sub-projects under the OpenBSD umbrella have become well-known cybersecurity names in their own right, notably OpenSSH –…

Financial tech firms disagree on ban of customer data screen-scraping

by Lisa Vaas For years, financial technology (fintech) companies have used screen-scraping to retrieve customers’ financial data with their consent. Think lenders, financial management apps, personal finance dashboards, and accounting products doing useful things: like, say, your budgeting app will use screen-scraping to get at the incoming and outgoing transactions in your bank account, using…

Intel promises fix after researchers reveal ‘CacheOut’ CPU flaws

by John E Dunn Forget the infamous Meltdown and Spectre chip flaws from 2018, the problem that’s tying down Intel’s patching team these days is a more recent class of side channel vulnerabilities known collectively as ZombieLoad. These relate to a data leakage problem called Microarchitectural Data Sampling (MDS) affecting Intel’s speculative execution technology introduced…

Cisco patches bugs in security admin center and Webex

by Danny Bradbury Cisco has patched a critical bug that could give attackers unauthorised access to Firepower Management Centre (FMC), the device that controls all of its security products. Cisco’s FMC is an administrative controller for the company’s network security products, giving administrators access to firewalls, application controllers, intrusion prevention, URL filtering, and malware protection…

Dark Web

Overview You may have heard the term “Dark Web” used by others or in the media and wondered “what is the Dark Web?” or “should I be doing anything about it?”. Today we explain what the Dark Web is and what it means to you. What Is It? The Dark Web consists of systems on…