Threatline

Is VPOTUS Bluetooth-phobic or sensible? The answer's pretty clear

In Brief

When disaster strikes, data recovery really is a race against time

Log4j RCE latest: In case you hadn't noticed, this is Really Very Bad, exploited in the wild, needs urgent patching

Updated

MPs charged with analysing Online Safety Bill say end-to-end encryption should be called out as 'specific risk factor'

Britain's Online Safety Bill is being enthusiastically endorsed in a "manifesto" issued today by MPs who were tasked with scrutinising its controversial contents.…

Popular password manager LastPass to be spun out from LogMeIn

One of the biggest beasts in the password management world, LastPass, is being spun out from parent LogMeIn as a "standalone cloud security" organisation.…

You may have cracked serverless development, but it’s almost certain you haven’t solved serverless security

Paid Post

Apache takes off, nukes insecure feature at the heart of Log4j from orbit with v2.16

Microsoft closes installer hole abused by Emotet malware, Google splats Chrome bug exploited in the wild

Log4j

Pen Test Partners: Anyone could view Gumtree users' GPS location by pressing F12

UK online used goods bazaar Gumtree exposed its users' home addresses in the source code of its webpages, and then tried to squirm out of a bug bounty after infosec bods alerted it to the flaw.…

US lawmakers want to put NSO Group, 3 other spyware makers out of business with fresh severe sanctions

Eighteen US Democratic lawmakers have asked the Treasury Department and State Department to punish Israel-based spyware maker NSO Group and three other surveillance software firms for enabling human rights abuses.…