Richard Chirgwin

Contact Mail Follow Twitter RSS feed
Rat sillhouettes - Shutterstock

Russian RATs bite Handbrake OSX download mirror

If you use the popular video transcoder Handbrake on a Mac, the distributors want you to check the download hash after one of their mirrors was compromised. Users who downloaded a trojan-infected version of Handbrake will need to change all their KeyChain passwords (lovely), and any passwords they stored in their browsers. …

Dell to patch AMT-vulnerable systems

Dell, which last week was scrambling to work out which of its systems are affected by the Intel AMT vulnerability, is scrambling to catch up with peers HP Inc, Lenovo and Fujitsu. In a note published on Friday, the company said it would publish firmware fixes for most vulnerable kit. As readers should already know, Intel …
NASA logo

Fortran greybeards: Get your walking frames and shuffle over to NASA

NASA wants scientific computer experts to take a look at one of its oldest software suites in the hope they can speed it up. The code in question is called "FUN3D" and was first developed in the 1980s. It's still an important part of the agency's computational fluid dynamics (CFD) capability, and had its most recent release in …
Tasmanian fireball

RF pulses from dust collisions could be killing satellites

Space scientists have long known that impacts too small to pierce a craft's skin can still damage the electronics inside, by creating electromagnetic pulses. Why those pulses happen, however, is still not well understood. Alex Fletcher of Boston University and MIT, and Sigrid Close of Stanford University reckon they've cracked …
Xerox_Photo_copier

Chip design chap arrested for using photocopier

An engineer from Taiwan Semiconductor Manufacturing Company (TSMC) has been arrested trying to leave the country for a new job in China. Local reports say the engineer (the only name given is his surname, Hsu), has been charged with theft of trade secrets filed by the Hsinchu district prosecutor. He was on the way to work for …

You only need 60 bytes to hose Linux's rpcbind

A 60 byte payload sent to a UDP socket to the rpcbind service can crash its host by filling up the target's memory. Guido Vranken, who discovered the vuln and created the “Rpcbomb” exploit, complains that he couldn't get action from the package maintainers, so he's written patches himself. He writes that Shodan turned up 1.8 …

Cisco waves swatter at ten new vulnerabilities

Universal Plug-and-Play remains a gift-that-keeps-on-giving for infosec researchers, with Cisco announcing a critical vulnerability in the software that plagues its CVR100W wireless VPN router. Because the CVR100W doesn't fully range-check UPnP input data, an attacker can crash the device, possibly getting access to a root …
dunce_cap_648

Mozilla takes a turn slapping Symantec's certification SNAFU

Mozilla has weighed in to the ongoing Symantec-Google certificate spat, telling Symantec it should follow the Alphabet subsidiary's advice on how to restore trust in its certificates. Readers will recall that Symantec has repeatedly issued certs that didn't ring true with browser-makers and at the end of April 2017 Google …
Apple

Apple blocks comms-snooping malware

Apple has moved to thwart a malware attack that used a legitimate – probably hijacked – developer certificate, by revoking the cert. Check Point wrote up the malware last week, calling “OSX/Dok” “the first major scale malware to target OSX users via a coordinated email phishing campaign”. A hapless user who okayed all the …

135 MEELLION Indian government payment card details leaked

If you're enthused about governments operating large-scale online identity projects, here's a cautionary tale: the Indian government's eight-year-old Aadhaar payment card project has leaked a stunning 130 million records. Aadhaar's role in authenticating and authorising transactions, and as the basis of the country's UID ( …
Xen logos

Qubes kicks Xen while it's down after finding 'fatal, reliably exploitable' bug

Qubes is once again regretting how long it's taken to abandon Xen's PV hypervisor, disclosing another three bugs including host escape vulnerabilities. The most serious bugs are in PV (paravirtualization) memory handling, XSA-213 and XSA-214. “An attacker who exploits either of these bugs can break Qubes-provided isolation. …
atlas_lhc_cern_648

Boffins gently wake the Large Hadron Collider from annual hibernation

CERN says the restart process for the Large Hadron Collider is complete and the proton-smasher is ready to start its 2017 science program. Alas, Vulture South's favourite mental image of an Igor saying “Yeth, marthter” and hauling on suitably Big Red Switch doesn't match reality: the restart process is a carefully-managed …
Wizard, photo via Shutterstock

Eurocrats prep white-box crypto capture-the-flag

Defender or attacker, it's less than a fortnight away from the WhibOx Challenge, a capture-the-flag (CTF) competition operated by the EU-supported ECRYPT. If you're on the defensive side, the CTF asks for white-box implementations of AES-128 (using keys of your own choice), to see how long you last against an attacker. The …
Doctor Evil

Pen-tester gets past Microsoft VB macro barriers

A bunch of white-hat researchers have turned up a nasty new vector for attacking Microsoft Outlook: a forms creation feature that bypasses macro rules so attackers can get to the victim's shell. Sensepost says its interest in looking for an attack angle arose because Microsoft blocked older weak spots in a patch for Outlook …
tanami_desert_near_willowra_648

Up Wolf Creek without a signal: outback cable cut disconnects top end TPG, Optus customers

A cut to a Nextgen Networks fibre is cutting off Northern Territory Optus and TPG customers north of Katherine. Since TPG also owns the iiNet and Internode brands, customers of those service providers are also affected. iiNet identifies the start of the outage as yesterday on its status page, 4:19 pm Western Standard Time. At …
plasters cover arm. photo by shutterstock

Jenkins admin? Get buzzy patching, says Cloudbees

Cloudbees's Jenkins needs a patch against a Java deserialisation vulnerability. The bug, CVE-2017-1000353, exists in how Jenkins implements HTTP upload/download requests. The bug lets an attacker exploit a serialised object in the preamble of commands sent to the CLI. As described by Securiteam, “since Jenkins does not …
Tabby cat cuddles roll of one-hundred dollar bills. Photo by Shutterstock

Cisco slurps Viptela to bolster SD-WAN management

Cisco has just paid $US610 million to buy an software-defined WAN outfit founded and managed by former Cisco execs. The acquisition is a bit bruising for investors in the company, Viptela, who include outfits like Sequoia Capital, Redline Capital, Northgate Capital and Moment Ventures. Last year, the company was valued at …
Sorry Shutterstock image

Huawei used cheap-as-chips chips in some P10s, now buyers want to boil it in oil

Huawei has taken drastic steps to mollify customers upset that its response to a chip shortage was to grab lower-performance substitutes. The furore blew up in China first, when users found that instead of the high-performance UFS (universal flash storage) cards it touted for its P10 phones at launch, it was mixing UFS with …
Banned

40,000 Tinder pics scraped into big data service

Amid a storm of criticism, a set of facial images built by scraping the Tinder dating service has been pulled from Kaggle. Developer Stuart Colianni had built the 40,000-strong set of “hoes” (the charming variable name* in his source code – more below in case that repo also dies) on the premise that facial datasets are …
malware

Big mistake by Big Blue: Storwize initialisation USBs had malware

Big Blue is red-faced after shipping malware-infected initialisation USBs for its Storwize disk racks. The company is therefore strongly suggesting users "Securely destroy the USB flash drive so that it can not be reused." Either that or wipe it, disinfect anything it touched and cross your fingers. Then download the files you …

CIA tracked leakers with hilariously bad Web beacon trick

Web beacons are objects such as transparent, single-pixel GIFs planted in emails and web pages to phone-home when users access the content. They're trivially easy to expose – simply forcing an e-mail client to show URLs instead of links can do the trick. In the case of the CIA's “Scribbles” program, WikiLeaks is trumpeting a …
Two eggs hugging couple arranged in carton

Peace in our time! Symantec says it can end Google cert spat

Symantec is hoping to get its certificates back on Google's trust list. In March, an ongoing spat between the two companies came to a head. After a scandal in 2015 over three certs issued by Symantec subsidiary Thawte, the number grew to 23, then 164, then 2,458 within a month. Google decided in December 2015 to distrust the …
Solar storm - Shutterstock

Fistful of flaws blow away SolarWinds network appliances

Admins of SolarWinds system management systems can block out a biggish chunk of their diaries to implement a bunch of serious patches. There are five bugs of varying seriousness in the company's Log and Event Manager appliance discovered by KoreLogic and posted to Full Disclosure. Four of the bugs depend on an attacker …
Bitcoin, photo via Shutterstock

Unplug the Bitcoin miner and do us all a favour: Antminer has remote shutdown flaw

A new branded bug (sigh) has landed, specific to an ASIC-based Bitcoin miner: dubbed “Antbleed”, it allows remote shutdown of hardware sold by a company called "Bitmain". Bitmain's Antminer cryptocurrency-mining hardware performs a start-up with a remote server, handing over MAC address, serial number and IP address – but as …
Switch

Homebrew crypto SNAFU on electrical grid sees GE rush patches

Updated General Electric is pushing patches for protection relay bugs that, if exploited, could open up transmission systems to a grid-scale attack. The company hasn't published much by way of detail, but spoke to Reuters after this Black Hat abstract was published (the talk will be delivered to the July conference in Les Vegas). The …

Biting the hand that feeds IT © 1998–2017