Feeds
The Register Columnists

John Leyden

Contact Mail Follow Twitter RSS feed
Flytrap

Yawn, Wikileaks, we already knew about FinFisher. But these software binaries...

WikiLeaks is making the controversial FinFisher commercial spyware tool available for download as part of the latest in a series of leaks that have put the operations of the controversial business under the microscope. FinFisher, which was part of UK-based Gamma Group International until late 2013 before relocating to Germany, …
John Leyden, 15 Sep 2014
Chat from the #opaustralia IRC channel

Freenode IRC users told to change passwords after securo-breach

A security breach at popular, free and open source software-focused IRC network Freenode means users need to change their passwords. Freenode's IRC server was compromised and passwords were likely sniffed by unidentified hackers, prompting a warning to users that they should reset their passwords as a precaution. The security …
John Leyden, 15 Sep 2014
Doom printer hack

Infosec geniuses hack a Canon PRINTER and install DOOM

Security researchers have demonstrated a hack that allowed them to get into the web interface of a Canon Pixma printer before modifying its firmware to run the classic 90s computer game Doom. The proof-of-concept demo by security researchers at Context Information Security, which involved remotely accessing the web interface on …
John Leyden, 15 Sep 2014
ipod u2 edition

Not pro Bono: Apple's audio junk mail made spammers' lives easier

Apple's decision to push a new album by Irish boy band U2 into the iCloud libraries of millions isn't just egregious. It arguably plays into the hands of scammers. Without warning, the iPhone maker emitted Songs of Innocence with all the haste of a critical security update after the group's appearance at its Apple Watch and …
John Leyden, 13 Sep 2014

CryptoLocker-style ransomware booms 700 PER CENT this year

CryptoLocker-style ransomware is eight times more common now than in January, going a long way towards overtaking fake police warning ransomware scams, according to Symantec. The disruption of the GameOver Zeus banking trojan botnet back in late May took away one of the main distribution methods for CryptoLocker itself. …
John Leyden, 12 Sep 2014

UK.gov's flagship infosec program ISN'T DELIVERING - but all's still well, say auditors

The UK's National Cyber Security Programme is not yet delivering on its much-vaunted economic benefits but is still a worthwhile exercise, according to a report by government auditors. An update by the National Audit Office for Parliament's Public Accounts Committee on the government’s National Cyber Security Programme said that …
John Leyden, 12 Sep 2014
chalk outline of  human body at crime scene

What kind of mugs do you take us for? Malicious sites in spam scams target UK

Spam destined for recipients in the UK is almost three times more likely to contain a malicious URL than unsolicited email sent to the United States. Unsolicited email in Germany and France is significantly less likely than mail sent to the US to contain malicious URLs. This means that, on average, an unsolicited email sitting …
John Leyden, 12 Sep 2014
Clay in ZipLoc bag masquerading as an iPad 2

5 Nigerian gangs dominate Craigslist buyer scams

Just five Nigerian criminal gangs are behind a widespread type of fraud targeting sellers on Craigslist. The Lads from Lagos are going to considerable lengths of investing time and money in order to make their scams more plausible, according to a study by George Mason University researchers Damon McCoy and Jackie Jones. The …
John Leyden, 11 Sep 2014
Angry woman on mobile

This flashlight app requires: Your contacts list, identity, access to your camera...

A global survey of more than 1,200 mobile apps has discovered that the vast majority (85 per cent) fail to provide basic privacy information. The global survey faulted apps for accessing large amounts of personal information without adequately explaining how they were collecting, using and disclosing personal information. Almost …
John Leyden, 11 Sep 2014
Brute force

Leak of '5 MEELLLION Gmail passwords' creates security flap

Plain-text passwords and account names linked to five million Gmail accounts have been leaked onto several Russian forums. Security experts had already confirmed the data seemed legit, albeit approximately three years old, before Google put up its blog post on the subject. The leak, to a variety of forums, not all of which are …
John Leyden, 11 Sep 2014
Printed key

2016: Robo-butlers, flying cars, and Google's internet Terminators hunting SHA-1 SSL certs

Google Chrome will flag up websites with SHA-1 SSL certificates as insecure – and that's a huge policy change which ought to kick businesses into action, says an expert in digital certificates. Only 15 per cent of sites use SHA-256 certificates, the replacement for SHA-1, according to stats from SSL Pulse. This means plenty of …
John Leyden, 10 Sep 2014
NFC applications

Payment security bods: Nice pay-by-bonk (hint: NO ONE uses it) on iPhone 6, Apple

Apple's confirmation that the iPhone 6 will enable contactless payments via NFC has received a broadly positive reaction from security firms and payment-processing vendors. Apple said it wouldn't access any payment data, so the transaction would take place between a user, bank and retailer. ‪This privacy, along with ease of use …
John Leyden, 10 Sep 2014

Phishing miscreants THWART securo-sleuths with AES-256 crypto

Phishing fraudsters have begun using industry-standard AES-256 encryption to disguise the content of fraudulent sites. Obfuscated phishing sites are nothing new. Various techniques such as JavaScript encryption tools are commonly used but Symantec recently caught what it reckons is the first use of AES-256 encryption in dodgy …
John Leyden, 09 Sep 2014
Flytrap

Use home networking kit? DDoS bot is BACK... and it has EVOLVED

A router-to-router bot first detected two years ago has evolved - and now has the capability to reconfigure the firewalls of its victims. The Lightaidra malware captured by security researcher TimelessP (@TimelessP) is an IRC-based mass router scanner/exploiter that's rare because it spreads through consumer network devices …
John Leyden, 09 Sep 2014
iOS 8

Greater dev access to iOS 8 will put us AT RISK from HACKERS

Increased developer access to iOS 8 could result in decreased security, a mobile security expert warns. Apple's expected iPhone 6 / iOS 8 announcement later on Tuesday is expected to include adding a number of new features to iOS 8 for developers. This will involve opening up more of the underlying architecture – increasing the …
John Leyden, 09 Sep 2014
Josh and some superheroes at Spiceworld 2013

CloudMask dons cape and sets foot on the mean streets of Blighty

Cloud-based security services firm CloudMask, whose technology offers to protect sensitive information in the cloud, even in the case of a network breach, launched in the UK on Tuesday. CloudMask's technology works on the premise that no one can be trusted with data - including cloud administrators, governments, employees, and …
John Leyden, 09 Sep 2014

Celeb nudie iCloud pervs hatched photo-slurping Flappy Bird plot

The hacker ring behind last week's celebrity nude self iCloud privacy flap also planned to use malware to obtain private photographs from compromised Android phones. The hackers swapped snaps on the /stol/ (short for “stolen”) forum on image board AnonIB, a spinoff of the notorious 4chan, including intimate snaps of Jennifer …
John Leyden, 08 Sep 2014

Dodgy Norton update borks UNDEAD XP systems

A dodgy Symantec update brought pain for those remaining Windows XP users who rely on Norton to defend their undead operating system free from viruses. In a statement, Symantec admitted the problem but downplayed its significance. This issue has now been resolved. The limited number of customers affected should run a Live …
John Leyden, 08 Sep 2014
Spying image

New software ported from Windows to Mac! You'll never guess what. Yes, it's spyware

Miscreants have ported five-year-old spyware XSLCmd to OS X. The Windows version of the malware has been around since 2009, and the Apple Mac edition of XSLCmd shares significant portions of the same code. It can open a reverse shell to its masters, automatically transfer your documents to a remote system, install executables, …
John Leyden, 05 Sep 2014
iCloud brute force

Apple promises iCloud security alerts, better 2FA after, er, NAKED Internet of Thingies flap

Apple plans to roll out new iCloud security alerts as well as extending its two-step authentication technology in the wake of this week's privacy flap over nude selfies of Jennifer Lawrence, Kate Upton and other celebs. Private pictures of disrobed (female) celebrities including Oscar winner Lawrence and swimwear model Upton …
John Leyden, 05 Sep 2014
IE8 patch

Back-to-school Patch Tuesday: Critical updates for Internet Explorer, Adobe Reader

Microsoft is planning a light edition of Patch Tuesday for September with just four bulletins, only one of which covers critical vulnerabilities. But an upcoming Adobe critical update for its Reader software around the same time means sysadmins are still likely to have their hands full next Tuesday. The sole critical update for …
John Leyden, 05 Sep 2014
Lego Monster Fighters Lord Vampyre

Go on, corporate drone, log in... We'd recognise your VEINS anywhere – Barclays

Barclays is ramping up its fight against online fraud with the roll-out of a biometric scanner that uses Hitachi’s Finger Vein Authentication Technology (VeinID). Unlike fingerprints, vein patterns are extremely difficult to spoof or replicate. Barclays Biometric Reader will allow customers secure access to their online banking …
John Leyden, 05 Sep 2014

Something smells PHISHY: It's the celeb nudie iCloud PERV trap...

Consumers are being warned to be on their guard against phishers' fake Apple emails and texts designed to exploit the publicity about this week's nude celeb picture flap. In addition to scam emails designed to trick gullible recipients into logging into phishing sites, Symantec warns of a likely upsurge in fraudulent text …
John Leyden, 04 Sep 2014
apple mac malware vxer

Mac security packages range from peachy to rancid – antivirus tests

Independent tests of Mac antivirus products have discovered that the effectiveness of these security packages runs from a risible 20 per cent to an unimpeachable 100 per cent. German security lab AV-TEST.org put 18 free and paid-for Mac OS X security products and services to the test, discovering widely differing performances in …
John Leyden, 04 Sep 2014

NATO nations 'will respond to a Cyber attack on one as though it were on all'

NATO is set to agree a new cyber defence policy that would mean any severe cyber attack on a NATO member could be considered tantamount to a traditional military attack and invoke the alliance's collective defence provisions. Article V is the collective defence clause of the NATO treaty by which an attack on one member is …
John Leyden, 03 Sep 2014
iPad Psycho image

NUDE SELFIE CLOUD PERV menace: Apple 2FA? Sweet FA, more like

Apple’s two-factor authentication doesn't actually protect iCloud backups or photo streams, contrary to what many iPhone and iPad fondlers might wish to believe. Scores of (mostly female) celebrities, including Oscar winner Jennifer Lawrence, had their iCloud hacked before miscreants siphoned off private nude snaps which …
John Leyden, 03 Sep 2014
Bearded dragon handing out with Spicerex

'Sony and Twitch' hacking crew Lizard Squad: 'We quit'

The Lizard Squad hacking crew appears to have called it quits over the weekend following high profile assaults on Sony as well as online attacks on Blizzard and Twitch, a broadcast platform for gamers, among others. The eight-strong group of trickster hackers posted a notice of their intention to throw in the towel on their …
John Leyden, 02 Sep 2014
Brute force

Gang behind '1.2 billion' megahack ransack is pwning our customers – hosting firm

Anecdotal evidence is emerging that the Russian botnet raiders behind the "biggest-ever" password theft have begun attacks against web services using stolen login credentials. The CyberVor gang is reported to have amassed a vast stockpile of compromised login credentials for "1.2 billion" accounts, Hold Security warned in August …
John Leyden, 02 Sep 2014

Not even CRIMINALS want your tablets, Blighty - but if that's an iPhone you're waving...

UK smartphone thieves prefer iPhones while their light-fingered counterparts in Germany favour Android, according to the results of a new survey. Mobile security firm Lookout's Phone Theft in Europe study found iPhones are the most popular target of theft in the UK. 39 per cent of stolen phones in Blighty are iPhones, …
John Leyden, 02 Sep 2014
Sad Anonymous

Europol picks Brit to lead new international cybercrime taskforce

European police agency Europol has launched an counter-cybercrime taskforce. The Joint Cybercrime Action Taskforce (J-CAT) will coordinate international investigations into malware distribution, hacking and underground cybercrime forums. J-CAT, which is being piloted for six months, will be based at the European Cybercrime …
John Leyden, 01 Sep 2014
Syrian electronic army

Second hacking crew joins Syrian Electronic Army on Team Assad

A second hacking crew has weighed into the conflict in Syria on the side of embattled Syrian president Bashar al-Assad. Net security firm FireEye reckons it has identified 11 members of the "Syrian Malware Team" after analysing a strain of malware called BlackWorm. The malware is used by the group to infiltrate targets, say the …
John Leyden, 01 Sep 2014
Kim Jong-un

HP: NORKS' cyber spying efforts actually a credible cyberthreat

North Korea is ramping up its cyber spying efforts to the point where it is becoming a credible threat against Western enterprises and government, security researchers at HP warn. North Korea’s cyber warfare capabilities are of particular interest to national security analysts and policy makers but the wider IT industry would be …
John Leyden, 01 Sep 2014
Cryptowall ransomware notice

KER-CHING! CryptoWall ransomware scam rakes in $1 MEEELLION

Victims of the CryptoWall ransomware have been extorted out of at least $1m. Despite a takedown operation in June, CryptoWall continues to be the largest and most destructive ransomware threat on the internet, according to the latest analysis of the threat by security researchers from Dell SecureWorks Counter Threat Unit. …
John Leyden, 29 Aug 2014

Racing Post escapes ICO fine after leaking info of 677K punters

UK sports-betting newspaper the Racing Post has received a stern warning – but not a fine – after it emerged that it had aired the private details of more than 677,000 customers as the result of a security breach last year. The October 2013 snafu resulted in the exposure of the names, addresses, passwords, dates of birth and …
John Leyden, 28 Aug 2014
Russia

Russia-based hackers prime suspects in JPMorgan mega-breach

The FBI has begun investigating a suspected hacking attack against JPMorgan Chase and another unnamed bank that resulted in the leak of gigabytes of sensitive data. The Feds are working on the theory that Russian hackers hit US banks in retaliation for US sanctions imposed as a result of the ongoing conflict in the Ukraine, …
John Leyden, 28 Aug 2014

Major cyber attack hits Norwegian oil industry

More than 50 Norwegian oil and energy companies have been hacked by unknown attackers, according to government security authorities. A further 250 firms have been advised by the Norwegian government that they ought to check their networks and systems for evidence of a breach, The Local reports. State-owned Statoil, Norway's …
John Leyden, 27 Aug 2014
Dunce

Banking apps: Handy, can grab all your money... and RIDDLED with coding flaws

The whopping 70 per cent of retail and 69 perc ent of financial services apps are vulnerable to data breaches. That's according to an analysis of 705 million lines of code as used by 1,316 enterprise applications carried out by software analysis and measurement firm CAST. The firm reckons a growing number of data breaches and …
John Leyden, 27 Aug 2014

Ouch... right in the VIDEO GAME: Lizard Squad attacks XBox, Twitch

The hacker crew calling itself the "Lizard Squad" has followed up on high profile assaults on Sony over the weekend with online attacks on Xbox Live and Twitch, a broadcast platform for gamers. Lizard Squad knocked out Twitch after launching a denial of service attack on the service on Tuesday night, but XBox Live proved more …
John Leyden, 27 Aug 2014
<coat/> <door> <door/> shirt at Cash'n'Carrion

Securobods warn of wide open backdoor in Netis/Netcore routers

Routers sold under the brand Netis by Chinese security vendor Netcore have a hardcoded password that leaves users with a wide-open backdoor that could easily be exploited by attackers, claim researchers. The backdoor allows cyber-criminals to easily change settings or run arbitrary code on routers, securobods at Trend Micro warn …
John Leyden, 27 Aug 2014

Show Mother Russia you love her: Click HERE and AHHH NYET!

Software being offered to patriotic Russians as a way to attack Western governments, especially the US, is actually loaded with malware that attacks supporters' computers, security researchers warn. Hackers have crafted ingenious spam messages that help them deliver the Trojan to those who support the Russian cause and are …
John Leyden, 26 Aug 2014

Loss of unencrypted back-up disk costs UK prisons ministry £180K

The UK's Ministry of Justice has been fined £180,000 following the latest in a series of failures involving how prisons handle private information. The penalty (PDF) follows the loss of a back-up hard drive at HMP Erlestoke prison in Wiltshire back in May 2013. The *unencrypted* hard drive contained sensitive and confidential …
John Leyden, 26 Aug 2014

‪‪Email list hack flap at 'sleep with a stranger' site Couchsurfing‬

‪CouchSurfing’s email distribution system was breached before messages ostensibly promoting a rival hospitality exchange were sent to many of its one million members.‬ The email headed "Site Improvements" might appear on casual inspection to prompt recipients towards rival paid-for service Airbnb. ‪CouchSurfing hosts and guests …
John Leyden, 26 Aug 2014

Renegade NSA, GCHQ spies help fix Tor vulns, claims project boss

GCHQ and NSA cyber-spooks secretly report vulnerabilities in Tor so they can be patched, a leading developer of the anonymity-preserving software has claimed. Andrew Lewman, the Tor Project's executive director, claimed that some spies place a higher priority on fixing flaws in the privacy-preserving technology than keeping …
John Leyden, 22 Aug 2014
Bitcoins

Brainboxes caught opening Bitcoin fraud emails. Seriously, guys?

Cybercrooks have launched a phishing campaign targeting Bitcoin users – and it's enjoying high response rates despite the seemingly random spraying of corporate email addresses with the spam-based scam. Security-as-a-service provider Proofpoint has detected 12,000 messages sent in two separate waves to more than 400 …
John Leyden, 22 Aug 2014

Cyber spies whip out 'Machete', stride towards Latin America

Security watchers are tracking a new cyber-espionage campaign that appears to be targetting Latin American countries including Venezuela, Colombia and Ecuador. The so-called "Machete" campaign has been zoning in on governments, military and law enforcement agencies and embassies in South America for the last four years, stealing …
John Leyden, 21 Aug 2014
Windows 8.1 update 1 power search

Microsoft: We plan to CLEAN UP this here Windows Store town

Microsoft has promised to crack down on rogue apps in its Windows Store following criticisms that the marketplace is littered with "scam" software. Windows Store – which debuted with Windows 8 – is littered with misleading apps. Typical problems include knock-off "unofficial" packages of free apps such as the VLC media player. …
John Leyden, 21 Aug 2014
Malaysia Airlines Boeing 777 9M-MRO

Chinese hackers spied on investigators of Flight MH370 - report

Malaysian officials investigating the disappearance of flight MH370 have been targeted in a hacking attack that resulted in the theft of classified material. The malware-based hacking attack hit around 30 PCs assigned to officials in the Malaysia Airlines, the Civil Aviation Department and the National Security Council, a …
John Leyden, 21 Aug 2014
LG’s Bluetooth Magic Remote

RealVNC distances itself from factories, power plants, PCs hooked up to password-less VNC

A scan of the public internet by security researchers has seemingly revealed thousands upon thousands of computers fully accessible via VNC – with no password required. Worryingly, the unsecured systems – from PCs and shopping tills to terminals controlling factories and heating systems – are at the mercy of any passing …
John Leyden, 21 Aug 2014

Heartbleed implicated in US hospital megahack

The Heartbleed flaw is responsible for the high-impact US hospital hacking attack disclosed this week, an unnamed investigator told Bloomberg. As many as 4.5 million patient records have been exposed in an attack against Community Health Systems, a US hospital group that manages more than 200 hospitals. China-based attackers …
John Leyden, 20 Aug 2014

Brother, can you spare a DIME for holy grail of secure webmail?

Lavabit founder Ladar Levison promised attendees at security conference DefCon that he'd carve out a secure messaging service from the wreckage of the email service favoured by rogue NSA sysadmin Edward Snowden within six months. The Dark Internet Mail Environment (DIME) project is promising, but recent problems experienced by …
John Leyden, 20 Aug 2014