John Leyden

Contact Mail Follow Twitter RSS feed

Guess who doesn't do cyber resilience testing? Yep, air traffic control

Analysis Although Chancellor George Osborne recently spoke of the National Grid, hospitals and air traffic control as being potential targets of online attacks in a recent high-profile speech at GCHQ, only the financial services sector runs comprehensive stress tests. The lack of exercises designed to hone defences raised serious …
John Leyden, 30 Nov 2015
Police pull over Google car

Connected smart cars are easily trackable, warns infosec bod

Black Hat Europe Upcoming connected cars that communicate with other vehicles or roadside systems might easily be tracked even by snoopers with limited resources unless the technology is tweaked, an expert in automated and connected vehicle cybersecurity warns. Connected Vehicle is an upcoming technology that allow will allow cars and road- …
John Leyden, 30 Nov 2015
A Luger LC9 pistol. Pic: Sturm Ruger & Co

IT manager jailed for 5 years for attempting dark web gun buy

A UK IT manager who bought a gun on the dark web has been jailed for five years for firearm offences. Darren Hillyer, 38, posed as a woman supposedly wanting revenge on an ex-lover who she had discovered was a child abuser. According ordered a Ruger LC9 9mm pistol and 50 rounds of ammunition from a dark web “gun trader”. The …
John Leyden, 27 Nov 2015

RAF web survey asks for bank details via unencrypted email

An online survey of the Royal Air Force’s website aimed at journalists has invited would-be participants to send their banking details using unencrypted email to third-party organisers. Independent experts told El Reg that the badly thought-out advice left media pros exposed to a heightened risk of fraud. The survey invite …
John Leyden, 26 Nov 2015

Finding security bugs on the road to creating a verifiably secure TLS lib

Microsoft and French research organization Inria have jointly published the source code for a more secure implementation of TLS – a first step in hopefully increasing the security of millions online. The software library emerged from a project called MiTLS, whose website is curiously missing in action at time of …
John Leyden, 25 Nov 2015
Hotel scene - suitcase propped up against freshly made bed. Image by Shutterstock

Hilton confirms hotel credit-card-snaffling sales till malware hit

Hilton Worldwide has confirmed that malware found its way onto point-of-sale systems that targeted payment card information. Targeted data included cardholder names, payment card numbers, security codes and expiry dates. Addresses and PINs were not exposed, Hilton concluded, after an investigation that brought in third-party …
John Leyden, 25 Nov 2015

Cyber-terror: How real is the threat? Squirrels are more of a danger

Comment The UK Chancellor George Osborne last week announced that the British government plans to double cybersecurity spending and establish a single National Cyber Centre. Cybersecurity spending will rise to £1.9bn ($2.87bn) at a time of budget cuts to police and other government departments. More details are expected to come in the …
John Leyden, 24 Nov 2015

Shocker: Smut-viewing Android apps actually steal your data

A brace of supposed porn apps for Android actually push ransomware or steal personal data from mobile device, cloud security firm Zscaler warns. One strain of Android malware scares the user with a warning screen that falsely accusing them of watching images of child abuse. After installing the app on a device, the user will …
John Leyden, 23 Nov 2015

Homebrew crypto in Telegram hangout app full of holes, say security pros

Security experts have poured scorn on claims by developers of the Telegram messaging app – said to be popular amongst the cadres of the so-called Islamic State – that it’s more secure than its rivals. Telegram, which claims to be "way more secure" than WhatsApp, uses the MTProto protocol developed by the Russian brothers who …
John Leyden, 23 Nov 2015

Crimestoppers finally revamps weak crypto. Take your time guys

UK crime tip-off service Crimestoppers has revamped its weak website crypto after months of running a system that relied upon obsolete protocols. Crimestoppers "secure" form was previously insecure – rating an “F” in tests using the industry standard SSL Labs service last month – chiefly because of the site’s use of the SSLv2 …
John Leyden, 20 Nov 2015
Two upended shopping trolleys in an alleyway. Photo by Cyron, licensecd under CC 2.0

Many UK ecommerce sites allow ‘password’ for logins – report

Many of the UK’s most popular ecommerce sites have unsafe password practices, according to a new study, with four in five not requiring the use of a capital letter and a number/symbol. Also, 16 per cent of sites accept the ten most common passwords, including “password”, according to security management outfit Dashlane. This …
John Leyden, 20 Nov 2015

George Osborne fires starting gun on £20m coding comp wheeze

Security vendors and training organisations have welcomed plans by the UK government to open a £20m competition along with a new “Institute of Coding”. The proposals were floated during a speech by UK Chancellor George Osborne on cyber-security and the fight against terrorism at GCHQ on Tuesday, during which also he announced …
John Leyden, 19 Nov 2015
Crypto fingers

Tech firms fight anti-encryption demands after Paris murders

Comment Anti-encryption sentiment among politicians is rising following the Paris terror attacks, but Silicon Valley firms are so far resisting attempts to weaken crypto systems to allow easier access to private communications for law enforcement and intel agencies. WhatsApp on Android and Apple's iMessage (as well as other …
John Leyden, 19 Nov 2015

UK joins US financial institutions for industry resilience tests

The UK teamed up with US authorities to run a banking industry resilience exercise, dubbed Operation Resilient Shield, last week. The paper-based transatlantic exercise focused on improving information sharing and planning in the context of a cyber attack rather than fending off Red Team hackers. Leading (but unnamed) global …
John Leyden, 19 Nov 2015
Oil Pump Jack by  cc 2.0 attribution

Mixing ERP and production systems: Oil industry at risk, say infosec bods

Black Hat Europe Hackers might be able to bridge the gap between supposedly air-gapped systems in oil and gas production by pivoting from enterprise planning onto production systems. Vulnerabilities and insecure installations in SAP business software and other enterprise systems might be used to interfere with loosely-couple but nonetheless …
John Leyden, 18 Nov 2015
The Black Hole's Maximilliam. Source: Disney

Blackhole's back: Hated exploit kit returns from the dead

The seemingly long-defunct Blackhole Exploit Kit has resurfaced in a fresh run of drive-by download attacks, according to research carried out by security firm Malwarebytes. The cybercrime tool was widely used by hackers to push malware from compromised websites onto the Windows machines of visiting surfers for years up to …
John Leyden, 18 Nov 2015
Microsoft CEO Satya Nadella

Microsoft chief Satya drops an S bomb in Windows 10, cloud talk

Microsoft claims it really does care about privacy and securing the cloud and Windows 10, promising to build cybersecurity teams and investing in the area. A new Cyber Defense Operations Center will bring together security response experts from across the technology giant in a new “state-of-the-art” facility. The unit will be …
John Leyden, 17 Nov 2015
Collection of antique keys

Faux Disk Encryption: Mobile phone crypto not a magic bullet

Black Hat Europe Full-disk encryption on mobile devices is nowhere near as secure as commonly believed and Android offers less granular control than iOS, according to security researchers from NCC Group. Daniel Mayer and Drew Suarez debunked some commonly held but inaccurate beliefs about smartphone crypto as well as presenting a comparison …
John Leyden, 16 Nov 2015

Drop the obsession with Big Data, zero days and just... help the business

Black Hat Europe Haroon Meer, founder of applied research company Thinkst, opened the Black Hat Europe conference last week with a keynote attacking the fashionable obsessions of the security businesses, including blind faith in Big Data and an obsession with zero-day vulnerabilities. The keynote, entitled What Got Us Here Won't Get Us There …
John Leyden, 16 Nov 2015
iKettle smart kettle

Trouble brewing as iThing coffee machine seems to be hackable

The same team of security researchers who discovered that the Wi-Fi iKettle from Smarter blurted out wireless network credentials have found cause for concern over a Wi-Fi Coffee Machine, and iKettle 2.0, from the same manufacturer. Hacking the Wi-Fi IoT Coffee Machine Pen Test Partners mapped and hacked insecure connected …
John Leyden, 16 Nov 2015
US cashpoint. Pic: Tax Credits

German ATM displays bank’s network config data to infosec bod

A chance finding by a German security researcher has revealed ATMs run by German Bank Sparkasse leaked potentially sensitive information during a software update. Benjamin Kunz-Mejri, chief exec and founder of Germany based security firm Vulnerability Lab, came across the problem when he unsuccessfully attempted to use his …
John Leyden, 12 Nov 2015

Fraudsters are using you and this Ammyy of malware downloads

Users of Ammyy Admin may have been unwittingly downloading malware along with their remote desktop software. A group called the Buhtrap gang is using the malware to spy on and control its victims’ computers as part of a series of targeted attacks, net security firm ESET warns. The tactics in play show that fraudsters are …
John Leyden, 12 Nov 2015

Got to be better than human protection: New firm using machine learning anti-malware

RotM Security firm Cylance is using machine learning to fight what many firms regard as the already lost battle of keeping computers free of malware. While mainstream thinking in the industry has moved towards acceptance that malware infections are inevitable and the focus has to be on detection and response, the US startup isn’t …
John Leyden, 12 Nov 2015
Tesla Coil, Steve Beger (Flickr), Creative Commons 2.0

Old tech, new battles: Inside F-Secure’s formidable Faraday cage

A Faraday cage, originally commissioned and assembled 10 years ago as a means to allow Finnish security firm F-Secure to test Bluetooth-based mobile malware, is still finding productive work even though the type of malware that spawned its creation is long dead. The copper-lined, 4-by-3 metre enclosure is still used for mobile …
John Leyden, 11 Nov 2015
Internet of Things book cover

F-Secure makes SENSE of smart home IoT insecurities

F-Secure is looking to go that extra mile in consumer security with the launch of an anti-hacker appliance for the Internet of Things. The device, dubbed SENSE, works as a secure gateway, policing traffic to devices that might be insecure and generating alerts. For example, it will warn consumers if their router is running …
John Leyden, 11 Nov 2015

Apple's iBackDoor: Dodgy ad network code menaces iOS apps

Security researchers have discovered “backdoored” versions of an ad library embedded in thousands of iOS apps originally published in the Apple App Store. The affected versions of this library embedded backdoors in iOS apps that used the library to display ads, opening the door for hackers to access sensitive user data and …
John Leyden, 06 Nov 2015
airplane just kidding shot

No C&C server needed: Russia menaced by offline ransomware

Miscreants have cooked up a new strain of ransomware that works offline and so might be more resistant to law enforcement takedown efforts as a result. The ransomware family (identified by various names by antivirus firms) manages to encrypt files on infected Windows PCs without storing the entire decryption key locally – and …
John Leyden, 05 Nov 2015

ProtonMail still under attack by DDoS bombardment

Secure webmail outfit ProtonMail is still fighting against a sustained DDoS attack that has left its service largely unavailable since Tuesday. In a statement posted to a hastily erected blog site, ProtonMail said the powerful attack by unknown parties has also inflicted collateral damage on third-party organisations. The …
John Leyden, 05 Nov 2015
Mac malware

MacBooks are so hot right now. And so is Mac OS X malware

There’s been an unprecedented rise in Mac OS X malware this year, according to security researchers at Bit9 + Carbon Black, with the number of samples found in 2015 being five times that seen in the previous five years combined. This year, there have been 948 OS X malware samples, compared with 180 in the years 2011-14 …
John Leyden, 05 Nov 2015

UK cyber-spy law takes Snowden's revelations of mass surveillance – and sets them in stone

IPB The encryption bothering parts of the UK's Investigatory Powers Bill have left IT security experts flabbergasted. Introducing the draft internet surveillance law in the House of Commons on Wednesday, Home Secretary Theresa May presented it as consolidating and updating existing investigatory powers. She spun it as a break from …
John Leyden, 05 Nov 2015

Ransomware scammers: Won’t pay? We'll put your data on the internet

Ransomware-peddling cybercrooks have come up with a sinister twist to their increasingly well-worn scam – online publishing. Instead of just simply encrypting files on compromised Windows PCs, the relatively new Chimera ransomware offers victims a threat – if they don’t pay up, their data will be published online, presumably …
John Leyden, 04 Nov 2015

Stuxnet-style code signing of malware becomes darknet cottage industry

Underground cybercrooks are selling digital certificates that allow code signing of malicious instructions, creating a lucrative and expanding cottage industry in the process, according to new research from threat intelligence firm InfoArmor. In one case, a hacker tricked a legitimate certificate authority into issuing digital …
John Leyden, 04 Nov 2015

Password reset invoked after forum software site defaced

The official website of forum software has hit the big red password reset following a breach by hackers that exposed the IDs of hundreds of thousands of users. A hacker claimed the had made off with a combined 480,000 records after an attack that led to the defacement of the and a reported hack …
John Leyden, 03 Nov 2015

Apple’s TV platform just became a little more secure (well, the apps at least)

Security for the Internet of Things is largely notable for its absence, so it’s refreshing see Apple developers taking the business of securing apps on Apple’s newly unveiled smart TVs seriously. Application protection and anti-tamper firm Arxan Technologies is working with third-party developers to offer expanded application …
John Leyden, 03 Nov 2015
Man in an orange jumpsuit clutches prison bars. Image by Shutterstock

UK SMEs with weak security risk procurement exclusion – survey

SMEs need to take cyber security seriously or face being frozen out of the procurement process, according to a new survey from management consultants KPMG. In a poll of UK procurement managers, nearly all (94 per cent) agreed that the cyber security standards of their supplier are important when awarding a contract to an SME. …
John Leyden, 03 Nov 2015
android logo

Unpatched, passcode-free smartphones. Yes, they're everywhere

Users in both enterprises and at home are failing to take basic precautions against an increasing range of mobile threats, according to a new survey by security firm Skycure. The majority (52 per cent) of devices do not have any type of passcode enabled, including alphanumeric, biometric, and swipe codes. And around a third ( …
John Leyden, 30 Oct 2015

China, Germany moving closer to no-hack pact

China and Germany are moving towards a mutual no-hacking-for-economic-espionage pact, along the lines of agreements already signed between China and the the US and UK. German Chancellor Angela Merkel told reporters after talks with Chinese Premier Li Keqiang that Germany was seeking a deal “very quickly”. Germany, ahead of the …
John Leyden, 30 Oct 2015
Headshot of Trojan horse

Police in US, Europe raid homes of supersnoop Droidjack RAT suspects

Police across Europe have raided homes of suspected users of Droidjack, a strain of Android malware. Cops in the US, UK, Germany, France, Belgium and Switzerland were all involved in the operation against Droidjack users. Details are so far sketchy and no arrests have been reported. DroidJack is a remote access Trojan which …
John Leyden, 30 Oct 2015

Second UK teen suspect arrested over TalkTalk hack

Police have arrested a second teenage boy as part of the ongoing investigation into alleged data theft from UK telco TalkTalk. The 16-year-old, from Feltham, west London, was arrested on suspicion of Computer Misuse Act offences on Thursday. The unnamed teenage has since been released on police bail. Detectives from the …
John Leyden, 30 Oct 2015
Spoon feeding

Avira turns tables to launch lawsuit against ‘crapware’ slinger

Avira, which re-affirmed its right to classify as a nuisance back in June, has launched a legal offensive against the controversial app. The security software firm's filing concerns's alleged practice of “confusing users into installing unwanted programs that can compromise users’ privacy or weaken …
John Leyden, 29 Oct 2015
Banksy-style graffiti image of Alan Turing

GCHQ starts hunt for tech-savvy apprentices

British intelligence agencies have launched a recruitment drive for “technically minded apprentices”. For prospective programmers and tech-savvy talent, the British Intelligence Higher Apprenticeship in IT, Software, Internet and Telecoms would offer an alternative to a university degree – and a unique start to a career. The …
John Leyden, 29 Oct 2015
Crypto fingers

Channel Islands firm touts all-in-one secure comms app

A British start-up has launched a fully encrypted communications platform for mobile devices that aims to challenge established apps such as FaceTime and Skype, and even heavily-touted privacy-engineered devices like the BlackPhone. Pryvate from Criptyque offers encrypted email, voice and video calls as well as secure instant …
John Leyden, 29 Oct 2015
Colossus computer from The Forbin Project

InteliSecure buys UK data loss rival as European bridgehead

US-based InteliSecure has acquired Reading, UK-based Pentura in deal designed to allow it to deliver Data Loss Prevention (DLP) technology as a managed service. Financial terms of the deal, announced Wednesday, were not disclosed. InteliSecure specialises in managed DLP and critical asset protection services while Pentura …
John Leyden, 28 Oct 2015

Oracle Java 'no longer the greatest risk' to US Windows PC users

Apple's Windows apps have leapfrogged Oracle Java as the biggest security risk to PCs in the US, according to a study by vulnerability management outfit Secunia (now a Flexera Software company). (This shift is mainly down to the forced retirement of aging Java 7 rather than any improvement by Oracle.) Secunia's latest …
John Leyden, 27 Oct 2015
Liam Neeson, Taken

Ransomware victims: Just pay up, grin, and bear it – says the FBI

Firms that fall victim to infection from file encrypting ransomware should simply pay the ransom, Joseph Bonavolonta, an assistant special agent with the FBI, told delegates to Boston's Cyber Security Summit 2015, adding that developments such as CryptoWall are essentially unbreakable. “To be honest, we often advise people …
John Leyden, 27 Oct 2015

WhatsApp laid bare: Info-sucking app's innards probed

Users of WhatsApp need be aware that the popular messaging service collects phone numbers, call duration and other information, according to new research. A network forensic examination by computer scientists at the University of New Haven found that WhatsApp uses the FunXMPP protocol, a binary-efficient encoded Extensible …
John Leyden, 27 Oct 2015
Dido Harding, Chief Executive of TalkTalk

Lawyers harrumph at TalkTalk's 'no obligation to encrypt' blurt

Lawyers have taken issue with claims by TalkTalk boss Dido Harding that the telco was under no legal obligation to encrypt customers' sensitive data. Harding's comments came on Sunday, three days after TalkTalk admitted a breach on its systems that may have exposed the personal details, including bank information, of up to …
John Leyden, 26 Oct 2015

Further confusion at TalkTalk claims it was hit by 'sequential attack'

TalkTalk is continuing to confuse experts with its latest assessment of the root cause of a high profile breach on its systems last week, which may have exposed the bank details including bank information of up to four million customers. The under-fire telco is saying that it has become the victim of a “sequential attack” when …
John Leyden, 26 Oct 2015

9 cuffed over £60 million banking scam targeting UK businesses

Nine people have been arrested in the UK over an alleged £60m fraud targeting business banking customers. The gang targeted business banking customers, tricking prospective marks into handing over confidential information over the phone while posing as bank employees. The voice-based phishing scam was disguised by using …
John Leyden, 23 Oct 2015

Shopping mall CCTV gear commandeered to blast websites offline

Crooks are hijacking CCTV cameras in shopping malls to launch denial-of-service attacks, datacenter security firm Imperva warns. The abuse is possible because camera operators are taking a lax approach to security and failing to change default passwords on the devices. CCTV equipment are common Internet-of-Things (IoT) device …
John Leyden, 22 Oct 2015