John Leyden

Contact Mail Follow Twitter RSS feed
stack of newspapers view from the side

Wi-Fi commuter fears

Wi-Fi on UK trains could leave commuters vulnerable to hackers. Next year free Wi-Fi will be rolled out across a number of rail operators, fruits from a £50m Department for Transport’s (DfT) scheme to increase Wi-Fi on trains. The technology creates a means for commuters to make more productive use of their journey to and from …
John Leyden, 24 Oct 2016

Hacktivist crew claims it launched last week's DDoS mega-attack

A group called New World Hackers has claimed responsibility for a DDoS attack that rendered significant portions of the web unreachable last Friday. A series of assaults carefully targeted at managed DNS provider Dyn knocked the service offline for much of the day, causing disruption to multiple well-known sites that relied on …
John Leyden, 24 Oct 2016

Ageing GSM crypto cracked on commodity graphics rig

The crypto scheme applied to second generation (2G) mobile phone data can be hacked within seconds, security researchers have demonstrated. The work by researchers from the Agency for Science, Technology and Research (A*STAR), Singapore shows that breaking the A5/1 stream cipher used by 2G is possible using commodity hardware …
John Leyden, 24 Oct 2016

Dyn dinged by DDoS: US DNS firm gives web a bad hair day

A denial of service attack against managed DNS provider Dyn restricted access to many US-based websites on Friday. The ongoing attack is affecting Dyn’s managed DNS customers on the US East Coast, according to the provider, which adds on its status page that its “engineers are continuing to work on mitigating this issue”. …
John Leyden, 21 Oct 2016

Hax0rs sow Discord by using VoIP service to sling malware at gamers

Hackers abused a free VoIP service for gamers to distribute remote-access Trojans and other malware. Miscreants took to Discord and distributed malicious programs including NanoCore, njRAT, SpyRAT to gamers using the chat servers, but that was just one aspect of a wider pattern of abuse. Symantec discovered some groups were …
John Leyden, 21 Oct 2016

Banks don’t give a 2FA

The online security of a majority of UK banks is failing customers. Tests by consumer group Which? found that only five out of the 11 providers it tested offered two-step authentication for logins. Lloyds and Santander were among the banks faulted for not doing enough to protect consumers from ID theft and banking fraud. In …
John Leyden, 21 Oct 2016

US DNC hackers blew through SIX zero-days vulns last year alone

Security researchers have shone fresh light on the allegedly Russian state-sponsored hacking crew blamed for ransacking the US Democratic National Committee's computers. Sednit – also known as APT28, Fancy Bear and Sofacy – has been operating since 2004. The cyber-mob has reportedly infiltrated machines operated by targets as …
John Leyden, 20 Oct 2016

Boffins exploit Intel CPU weakness to run rings around code defenses

US researchers have pinpointed a vulnerability in Intel chips – and possibly other processor families – that clears the way for circumventing a popular operating-system-level security control. ASLR (address space layout randomization) is widely used as a defense against attempts by hackers to exploit software vulnerabilities …
John Leyden, 20 Oct 2016

NCC stirs in 'lumpy' bits of Fox, produces sales gravy. But market still chokes

UK-based infosec outfit NCC Group has weathered a tricky summer period that involved some contract deferrals and cancellations while still managing to post a profit. Group revenues for the four month till the end of September increased £79.6m compared to £58.5m in the same June to September period last year. The increased …
John Leyden, 20 Oct 2016

IoT botnet swells

The Mirai botnet has swollen to nearly 500,000 IoT compromised devices since source code for the malware was released at the start of October. The figures, taken from a new analysis by telco Level3, are a particular concern because Mirai was made up of only around 125K devices when it was abused to direct a 620 Gbps flood at …
John Leyden, 20 Oct 2016
A view from Babbage's eye-mounted Picam

Malwarebytes eats upstart

Anti-malware biz Malwarebytes has acquired French anti-adware startup AdwCleaner. AdwCleaner, which boasts 200 million downloads, was founded in 2011 by three 17-year-old French students. Its technology offers protection against potentially unwanted programs (PUPs). Jérôme Boursier and Corentin Chepeau – two of AdwCleaner’s …
John Leyden, 19 Oct 2016

Donald Trump running insecure email servers

US presidential candidate Donald Trump’s criticism of rival Hillary Clinton's use of a private email server while Secretary of State appeared to have rebounded on him. Security researcher Kevin Beaumont discovered the Trump organisation uses a hopelessly outdated and insecure internet setup. Servers on the Trump Organization' …
John Leyden, 19 Oct 2016
man reads tablet on the toilet. Photo by Shutterstock

It's finally happened: Hackers are coming for home routers en masse

Cybercrooks are increasingly targeting routers in consumers’ homes. Fortinet reports that attacks of this type have regularly figured as entries in its daily top 10 IPS (intrusion prevention system) detection list over the last three months since July. The security vendor reckons that home routers have become a favoured target …
John Leyden, 19 Oct 2016
Man reading newspaper with glasses on his head

Hack suspect hospitalised

Czech cops have arrested an unnamed Russian man suspected of launching hacking attacks against the US. The suspect is reportedly in hospital after collapsing at the time of his arrest. Czech courts will decide whether he will be extradited over as-yet unspecified crimes. ® Man reading newspaper with glasses on his head
John Leyden, 19 Oct 2016

Democralypse Now? US election first battle in new age of cyberwarfare

Hacking attempts against more than 10 US state election databases have increased fears about Russian efforts to disrupt or influence the 2016 presidential election. Cyberattacks against voting databases in Arizona, Illinois and at least eight other states have only heightened concerns in the wake of the hack and subsequent …
John Leyden, 18 Oct 2016

China blamed in drone hack

China-based hackers have broken into the systems of a European drone company and a US subsidiary of a French energy management company. The attacks are both likely to be economically motivated and designed to help Chinese firms in the targeted sectors, according to security intelligence firm ThreatConnect. It alleges that …
John Leyden, 18 Oct 2016

You work so hard on coding improvements... and it's all undone by a buggy component

Nearly all (97 per cent) of Java applications contain at least one component with a known vulnerability, according to a new study by app security firm Veracode. Veracode reports year-over-year improvements in the code organisations write, a positive finding somewhat undone by the increasing proliferation of risk from open …
John Leyden, 18 Oct 2016
Bank vault

It's good to talk, UK banks told after massaging cyberattack figures

Top techies at British banks are being encouraged to share information about cyberattacks following revelations that the financial sector is under-reporting breaches to regulators. According to the UK's Financial Conduct Authority, only five attacks were reported in 2014, a figure that has soared to 75 so far this year. But …
John Leyden, 18 Oct 2016

Sweet, vulnerable IoT devices compromised 6 min after going online

The unpatched Windows XP problem that spawned the Blaster and Sasser worm a decade ago is being replicated on a different platform by hackers exploiting IoT devices to launch denial of service attacks. Two Internet of Things-powered packet floods took down the websites of cybersecurity journalist Brian Krebs and French hosting …
John Leyden, 17 Oct 2016
Schematics of the Parkes FRB detection

Multi-lock ransomware

Cybercrooks have forged a strain of ransomware that uses a unique encryption key for each locked file. CryPy fetches unique encryption keys to individually encrypt files on compromised systems. The tactic gives crooks the ability to selectively unlock compromised files, potentially allowing crooks to extort more cash from …
John Leyden, 17 Oct 2016

Forget malware, crooks are cracking ATMs the old-fashioned way – with explosives

Bank raiders are increasingly turning to explosives in order to break into cash machines. The European ATM Security Team (EAST) reports that ATM explosive attacks were up 80 per cent in the first half of 2016 compared to the same period last year. A total of 492 explosive attacks were reported, up from 273 during the same …
John Leyden, 14 Oct 2016

In 2020, biz will chuck $100bn+ at protecting itself online

Security spending is predicted to grow from $73.7bn in 2016 to $101.6bn in 2020, according to analysts. This compound annual growth rate of 8.3 per cent, more than twice the rate of overall IT spending growth, will be increased security spending in healthcare as well as continued strong demand in banking and government. The …
John Leyden, 14 Oct 2016
Man shouting through a mega phone with abstract communication icons in the background

Pwned Clinton aide Trumped

The Twitter account of Hillary Clinton aide John Podesta was hacked on Wednesday to back her rival US presidential candidate Donald Trump. Clinton campaign chairman John Podesta improbably declared for Trump following what’s since been confirmed as an account hijack. “I’ve switched teams. Vote Trump 2016. Hi pol,” a since …
John Leyden, 14 Oct 2016

Post-referendum UK still part of Euro cyberterror stress test... for now

European enterprises are teaming with information security agencies and governments to run a pan-European cyberwar readiness exercise today. Cyber Europe 2016 - which involves thousands of experts from all 28 EU Member States, Switzerland and Norway - is being co-ordinated by European Union security agency ENISA. It's the …
John Leyden, 14 Oct 2016
Qualcomm's AllJoyn underpins the range of connectedness that the AllSeen Alliance taps into

Decade-old SSH vuln exploited by IoT botnet armies to hose servers

Hackers are exploiting a 12-year-old vulnerability in OpenSSH to funnel malicious network traffic through Internet of Things (IoT) gizmos, Akamai warns. The SSHowDowN Proxy attack [PDF] exploits a lingering weakness in many default configurations of internet-connected embedded devices. Compromised gadgets are being abused to …
John Leyden, 13 Oct 2016