John Leyden

Contact Mail Follow Twitter RSS feed
southampton water in Minecraft

Minecraft fan site hacked

Email addresses and hashed passwords for up to seven million accounts on the Minecraft community website Lifeboat have been lifted and leaked online by hackers. The site's security was breached in January, but its administrators responded only by forcing a password reset without giving players any clue anything was wrong. The …
John Leyden, 29 Apr 2016
GHOST vulnerability

Hipster hackers cook up 'artisan' Squiblydoo attack

Hackers have figured out how to bypass application whitelisting software by utilising tools that are built into Windows by default. Squiblydoo allows a user with normal privileges to download and execute a script hosted on a remote server. All of this is done with signed Microsoft binaries that are installed with the operating …
John Leyden, 29 Apr 2016
Register Vulture logo - grey

US ATM cracks on the up

ATM compromises in the US jumped 546 per cent from 2014 to 2015. One big factor in the six-fold increase is a growth in problems at non-bank ATMs, such as convenience stores, according to a study by security analytics outfit FICO. The average duration of a compromise fell from 36 days in 2014 to 14 days in 2015. Cardholders …
John Leyden, 29 Apr 2016
Hacker with face obscured, wearing a hoodie,  works in front of a bank of monitors. photo by Shutterstock

Finance bods SWIFT to update after Bangladesh hack

Security vendors are pushing for a more comprehensive revamp of the SWIFT international inter-bank financial transaction messaging system beyond a update prompted by an $81m hack against Bangladesh's central bank. The loss of $81m (part of an attempted $950m heist) in February’s Bangladesh cyber-heist – reckoned to be the …
John Leyden, 29 Apr 2016

Batten down the hatches! OpenSSL preps fix for high impact vuln

Sysadmins, brace yourselves: OpenSSL has announced upcoming security fixes will fix a “high” impact flaw. Every OpenSSL release since the infamous Heartbleed vulnerability1 of April 2014 has been met with nervous anticipation, and that applies as much to the upcoming 1.0.2h, 1.0.1t releases as others before it. The last major …
John Leyden, 28 Apr 2016
Man eats toast while looking at watch, clearly late for something. Photo by Shutterstock

Quick, download your stuff! SurDoc shutters consumer-grade secure cloudy storage

Cloud-based secure storage outfit SurDoc has announced plans to discontinue its consumer service in order to concentrate exclusively on enterprise sales. In a statement, US-based SurDoc said that consumers have a month to download their data and make alternative arrangement before the service is zapped. Customers' …
John Leyden, 28 Apr 2016
Register Vulture logo - grey

Sales up for UK infoseccer

UK-based infosec consultancy NCC Group is growing its bottom line. In a trading update, the group reported revenues rose 60 per cent to £166.1m for the 10 months from 1 June 2015 to 31 March 2016, compared to £104.1m for the same period last year. NCC attributes 21 per cent of the rise to organic growth. Full year results, …
John Leyden, 28 Apr 2016
Gary Kovacs, CEO of AVG. Pic: World Economic Forum

Mobile antivirus sales offset declining search revenues for AVG

The scourge of Android malware is helping to bolster the bottom line of security software firm AVG but the firm still ended up recording a slight decrease in profits. For the first quarter ending 31 March 2016, AVG posted revenues of $107.9m, compared to $102.8m in Q1 2015, a rise of five per cent. Sales from AVG’s emerging …
John Leyden, 28 Apr 2016
ISIS fighters

Pro-ISIS hacking groups are still hooking up

Remember when pro-Daesh/ISIL/ISIS hacking groups banded together to form a unified force? They're still, er, hooking up, according to a recent study. However, while they still operate unofficially, say the authors, they remain poorly organised and are likely underfunded, according to threat intel outfit Flashpoint. The study, …
John Leyden, 28 Apr 2016
Linus Torvalds flips the bird

Linux infosec outfit does a Torvalds, rageblocks innocent vuln spotter

An open source security firm has blocked a security researcher who reported flaws in a recently issued patch in an apparent fit of pique. Hector Martin took to Twitter on Tuesday to note a trivial crashing vulnerability in a recently issued patch by Grsecurity. “I literally crashed my box by pasting a bunch of text into a …
John Leyden, 27 Apr 2016
Register Vulture logo - grey

DDoS just smokescreens

Distributed denial of service (DDoS) attacks are increasingly being used as a smokescreen for hacker attacks. A new survey from Neustar reports 71 per cent of financial services firms attacked experienced some form of theft and 38 per cent found viruses or malware activation after a DDoS attack. More than half (57 per cent) of …
John Leyden, 27 Apr 2016
US cashpoint. Pic: Tax Credits

What do you call an old, unpatched and easily hacked PC? An ATM

Almost any cash machine in the world could be illegally accessed and jackpotted1 with or without the help of malware. Security researchers at Kaspersky Lab reached this conclusion after investigating real attacks on ATMs and assessments of the machines carried out for several international banks. The susceptibility of ATMs in …
John Leyden, 26 Apr 2016

Google can't hold back this malware running riot in its Play store

Security researchers have discovered a strain of Android malware that keeps finding its way onto Google Play – despite the store supposedly being scrubbed clean of infiltrated apps. The software nasty – Android.Spy.277.origin – is hidden in more than 100 applications on Google Play. Sketchy programs harboring the malware …
John Leyden, 26 Apr 2016
Ted Cruz

Ted Cruz knows where you live – if you downloaded his app

Many US presidential primary apps gather users’ personal information and leave their sensitive data vulnerable to attackers, security researchers at Symantec warn. Data exchanged through many of the apps can be intercepted by attackers and shared with third parties because of weak security practices. Symantec analysed the …
John Leyden, 26 Apr 2016
Register Vulture logo - grey

Windows patching rises

Unpatched Windows PCs are on the decline in the UK - by the end of Q1 2016, 6.1 per cent of UK consumers had unpatched Windows operating systems, compared to 11.5 per cent at the same time last year, figures from Flexera Software’s Secunia Research team indicated. The same study found Apple QuickTime users are slower to patch …
John Leyden, 26 Apr 2016

Hackers so far ahead of defenders it's not even a game

Cybercriminals are way ahead of the game against defenders without having to try anything new, according to the latest edition of Verizon's benchmark survey of security breaches. The study shows that miscreants have no need to switch up, because the same old tactics are still working fine. Security defenders are still …
John Leyden, 26 Apr 2016
Mexico

'No password' database error exposes info on 93 million Mexican voters

Information on 93 million Mexican voters has been leaked online. Voter records were exposed as the result of a config error in a MongoDB database that meant that the information was left accessible by anyone who knew where to look. The database – hosted on Amazon AWS – included voters' names, addresses, voter ID numbers, dates …
John Leyden, 25 Apr 2016
Traffic in Saigon. Pic: "M M"

Guess what's 'easily hacked'? Yes, that's right: Smart city transport infrastructure

Roadside sensors and the data gathered from them can be easily hacked, according to field tests by researchers from Kaspersky Lab on the streets of Moscow. Transport infrastructure in modern cities typically includes an array of traffic and road sensors, cameras, and even smart traffic light systems. Data from these devices is …
John Leyden, 22 Apr 2016

Win XP, Flash, Java... healthcare makes easy pickings for hackers

The healthcare industry is a long way behind the financial sector in basic security practices, according to a study by two factor authentication firm Duo Security. Duo found that healthcare devices were significantly more out of date and less secure than ones from finance, after comparing its healthcare customers' devices to …
John Leyden, 22 Apr 2016
Register Vulture logo - grey

Revised trojan hits HK

Poison Ivy malware has been revamped as a more potent cyber-spying tool. The revised malware is been slung in targeted attacks against pro-democracy activists in Hong Kong. The latest version of the trojan features updated execution and communications mechanisms, as explained by researchers from Palo Alto Networks here. …
John Leyden, 22 Apr 2016

Dutch PGP-encrypted comms network ‘abused by crooks’ is busted

Dutch firm Ennetcom has pulled its systems offline following a bust by police and accusations that its encryption technology was being abused as a communications network by drug dealers. Police have seized servers in the Netherlands, and Canada is dismantling what local reports describe as a PGP-based comms network. The …
John Leyden, 21 Apr 2016

Check Point chugs on: Profits and revenues up despite volatile market

Check Point’s share price has dipped a touch after the firm reported lacklustre Q1 financial results. During the first quarter ending 31 March 2016, Check Point’s total revenues came in at $404m, compared to $373m in the first quarter of 2015, a nine per cent increase year-on-year. Its GAAP net income rose, albeit modestly. …
John Leyden, 21 Apr 2016

Ex-NSA security expert develops generic Mac ransomware blocker

An Apple security expert has developed a free-of-charge standalone ransomware defense tool for OS X. Patrick Wardle, a former NSA staffer who now heads up research at crowdsourced security intelligence firm Synack, has built RansomWhere?, a generic ransomware detector. The utility works by suspending untrusted processes that …
John Leyden, 20 Apr 2016

Grab a cuppa: Time to sort out that Oracle patch batch

Oracle has released its latest quarterly Critical Patch Update on Tuesday, releasing updates to Fusion Middleware, Peoplesoft, E-Business Suite, MySQL, and several other products. Java SE also got patched. This set of patches addresses 136 vulnerabilities in several product families, according to business application security …
John Leyden, 20 Apr 2016

Cybercrooks turn away from banks. Your health records are far juicier

Cybercrooks are switching up targets moving away from retail and financial services onto healthcare and government last year, according to figures from IBM’s security business. Retail drops out of top five most attacked sector while financial targets dropped from #1 to #3 in IBM X-Force’s 2016 Cyber Security Intelligence Index …
John Leyden, 20 Apr 2016
Register Vulture logo - grey

Viber rolls out e-2-e crypto

Messaging app Viber has announced plans to roll out full end-to-end encryption. The feature will become available “over the coming weeks” to all users who have the latest version of Viber across Android, iOS, Windows PCs and Macs. As part of this update, Viber also launches "hidden chats" allowing users to hide specific chats …
John Leyden, 19 Apr 2016
Flash Gordon

Exploit kit writers turn away from Java, go all-in on Adobe Flash

Exploit kit writers are no longer fussed about Java vulnerabilities, focusing their attention almost entirely on Adobe Flash. All of the top 10 vulnerabilities targeted by exploit kits during 2015 are related to Adobe Flash, according to a new study [PDF] from NTT Group. In 2013, by contrast, the top 10 vulnerabilities …
John Leyden, 19 Apr 2016
Monty Python sketch: Nobody expects the Spanish Inquisition

All-Python malware nasty bites Windows victims in Poland

Malware authors have put together a strain of malicious code written entirely in Python, in what may turn out to be an experiment in creating a new type of cross-platform nasty. PWOBot is written entirely in Python, and compiled via PyInstaller to generate a Microsoft Windows executable. The malware has already infected a …
John Leyden, 19 Apr 2016
Couple laying in tent with laptop

Top infosec students square off in inter-uni hackathon contest

Update The University of Cambridge is due to host a cybersecurity hacking competition between the top UK universities next Saturday (23 April). The hackathon (pdf), which is expected to involve students from 10 UK universities, follows a similar exercise between the University of Cambridge and MIT last month. The latter exercise was …
John Leyden, 19 Apr 2016

Idiot millennials are saving credit card PINs on their mobile phones

More than one in five 18-24 year olds (21 per cent) store PINs for credit or debit cards on their smartphones, tablets or laptops, according to research conducted by Equifax in conjunction with Gorkana. In the same survey of 500 people across all ages more than a third of young adults (38 per cent) said they also use their …
John Leyden, 18 Apr 2016

Swedish air controllers debunk cyber attack disruption theory

Sweden's civil aviation administration (LFV) has concluded that radar disruptions that affected services in Stockholm and Malmö last November were down to the effects of a solar flare, scotching rumors reported by El Reg and others earlier this week that a hacker group linked to Russian intelligence might be to blame. Radar …
John Leyden, 15 Apr 2016
LIZARD WEARING A TOP HAT SITS ON A BRANCH.  Brett Weinstein pic - ALTERED BY JUDE KARABUS - licensed under  CC 3.0

Lizard Squad back to blast Blizzard’s gaming hub

Lizard Squad has hit gaming firm Blizzard’s servers with a massive DDoS attack. Blizzard's Battle.net services were left intermittently unavailable as a result of the assault, the latest in a long line of hacking attacks against gaming firms by the notorious black hat hacking crew. Blizzard confirmed an attack in the earlier …
John Leyden, 15 Apr 2016
Register Vulture logo - grey

Malware in email surges

One in six (17 per cent) of all incoming email messages are blocked due to a suspected virus, according to email security firm Retarus. March's rate marks a fivefold rise in comparison with February and can be explained primarily by the large increase in ransomware, according to the enterprise-focused email filtering service …
John Leyden, 15 Apr 2016

Halfbreed trojan targets US banks

A new piece of malware has been linked to thefts of $4m from more than 24 American and Canadian banks in just a few days. Researchers at IBM reckon that hackers combined code from two malware types, known as Nymaim and Gozi, to create GozNym, a persistent and powerful trojan. Customers of numerous credit unions and popular e- …
John Leyden, 15 Apr 2016
Man on bicycle talks on mobile on busy Brussels street. Photo by Alredo Cerra via Shutterstock

Europe's new privacy safeguards are finally approved, must invade EU nations by 2018

Analysis The General Data Protection Regulation (GDPR) has been ratified by the European Parliament. The final seal of approval follows successful passage through the EU Parliament's Committee on Civil Liberties, Justice and Home Affairs. Following four years of discussions and amendments, the GDPR is now officially EU law and will …
John Leyden, 14 Apr 2016
Register Vulture logo - grey

Facebook video scam

A new Facebook scam campaign has been discovered that spreads a malicious browser plugin via social engineering techniques. The attack starts by luring a Facebook user into playing a video, most often titled “My first video”, “My video” or “Private video”. After clicking on the link, the victim is directed to a fake YouTube …
John Leyden, 14 Apr 2016
retro cartoon featuring two men fighting against cloud backdrop

SAP denial-of-service flaw combo poses remote hijack risk

Two denial of service vulnerabilities in SAP’s latest monthly patch batch can allow full system compromise, ERP security specialists warn. SAP released 19 security notes on Tuesday that collectively fixed 26 vulnerabilities. The updates included patches designed to close two critical DoS issues. Hackers might have been able …
John Leyden, 14 Apr 2016
Snow White waves goodbye. Photo copyright Disney

Ad slinger Phorm ceases trading

Controversial ad targeting firm Phorm has ceased trading. Phorm’s decision follows a failure to secure enough funding to run its business, as explained in a statement to the London Stock Exchange here. Phorm an advertising-technology company and first party data platform provider, announces that, further to its announcement …
John Leyden, 14 Apr 2016
Kinder egg on a bed of Kinder chocs. Photo by Radu Bercan/Shutterstock/Editorial use only

Magic Kinder app developer: Surprise! No security holes

Developers have responded to warnings about massive privacy problems with the Magic Kinder App for children by casting off insecure code, dropping poorly implemented functionality in the process. A lack of encryption within the Magic Kinder smartphone app and other security shortcomings created a severe security risk, as …
John Leyden, 14 Apr 2016

Lauri Love backdoor forced-decryption case goes to court in UK

Alleged hacktivist Lauri Love appeared in a London court on Tuesday in a case that could establish new powers for UK police to compel criminal suspects into handing over encryption keys. Love, 31, faces potential extradition to the US over his alleged involvement in #OpLastResort – the online protests that followed the …
John Leyden, 13 Apr 2016
Man with head in the cloud

Symantec.cloud portal limps back online after day-long TITSUP

Symantec.cloud’s portal is back online following a day-long outage. However, sysadmins report a continuing inability to perform basic functions such as adding new email accounts for new starters at the corporate firms they manage. Problems with the system followed a database crash on Monday morning that dragged on until …
John Leyden, 13 Apr 2016
Register Vulture logo - grey

PowerShell attacks up

Cybercriminals are increasingly using Microsoft PowerShell (a scripting language built-into Microsoft operating systems) as a means to launch stealthier hack attacks, according to a study by Carbon Black Security Partner Program. It found hackers used PowerShell to launch their attacks in 38 per cent of over 1,000 security …
John Leyden, 13 Apr 2016
Air traffic control at NATS

Sweden 'secretly blames' hackers – not solar flares – for taking out air traffic control

Sweden suspects a hacker group linked to Russian intelligence was responsible for an attack on its air traffic control systems last November, it is claimed. Air traffic control systems across much of Sweden were unavailable on November 4. Computer problems meant air traffic controllers were unable to use their displays, an …
John Leyden, 12 Apr 2016
Exhausted looking business man on phone in from of laptop. Photo by Shutterstock

Symantec cloud portal goes titsup after database crash

Symantec.cloud is in the middle of rebuilding its portal this lunchtime following a prolonged outage spanning more than 24 hours. The snafu stemmed from a database crash. Problems first surfaced at 1000 UTC (1100 BST) on Monday and dragged on until lunchtime on Tuesday, as detailed in a series of updates to Symantec.cloud’s …
John Leyden, 12 Apr 2016
Headshot of Trojan horse

New strain of data thieving malware Qbot unleashed

Researchers have uncovered a new strain of data-stealing trojan Qbot. The malware has infected more than 54,000 PCs in thousands of organisations across the world. Incident response experts at BAE Systems came across the malware variant during an engagement at an unnamed public sector organisation. The Qbot-related attack …
John Leyden, 12 Apr 2016
London - Iconic Red telephone box with Big Ben at the background and blue sky - UK, England. Photo by Shutterstock

Spear phishers target gullible Brits more than anyone else – survey

There’s been a sharp (35 per cent) increase in crypto ransomware attacks, with the UK ranked as the nation third most targeted with ransomware. The UK is also ranked as the most targeted nation for spear phishing attacks and the second most hit-upon country with social media scams, according to other findings from Symantec's …
John Leyden, 12 Apr 2016
money_currencies_648

Baddies' brilliant plan to get mobile malware whitelisted: Bribery

Criminals have resorted to bribes in order to smuggle malware into the source code of mobile gaming apps. The scam, in which malware authors bribed the employees of a legitimate mobile games company in China to embed malware into mobile apps, was uncovered by security researchers from Check Point. The bribe ensured that …
John Leyden, 11 Apr 2016
fail_parking_meter_648

SQL injection vuln found at Panama Papers firm Mossack Fonseca

Grey hat security researchers have discovered new flaws in the systems of Panama leak firm Mossack Fonseca. A self-styled “underground researcher” claims to have found a SQL injection flaw on one of the corporate systems of the Panamanian lawyers. “They updated the new payment CMS, but forgot to lock the directory /onion/,” …
John Leyden, 11 Apr 2016
Register Vulture logo - grey

BT hires cyber-security

BT is planning to hire 900 more cyber-security staff this year as part of plans to meet the growing demand for security services. The telco giant joins a growing number of vendors looking to tap into a scarce pool of cyber-security talent that initiatives such as the Cyber Security Challenge have only partially addressed. More …
John Leyden, 11 Apr 2016

Cyber-underworld price list revealed: $500 for company email inbox, $1,200 passports, etc

The underground bazaars for stolen online identities, access to corporate email inboxes, and fake ID are booming, we're told. Research by Dell SecureWorks says the market for underground hacking is increasing, particularly in Russia. Russian hackers are expanding their working hours and using guarantors to ensure customer …
John Leyden, 08 Apr 2016