John Leyden

Contact Mail Follow Twitter RSS feed

Fancy hacking Man City? Happy days: Footy club to host hackathon

Manchester City FC has detailed plans to become the first football club to host a data hackathon. The English Premier League Team hopes the event will lead to exclusive insights into the performance of football stars such as Joe Hart, Yaya Touré and Sergio Agüero. Participants in the weekend hack event will be offered access …
John Leyden, 29 Jun 2016
Plymouth Hoe, Devon. Pic: Shutterstock

Plymouth 'animal rights' teen admits Florida SeaWorld cyber attack

A British teenager has admitted taking part in cyber-attacks against Florida's SeaWorld theme park and Devon and Cornwall Police. However, the 16 year-old from Plymouth, Devon – who can’t be named for legal reasons – denied sending threatening messages to airlines. During a hearing at Plymouth’s youth court the youngster …
John Leyden, 29 Jun 2016

SWIFT hackers nick $10m from Ukraine bank

Hackers stole $10m from a Ukrainian bank by – yup, you guessed it – invading its computers and using the inter-bank transfer system SWIFT to shift their loot. The theft from an unnamed Ukrainian bank follows news of cyber-heists at other banks worldwide, most notoriously the lifting of $81m from an account held in New York …
John Leyden, 28 Jun 2016
NBC suit worker image via Shutterstock

You know how that data breach happened? Three words: eBay, hard drives

Users are unwittingly selling sensitive and unencrypted data alongside their devices through the likes of eBay and Craigslist. Secure data erasure firm Blancco Technology Group (BTG) purchased 200 second-hand hard disk drives and solid state drives before conducting a forensic analysis to find out what data was recoverable. …
John Leyden, 28 Jun 2016

Eat my reports! Bart ransomware slips into PCs via .zip'd JavaScript

The cybercrooks behind ransomware Dridex and Locky have started distributing a new file-scrambling software nasty dubbed Bart. Bart has a payment screen just like Locky's, and encrypts documents without first connecting to a remote command-and-control server to receive its orders. Bart may therefore be able to encipher Windows …
John Leyden, 28 Jun 2016

Crooks abusing Facebook to offer credit card samples

Crooks are using social networks like Facebook to offer free samples of stolen credit cards. Facebook is “not proactive enough” in dealing with the threat, according to Daniel Cohen, head of anti-fraud service for RSA in Israel. A simple search of “cvv2” inside Facebook turns up several stolen credit card freebie sample …
John Leyden, 27 Jun 2016
sale

Intel mulls sale of Intel Security – reports

Opinion Intel is reportedly looking to offload its Intel Security arm. The IT giant is investigating options for Intel Security cyber security business, the FT reports. These options include selling off the security software business formerly known as McAfee that the chip-maker bought for $7.7bn back in August 2010. Intel is yet to …
John Leyden, 27 Jun 2016
letters stuffed in a mailbox. Photo by SHutterstock

Botnet-powered ballot stuffing suspected in 2nd referendum petition

Brexit A petition for a second EU referendum in the UK has been hit by suspicions of computer automated ballot stuffing, possibly by politically motivated hackers. 77K fraudulent signatures have been removed from a petition calling for a second vote on the UK’s relationship with the European Union. The so-far identified fraudulent …
John Leyden, 27 Jun 2016

EU GDPR compliance still a thing for UK firms even after Brexit

BREXIT Many UK businesses will still face the burden of complying with recently introduced EU data protection rules even after Thursday's historic Brexit vote. UK businesses will be subject to the upcoming GDPR (General Data Protection Regulation), which comes into effect in April 2018, regardless of the EU Referendum result, …
John Leyden, 24 Jun 2016
shutterstock_225964027-pizz

'2nd referendum' topples site

The UK government’s parliament.uk website has crashed under the traffic of Remain voters demanding a second referendum. The result of Thursday’s vote defied expectations. Even so, security experts reckon that there are steps that public-facing websites can take in avoiding falling offline in the face of overwhelming demand. …
John Leyden, 24 Jun 2016
Magic act, image via Shutterstock

Look into our network, not around our network... you're under

Tactics successfully deployed by Field Marshal Bernard Law Montgomery against German Army officer Erwin Rommel in the battle of El Alamein have been applied in a cyber-technology that aims to outfox hackers. During the important WWII battle, allied forces deployed dummy tanks consisting of plywood frames placed over jeeps as a …
John Leyden, 24 Jun 2016
Happy man holds flag of Israel. Pic: Shutterstock

Israeli cybersecurity boom 'sustainable', argues industry’s father

Israel cyber week The "father" of Israel's cybersecurity industry reckons the unprecedented growth in its security startup industry can be sustained. Isaac Ben Israel, who heads the Interdisciplinary Cyber Research Center (ICRC) at Tel Aviv University, estimates there are 400 cybersecurity firms in Israel. Together with more established …
John Leyden, 22 Jun 2016

Stuxnet was the opening shot of decades of non-stop cyber warfare

The famous Stuxnet attack against Iran is credited by some as forestalling the alternative: a bombing raid by Israel against Iran’s nuclear facility. The use of such cyber-weapons in the future, however, may mean more countries end up in low-level conflicts more or less continuously. Military strategists are still grappling …
John Leyden, 22 Jun 2016
Screenshot from the movie Airplane!

'Plane Hacker' Roberts hacks cows

"Plane Hacker" Chris Roberts managed to make it to Israel before delivering a barnstorming presentation at the nation's Cyber Week security conference. The larger-than-life Highland Games participant told delegates how he discovered it was possible to hack milking machines in the wake of 2014's Scottish referendum result. …
John Leyden, 21 Jun 2016
Robot touches screen with finger. Photo via Shutterstock

Israel and US forge human-free cyber info-sharing pact

The US and Israel and due to announce a bilateral threat sharing programme involving co-operation between the two allies' Computer Emergency Response Teams. The agreement, due to be signed on Tuesday, was trailed in respective conference speeches by Alejandro Mayorkas, deputy secretary of US Homeland Security and Dr Eviatar …
John Leyden, 20 Jun 2016
Cheban's blingy watch

Sirin Labs' Solarin isn't for pro-privacy bankers. It's for rich execs who want bling

El Reg got hands-on with the Solarin $14,000 ultra-high-end Android smartphone during a trip to Tel Aviv this week. As previously reported, the Solarin handset is an Android-based smartphone pitched at privacy-conscious executives and the ultra-wealthy. The smartphone comes with a 24 megapixel camera and integrated 3D audio …
John Leyden, 20 Jun 2016
Enter your password by https://www.flickr.com/photos/49889874@N05/ cc 2.0 attribution generic https://creativecommons.org/licenses/by/2.0/

GitHub presses big red password reset button after third-party breach

GitHub has reset the passwords of users targeted in an attack this week that relied on using stolen credentials from a breach at a third party site. The software repository itself has not suffered a breach. Hackers behind the assault were trying to break into the accounts of users who had inadvisedly used the same login …
John Leyden, 16 Jun 2016

Smut shaming: Anonymous fights Islamic State... with porn

Elements of the Anonymous hacking collective have switched tactics in a campaign against supporters of the self-style Islamic State by attempting to shame and humiliate jihadists by adding pornographic images to their social media profiles. The smut-smearing follows months of attempting to report jihadist profiles on social …
John Leyden, 16 Jun 2016
Lady eating a sandwich checking her mobile phone

Biz networks' DNS troubles

More than four in five (83 per cent) of enterprise networks show evidence of malicious DNS activity. Malware such as botnets, the ZeuS banking malware, distributed denial of service (DDoS) traffic and the CryptoLocker ransomware generated malicious lookup queries picked up in a new study by DNS security specialists Infoblox …
John Leyden, 16 Jun 2016

Sofacy NotSoGood: Time to switch up our Trojan-slinging tactics

A hacking group linked by researchers to the Kremlin has switched its tactics as part of a new attack against the United States government. A spear phishing email from the Sofacy group (also known as APT28) sent to a "US government entity" from a potentially compromised account belonging to the Ministry of Foreign Affairs of …
John Leyden, 15 Jun 2016
Newspapers

Cybercrooks are pimping out pwned RDP servers

Cybercriminals are buying and selling access to compromised servers for as little as $6 each. The xDedic marketplace, which appears to be run by a Russian-speaking group, lists 70,624 hacked Remote Desktop Protocol (RDP) servers for sale. Kaspersky Lab researchers warn that crooks can abuse the compromised systems to hack …
John Leyden, 15 Jun 2016
CAT TELLS OWNER THEY'RE LATE. PHOTO BY SHUTTERSTOCK

SAP patch batch includes fix for 3-year-old info disclosure vuln

SAP has released patches for more than 20 vulnerabilities, including a fix for a flaw first detected three years ago. Software updates to resolve vulnerabilities in SAP’s Business Intelligence and Business Warehouse products star in the 13-bulletin batch, whose release yesterday coincided with Microsoft’s regular Patch Tuesday …
John Leyden, 15 Jun 2016

Biz security deadline knocked back 3 months 'cos Brits ignored it

A deadline for businesses to make sure they were compatible with new payment security measures has been extended after around 1,000 UK companies failed to take the necessary action. These businesses risked being unable to pay staff and suppliers, forcing Bacs Payment Schemes Limited to extend its deadline by three months from …
John Leyden, 15 Jun 2016

Clueless s’kiddies using exploit kits are behind ransomware surge

Releases of new ransomware grew 24 per cent quarter-on-quarter in Q1 2016 as relatively low-skilled criminals continued to harness exploit kits for slinging file-encrypting malware at their marks. The latest quarterly study by Intel Security also revealed that Mac OS malware grew quickly in Q1, primarily due to an increase in …
John Leyden, 14 Jun 2016
 Can't See You... by https://www.flickr.com/photos/12023825@N04/  cc 2.0 attribution sharealike generic https://creativecommons.org/licenses/by-sa/2.0/

Half of Brit small biz hit by cyber crime. 10% spend zilch on infosec

Almost half (48 per cent) of Britain's small businesses were hit by cyber-crime in the last year, with 10 per cent targeted many times. Despite this only one in five see cybersecurity as a business priority, and just 15 per cent are confident that they have adequate measures in place to prevent cybercrime, according to a …
John Leyden, 14 Jun 2016