Feeds
The Register Columnists

John Leyden

Contact Mail Follow Twitter RSS feed
Qualcomm Atheros hybrid network

Is your home or office internet gateway one of '1.2 MILLION' wide open to hijacking?

Hundreds of thousands of routers, firewalls and gateways used by small offices and homes are said to be vulnerable to hijacking due to bungled NAT settings. The networking devices are, we're told, commonly misconfigured to allow remote attackers to reprogram how network traffic flows to PCs, servers, tablets and other machines …
John Leyden, 22 Oct 2014

Microsoft warns users about 0-day behind PowerPoint attacks

Hackers are exploiting a zero-day vulnerability in Windows using malicious PowerPoint documents, Microsoft and security firms warn. An advisory from Microsoft warns that the as-yet-unpatched flaw is present in all supported versions of Windows except Windows Server 2003 and has already been abused in "limited, targeted attacks …
John Leyden, 22 Oct 2014

APPLE support doc CONFIRMS 'ORGANIZED NETWORK ATTACKS'

Apple is warning its iCloud users over heightened spying risks following the discovery of attacks which security watchers have claimed are down to crude snooping by the Chinese government. Without naming China directly, Apple said it was "aware of intermittent organised network attacks" on its iCloud service designed to obtain …
John Leyden, 22 Oct 2014
GCHQ Benhall doughnut aerial view

Edward who? GCHQ boss dodges Snowden topic during last speech

Sir Iain Lobban's final speech as GCHQ director omitted any mention of that man Edward Snowden, and unlike recent speeches by FBI and law enforcement officials on both side of the Atlantic, the spy boss had no critical words for Apple and Google's plans to roll out improved encryption on smartphones and computers. Instead, an …
John Leyden, 21 Oct 2014
Cloud security

Defence giant BAE coughs $230m for cloud heavy SilverSky

BAE Systems has bought cloud-based email and network security firm SilverSky for $232.5m, seemingly finding the US company's products and customer base irresistible. Ian King, chief executive, BAE Systems, said: "SilverSky has an established sales force, a complementary suite of scalable products and a large installed customer …
John Leyden, 21 Oct 2014
Fraud image

Hacked and ashamed? C'mon, Brits – report that cybercrime

Internet-enabled frauds reached £670m across the UK in the 12 months running up to the end of August, according to new figures from the National Fraud Intelligence Bureau. Since the majority of internet-enabled fraud cases still go unreported, the true economic cost to the UK is likely to be significantly higher. The figures …
John Leyden, 21 Oct 2014
Screenshot of Microsoft promotional video touting Office 2013's cloud integration

Most cloud apps flout EU data protection rules – study

Three in four cloud services do not conform to the current EU Data Protection Directive, according to a new study. Enterprise cloud visibility firm Skyhigh Networks found that nearly three-quarters (72 per cent) of the cloud services used by European organisations do not meet the requirements of the current privacy regulations, …
John Leyden, 21 Oct 2014

FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for

There has been growing disquiet over Apple's desktop search app Spotlight, which sends queries for things back to the company's servers to process. Spotlight phones home in OS X Yosemite, version 10.10, and it is enabled by default: it can be switched off, but with Apple insisting that it now takes people's privacy seriously, …
John Leyden, 20 Oct 2014
IT Crowd. Source: Channel 4 / 2entertain

Sophos to offshore American support operations

Sophos plans to offshore support operations from the US to Canada and the Philippines as part of a wide-ranging restructuring of its support operations. The plans were outlined in an internal email to staff from Mary Winfield, SVP Global Support, leaked to El Reg by an anonymous tipster. "Another year, another round of layoffs …
John Leyden, 20 Oct 2014
Malware

Twitter 'news' spreads faster than Ebola #FakeCures #Malware

Social media has become a conduit for the spread of fake cures and treatments for Ebola. As if that weren't bad enough, confusion about the epidemic is also being harnessed to push malware and other cybercrime scams, security watchers warn. The hoaxes began in the Twittersphere with the spread of false ways to treat Ebola. Late …
John Leyden, 20 Oct 2014
Container Vessel at Sea

US government fines Intel's Wind River over crypto exports

The US Government has imposed a $750,000 fine on an Intel subsidiary for exporting encryption to China, Russia, Israel and other countries Wind River Systems was fined for exporting products that incorporated encryption to foreign governments and to organisations on the US government restricted list. The controversial move means …
John Leyden, 17 Oct 2014

UK's a very popular target for EMEA cyberspies – report

Malware attacks, especially in Europe, nearly doubled in the first half of 2014, according to a new report. Government, financial services, telecommunications and energy were the most targeted sectors – collectively making up more than half of attacks detected by security vendor FireEye. The UK (17 per cent) followed by Germany …
John Leyden, 17 Oct 2014
android tongue

Bad news, fandroids: He who controls the IPC tool, controls the DROID

A security flaw in a core message-passing mechanism leaves every Android device potentially vulnerable to attack, security researchers warned on Thursday. The newly discovered flaw enables hackers to override in-app security features, leaving critical apps such as mobile banking susceptible to tampering. The same vulnerability …
John Leyden, 16 Oct 2014
Crime in Russia

Hacker-hunters finger 'Keyser Soze' of Russian underground card sales

A hacker based in Odessa, Ukraine has become the main provider of data stolen from compromised credit cards, a new study claims. According to Russian cyber-security consultancy Group-IB, a person or persons operating under the pseudonym “Rescator” (AKA Helkern and ikaikki) uploaded details of over five million cards onto the …
John Leyden, 16 Oct 2014

Drupal SQL injection nasty leaves sites 'wide open' to attack

A newly patched SQL injection flaw in Drupal leaves sites that rely on the widely used web development platform wide open to attack. Admins of sites that run Drupal 7 should upgrade to 7.32 to guard against possible attack. Patching needs to take place sooner rather than later because the easy-to-exploit vulnerability hands …
John Leyden, 16 Oct 2014

FinFisher spyware used to snoop on Bahraini activists, police told

Allegations that three Bahraini activists resident in Britain were spied on by Bahraini authorities using British spyware have led to a criminal complaint. Privacy International is calling on the National Cyber Crime Unit of Britain's National Crime Agency to investigate the unlawful surveillance of three human rights …
John Leyden, 16 Oct 2014
Harry the Rottweiler - aka small poodle called Patsy

Man bites dog: HTTPS-menacing POODLE is 'hard to exploit' – unless you're on public Wi-Fi

Mozilla will ditch support for the insecure SSL 3.0 from Firefox next month, following the discovery of a design flaw in the protocol that allows hackers to hijack victims' online accounts. SSL v3 will be disabled by default in Firefox 34, due to be released on 25 November. Security experts are unanimous that sysadmins and …
John Leyden, 16 Oct 2014
Remy from Ratatouille

FireEye, Microsoft, Cisco team up to take down RAT-flinging crew

Security vendors have teamed up to fight a prolific cyber-espionage group thought to be based in China. The hacking crew has been targeting finance, education, government, policy groups and think tanks for around four years since 2010. One of its main tools is Moudoor, a derivative of the infamous Gh0st RAT (remote access tool …
John Leyden, 15 Oct 2014

Snapchat 'hack' pics mostly clothed user snaps, odd bits of legacy pr0n – report

Last week's SnapChat image leak has turned out to be a damp squib rather than the serious privacy breach anticipated by many in the wake of the "Fappening". As previously reported, 200,0000 private photos and videos sent using the SnapChat application and archived using the unofficial (and now defunct) SnapSaved.com site leaked …
John Leyden, 14 Oct 2014
Kindle Big Brother

Cops and spies should blame THEMSELVES for smartphone crypto 'problem' - Hyppönen

Law enforcement and intel agencies have no right to complain about the improved security of smartphones because they brought the problem on themselves, according to security guru Mikko Hyppönen. Policing and government officials on both sides of the Atlantic have been vociferous in their complaints about Apple and Google's …
John Leyden, 13 Oct 2014

Selfmite on STEROIDS: Pumped-up SMS worm is BACK...

The SMS worm Selfmite is back: bigger, badder and now global. The worm, which first surfaced in June and affects Android smartphones and tablets, has spawned a new version. Selfmite-B infects many more users, uses several money-making techniques and is generally more dangerous and difficult to stop, warns mobile security firm …
John Leyden, 10 Oct 2014
IE8 patch

Internet Explorer stars in monster October Patch Tuesday

October is stacking up to be a bumper Patch Tuesday update with nine bulletins lined up for delivery — three rated critical. Cloud security firm Qualys estimates two of the lesser "important" bulletins are just as bad however, as they would also allow malicious code injection onto vulnerable systems. Top of the critical list is …
John Leyden, 10 Oct 2014
emma watson

Facebook scammers punt fake 'sexy vid' of Emma Watson

Scammers are taking advantage of Emma Watson’s growing popularity by using the Harry Potter star as bait to spread malware on Facebook. The supposed “sexy videos” of the British actress – who has recently stood up against sexism in her new role as Goodwill Ambassador for Women – drop Trojans rather than the promised salacious …
John Leyden, 10 Oct 2014
Hacker image

'A motivated, funded, skilled hacker will always get in' – Schneier

Hacking attacks are more or less inevitable, so organisations need to move on from the protection and detection of attacks towards managing their response to breaches so as to minimise harm, according to security guru Bruce Schneier. Prevention and detection are necessary, but not sufficient, he said. Improving response means …
John Leyden, 09 Oct 2014

Sir Tim Berners-Lee defends decision not to bake security into www

Sir Tim Berners-Lee has defended his decision not to build in security at the onset of the world wide web. It’s easy to be wise in hindsight, but Sir Tim explained that at the point he invented the world wide web 25 years ago, he wanted to create a platform that developers would find familiar and easy to use. Baking in security …
John Leyden, 08 Oct 2014

Revealed: Malware that forces weak ATMs to spit out 'ALL THE CASH'

Thieves are sneaking malware dubbed Tyupkin into ATMs to force them to cough millions of dollars, we're told. The crims don't need to use stolen or cloned cards. Instead, fraudsters infect the ATM's on-board PC, and later type a special combination of digits on the PIN keypad to drain the machine of banknotes – that's according …
John Leyden, 08 Oct 2014

Britain’s snooping powers are 'too weak', says NCA chief

Keith Bristow, head of of the National Crime Agency (the UK’s FBI), is arguing Britain’s snooping powers are “too weak”. In an interview with The Guardian, the NCA’s director general said police need new powers to monitor data about emails and phone calls. He admits many don't see the police case for comms data snooping while …
John Leyden, 07 Oct 2014

Monster banking Trojan botnet claims 500,000 victims

Security researchers have uncovered the infrastructure behind one of largest and most voracious banking Trojan networks uncovered to date. The Qbot (aka Qakbot) botnet apparently infected 500,000 systems before sniffing "conversations" – including account credentials – for a whopping 800,000 online banking transactions. More …
John Leyden, 07 Oct 2014
USB tampon

FLASH drive ... Ah-aaaaaah! BadUSB no saviour to plug and play Universe

The seriousness of a USB security weakness, which could potentially allow hackers to reprogram USB drives, has been ratcheted up a notch, with the release of prototype code. Researchers Karsten Nohl and Jakob Lell, from German security skunkworks SR Labs, demonstrated how it might be possible to reprogram the firmware within …
John Leyden, 03 Oct 2014

MAC BOTNET uses REDDIT comments for directions

A zombie network that feasts on the computer brains of infected Macs has press-ganged 17,000 compromised machines into its ranks, Russian anti-virus firm Dr Web warns. The iWorm creates a backdoor on machines running OS X. Miscreants are using messages posted on Reddit as a navigational aid which points infected machines towards …
John Leyden, 03 Oct 2014
Car-2-Car

We're not Mr Brightside: Asda Car Insurance broker hacked

No customer data was exposed after the firm behind Asda Car Insurance was hacked, said the broker as it explained why the ACI website went offline earlier this week. Reg reader and Asda Car Insurance customer Arthur forwarded us a notice he received from Brightside Group, who provide white label insurance products for Asda and …
John Leyden, 03 Oct 2014
sabu

LulzSec supersnitch led attacks on UK, Australia – report

Hacktivist kingpin turned FBI snitch Hector Xavier "Sabu" Monsegur orchestrated attacks against 30 countries, including systems in the UK and Australia, according to a report that joins the dots between sealed court docs and leaked IRC chat logs. According to the court documents, Monsegur persuaded other hacktivists – among them …
John Leyden, 02 Oct 2014

Bash bug flung against NAS boxes

Hackers are attempting to exploit the BASH remote code injection vulnerability against Network Attached Storage (NAS) systems. Miscreants are actively exploiting the time-to-patch window in targeting embedded devices, security firm FireEye warns. We have evidence that attackers are actively exploiting the time-to-patch window …
John Leyden, 01 Oct 2014

Xen sticks pin in bug behind Rackspace GLOBAL CLOUD REBOOT

Details of the mysterious Xen vulnerability, which prompted the Amazon AWS/Rackspace cloud reboots late last week, have been revealed, with patches already available. The CVE-2014-7188 vulnerability creates a way to trick the hypervisor into reading unallocated memory. "A buggy or malicious HVM [hardware virtual machine] guest …
John Leyden, 01 Oct 2014
Hacked sarcasm

Biz coughs up even less for security, despite mega breach losses

Information security budgets are falling despite a continuing rise in the number of attacks, according to a new report by management consultants PwC. Detected security incidents have increased 66 per cent year-over-year since 2009, reaching the equivalent of 117,339 attacks per day, according to PwC's "The Global State of …
John Leyden, 01 Oct 2014

George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests

George Clooney and his new wife – a human rights lawyer who has represented six-fingered embassy dweller Julian AssangeTM – went to extreme lengths to safeguard the privacy of their wedding, even issuing guests with "burner phones" under their control. Guests at last weekend's nuptials between George Clooney and top lawyer Amal …
John Leyden, 30 Sep 2014

Consumers agree to give up first-born child for free Wi-Fi – survey

Consumers carelessly use public Wi-Fi without regard for their personal privacy, even blithely agreeing to surrender their first born in exchange for the opportunity to check their emails without paying. That's according to an experiment which involved setting up a "poisoned" Wi-Fi hotspot. Unsuspecting users who connected to …
John Leyden, 30 Sep 2014

Shellshock: 'Larger scale attack' on its way, warn securo-bods

The Shellshock vulnerability has already become the focus for malicious scanning and at least one botnet but crooks are still testing the waters with the vulnerability and much worse could follow, security watchers warn. Net security firm FireEye said it has seen all manner of overtly malicious traffic leveraging the Bash bug, …
John Leyden, 29 Sep 2014
iCloud brute force

Spammer uses innocent hacked blogs to punt NAKED PICS of JLaw, McKayla Maroney

A long established smut spammer is using hacked websites to sell stolen photographs of naked celebrities including Jennifer Lawrence, Kate Upton and McKayla Maroney. The miscreant (who uses compromised web servers to host his landing pages) has altered his pitch to include copies of the recently released stolen photographs of …
John Leyden, 29 Sep 2014

SHELLSHOCKED: Fortune 1000 outfits Bash out batches of patches

The majority of Fortune 1000 and Global 2000 companies have already deployed, or are now deploying, Shellshock patches to fend off code attacks, according to cloud security firm CloudPassage. The Shellshock vulnerability allows remote attackers to execute arbitrary code on servers using a variety of techniques, with the CVE-2014 …
John Leyden, 29 Sep 2014

Stunned by Shellshock Bash bug? Patch all you can – or be punished

The UK's privacy watchdog is urging organisations to protect their systems against the infamous Shellshock vulnerability in Bash – even though the full scope of the security bug remains unclear. The Shellshock flaw affects Bash up to and including version 4.3. It's a vital component of many Linux and Unix systems, as well as …
John Leyden, 26 Sep 2014
Disney's Beagle Boys

Four caged in UK after cyber-heist swipes €7m in EU carbon credits

Four men were jailed in the UK this week following the theft of millions of pounds in carbon-emission credits. The gang was convicted for their part in an operation that stole half a million credits – valued at €7m (£5m) at the time – from the Czech Republic’s carbon-emission registry back in January 2011. European carbon- …
John Leyden, 26 Sep 2014
Now you've done it...

Hackers thrash Bash Shellshock bug: World races to cover hole

Sysadmins and users have been urged to patch the severe Shellshock vulnerability in Bash on Linux and Unix systems – as hackers ruthlessly exploit the flaw to compromise or crash computers. But as "millions" of servers, PCs and devices lay vulnerable or are being updated, it's emerged the fix is incomplete. The flaw affects the …
John Leyden, 25 Sep 2014

FBI: Your real SECURITY TERROR? An ANGRY INSIDE MAN

Disgruntled workers are causing more problems for their employers, the FBI warns. Employees, ex-workers or contractors with a grudge against their former paymasters are abusing cloud storage sites or remote access to enterprise networks to steal trade secrets, customer lists or other sensitive information. Insider threats have …
John Leyden, 25 Sep 2014

Latest Firefox and Thunderbird updates plug CRITICAL SSL vuln

Mozilla Firefox needs patching urgently following the discovery that the open source browser is vulnerable to SSL man-in-the-middle attacks. The critical bug arises because the Network Security Services (NSS) libraries parser built into the browser is capable of being tricked into accepting forged RSA certificate signatures. …
John Leyden, 25 Sep 2014

Patch Bash NOW: 'Shellshock' bug blasts OS X, Linux systems wide open

A bug discovered in the widely used Bash command interpreter poses a critical security risk to Unix and Linux systems – and, thanks to their ubiquity, the internet at large. It lands countless websites, servers, PCs, OS X Macs, various home routers, and more, in danger of hijacking by hackers. The vulnerability is present in …
John Leyden, 24 Sep 2014
Canvas fingerprinting

Apple is too shallow, must go deeper to beat TouchID fingerprint hack, say securo-bods

News that Apple’s iPhone 6 can be spoofed with the same fake fingerprints that tricked its earlier version, the iPhone 5S, has sparked off a lively debate among security researchers. Lookout researcher Marc Rogers demonstrated that the TouchID fingerprint sensor of the latest iPhones could be made to work with a cloned …
John Leyden, 24 Sep 2014
Heatmiser PRS-TS WiFi RF Thermostat

Heatmiser digital thermostat users: For pity's sake, DON'T SWITCH ON the WI-FI

Digital thermostats from Heatmiser are wide open to takeover thanks to default login credentials and myriad other security flaws. The UK-based manufacturer has promised to develop a fix. Pending the arrival of a patch, users are advised to disable the device's Wi-Fi capability. The security flaws were discovered by Andrew …
John Leyden, 24 Sep 2014
Detail from Chaos Computer Club video

Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack

Apple’s shiny new iPhone 6 can be spoofed with the same fake fingerprints that tricked its older sibling, the iPhone 5S. That's according to mobile security firm Lookout, which said it discovered that it is possible to create a fake fingerprint that's capable of fooling the TouchID fingerprint sensor of the latest iPhones (6 and …
John Leyden, 23 Sep 2014
Files

UK banks hook themselves up to real-time cop data feed

UK banks will receive real-time warnings about threats to their customers' accounts as well as the overall integrity of their banking systems from a new financial crime alert system. Financial Crime Alerts Service (FCAS), which is being rolled out by banking industry association BBA, is designed to allow financial crime …
John Leyden, 23 Sep 2014