John Leyden

Contact Mail Follow Twitter RSS feed

Alert: If you're running SquirrelMail, Sendmail... why? And oh yeah, remote code vuln found

Updated Security researchers have uncovered a critical security hole in SquirrelMail, the open-source webmail project. Filippo Cavallarin and Dawid Golunski independently discovered a remote code execution hole in SquirrelMail version 1.4.22 and likely prior. That's the latest version, by the way, and is dated July 2011. The bug is a …
John Leyden, 24 Apr 2017

eBay denies claims it's failing to thwart 'systematic fraud'

A campaigner has gone public with his concerns over an alleged scam on eBay. The person claimed a group of fraudsters have found a way around PayPal/eBay's anti-fraud system, in a complex multi-stage scam. eBay says it has the problem in hand, a contention strongly disputed by the campaigner, who said he has tracked and …
John Leyden, 24 Apr 2017
Man looks suspiciously over his shoulder while working on laptop. Photo via Shutterstock

LinkedIn U-turns on Bluetooth-enabled 'Tinder for marketers'

LinkedIn irked privacy advocates by dropping a Bluetooth-enabled "Tinder for marketers" feature into its mobile app on Thursday. Respected security researcher Rik Ferguson was nonplussed at changes in LinkedIn's mobile app that threw up a pop-up requesting permission to share data with nearby Bluetooth devices even when users …
John Leyden, 21 Apr 2017

Peer pressure, not money, lures youngsters into cybercrime – report

Teenage hackers get mixed up in cybercrime mostly to gain bragging rights over peers rather than to get rich, according to a new study. The National Crime Agency report fingers peer pressure and kudos as a key reason for youngsters in getting mixed up with online crime. Few if any of those who stray on to the wrong side of the …
John Leyden, 21 Apr 2017

Online ad scam launders legions of pirates and pervs into 'legit' surfing

An elaborate online ad scam that disguised junk traffic as views on reputable sites has been costing advertisers as much as $7m per month. Fraudsters behind the "Traffic Alchemist" scam dressed junk traffic as quality views originating from Google and Twitter. They began by buying traffic, typically on porn or torrent sites, …
John Leyden, 20 Apr 2017
botnet

Flaws found in Linksys routers that could be used to create a botnet

Multiple models of Linksys Smart Wi-Fi Routers have vulnerabilities that might be exploited to create a botnet, security researchers at IOActive warn. The flaws could be abused to overload a router and force a reboot, deny user access, leak sensitive information about the router and connected devices, or change restricted …
John Leyden, 20 Apr 2017
Image by ART production http://www.shutterstock.com/gallery-3278237p1.html

Microsoft shrugs off report that Edge can expose user identities from JS Fetch requests

Updated An independent researcher claims to have uncovered a security flaw in Microsoft Edge. The issue enables any website to identify someone by their username from another website, according to Ariel Zelivansky. More specifically the bod alleges that Edge exposes the URL of any JavaScript Fetch response, in contradiction to the …
John Leyden, 20 Apr 2017
phishing

UK.gov survey shines light on cybersecurity threats to businesses

Phishing and ransomware remain the most pressing security threats for UK business, according to a government-backed survey out Wednesday. The survey, commissioned by the Department for Culture, Media and Sport, found that the most common types of breaches are related to staff receiving fraudulent emails (in 72 per cent of …
John Leyden, 19 Apr 2017

Profit with just one infection! Crook sells ransomware for $175

Cybercrooks have begun retailing a new easy-to-use ransomware strain that promises profit with only one successful infection. Karmen is being sold on Dark Web forums from Russian-speaking cyber-criminal DevBitox for $175. The new ransomware-as-a-service variant offers a graphical dashboard, allowing purchasers to keep a …
John Leyden, 18 Apr 2017
Woman stares at laptop screen, shocked. Pic by shutterstock

Cerber surpasses Locky to become dominant ransomware menace

Cerber eclipsed Locky as the most common ransomware pathogen doing the rounds in the first three months of 2017. Cerber's control of the cybercrime market rose from 70 per cent market share in January to 87 per cent in March, according to the latest cybercrime tactics report by Malwarebytes Lab. The success of Cerber is down …
John Leyden, 13 Apr 2017

Callisto Group snoopers wreak havoc with leaked HackingTeam spyware

Leaked HackingTeam spyware was used by a cyber-spy group to collect intelligence. The Callisto Group cyber-spies collected intel on foreign and security policy in eastern Europe and the south Caucasus using spyware developed for law enforcement agencies, according to F-Secure Labs. The group – which remains active – has …
John Leyden, 13 Apr 2017
Man ties laces on running shoe pre-jog. Photo by Shutterstock

Free health apps laugh in the face of privacy, sell your wheezing data

Free health tracker apps pose a severe privacy risk, security researchers warn. Developers frequently neglect data protection and, worse, intentionally lure in users with free health gimmicks in order to monetise their data. Other sharp practices uncovered by the researchers include unsecured data transmission and ad tracking …
John Leyden, 13 Apr 2017

Half-baked security: Hackers can hijack your smart Aga oven 'with a text message'

Miscreants can remotely turn off and on posh Aga ovens via unauthenticated text messages, security researchers have warned. All the hijackers need is the phone numbers of the appliances. The vulnerable iTotal Control models of the upmarket cookers contain a SIM card and radio tech that connects to mobile phone networks. This …
John Leyden, 13 Apr 2017
Australian money at a crime scene

Cyberattacks wipe more than $50bn off big biz value, say beancounters

Severe cyber-break-ins permanently stripped 1.8 per cent off companies' stock prices, on average, according to a new study out today. Putting that 1.8 per cent drop in context, that dip represents a permanent loss of market capitalization of £120m ($150m) for a typical FTSE 100 biz, we're told. Eggheads at Oxford Economics in …
John Leyden, 12 Apr 2017
Brexit - arrow points to leave

MPs worried Brexit vote website wobble caused by foreign hackers

A committee of MPs has expressed concerns that foreign hackers might have had a hand in crashing the UK's voter registration website last year shortly before the Brexit referendum. The Public Administration Committee concluded that a foreign cyber attack remains a potential reason that the "register to vote" site crashed on 7 …
John Leyden, 12 Apr 2017

Gordon Ramsay's in-laws admit plot to hack sweary celeb chef's biz

Gordon Ramsay's father-in-law has admitted conspiring to hack into the computer systems of businesses run by the celebrity chef. Christopher Hutcheson, 68, and his sons Adam, 46, and Christopher, 37, all admitted conspiracy to unlawfully access Gordon Ramsay Holdings Limited's computer systems at a hearing in London's Central …
John Leyden, 12 Apr 2017

Oh my Microsoft Word: Dridex hackers exploit unpatched flaw

Cybercrooks are actively exploiting an unpatched Microsoft Word vulnerability to distribute the Dridex banking trojan, claim researchers. Booby-trapped emails designed to spread the cyber-pathogen have been sent to hundreds of thousands of recipients across numerous organisations, according to email security firm Proofpoint. …
John Leyden, 11 Apr 2017

Ofsted downplays site security concerns

UK school regulator Ofsted has downplayed security concerns about its website, adding that its policies will be further involved once a planned revamp is completed. El Reg learnt of the concerns from parent Oli, who approached us after failing to receive a response to his concerns either from Ofsted (Office for Standards in …
John Leyden, 11 Apr 2017

Shadow Brokers crack open NSA hacking tool cache for world+dog

The self-styled Shadow Brokers group has made a collection of NSA hacking tools and exploits publicly available. The group released a password for their archive, making it available to all and sundry. They (unsuccessfully) attempted to auction off the trove last year. In a (ranty) statement, Shadow Brokers said it was making …
John Leyden, 10 Apr 2017

iCloud extortion racket nowhere near as epic as we thought it might be

A threat to wipe millions of supposedly compromised iCloud accounts and iPhones has yet to materialise. A security expert who has analysed samples of compromised data has concluded that the threat – such as it is – only exposes a small number of accounts to potential credential-stuffing attacks. The self-styled Turkish Crime …
John Leyden, 07 Apr 2017
Vulture

'Amnesia' IoT botnet feasts on year-old unpatched vulnerability

Hackers have brewed up a new variant of the IoT/Linux botnet "Tsunami" that exploits a year-old but as yet unresolved vulnerability. The Amnesia botnet targets an unpatched remote code execution vulnerability publicly disclosed more than a year ago in DVR (digital video recorder) devices made by TVT Digital and branded by over …
John Leyden, 07 Apr 2017
Trump

'Evidence of Chinese spying' uncovered on eve of Trump-Xi summit

Evidence of Chinese cyber-espionage against the US has been uncovered on the eve of an important Sino-US presidential summit. The "Scanbox" malware – used by nation-state threat actors associated with or sponsored by the Chinese government – has been discovered embedded on webpages on the US National Foreign Trade Council ( …
John Leyden, 06 Apr 2017
malware

F-Secure gobbles up Zdziarski's Little Flocker, spits it into antivirus kit

Updated F-Secure has completely absorbed Little Flocker, the macOS security tool built by computer forensics boffin Jonathan Zdziarski. Financial terms of the deal, announced Thursday, were undisclosed. Zdziarski just recently joined Apple on its security engineering team, so the handover of the paid-for software to F-Secure makes a …
John Leyden, 06 Apr 2017
Sad man stares glumly over boxed contents of desk. Image via shutterstock (Baranq)

Everything's fine, says Cylance, as 'one in five' workers given the boot

+Comment Prominent next-gen antivirus vendor Cylance has confirmed a wide-ranging restructure involving job cuts. In response to queries based on an anonymous tip to El Reg on Tuesday that as many as one in five workers had been shown the door, Cylance confirmed it was restructuring its business without commenting on the job cut …
John Leyden, 05 Apr 2017

Online Trust Alliance merges with Internet Society

Key internet standards-making body the Internet Society (ISOC) and security and privacy org the Online Trust Alliance (OTA) are merging. The move, announced Wednesday, sees an important standards-driver combining with an org that has guided best practices for the commercialisation of the web. From now on the OTA will operate …
John Leyden, 05 Apr 2017

Biting the hand that feeds IT © 1998–2017