John Leyden

Contact Mail Follow Twitter RSS feed
Hadoop

Hadoop experiencing growing pains in lamestream businesses

Apache Big Data Fast, unbridled growth has hurt adoption of Hadoop, according to a leading advocate of the technology. John Mertic, director of program management at ODPi, said that work on Hadoop was often relegated to a "skunkworks" project in many mainstream organisations. "It's effectively stuck," he said during a keynote presentation at …
John Leyden, 16 Nov 2016
Blackmail

New Ransoc extortionists hunt for actual child abuse material

Hackers have unleashed a strain of scammer that activates on compromised computers when it encounters filenames containing strings that have been associated with child abuse clips and images. Ransoc kicks in when it finds potential "evidence" of child abuse material or media files downloaded via torrents on the targeted …
John Leyden, 16 Nov 2016

Analysts apply Occam's razor to Tesco Bank breach

Analysis Security analysts have narrowed down the range of possible explanations for the Tesco Bank breach. Earlier this month Tesco Bank admitted that an estimated £2.5m had been looted from 9,000 accounts. Initially it was feared that money had been taken from 20,000 accounts, but this figure was revised a few days after the breach …
John Leyden, 16 Nov 2016
banksy_hmv_nipper_bazooka_648

Shhh! Shazam is always listening – even when it's been switched 'off'

A security researcher has discovered that when the Mac version of Shazam is switched off, it simply stops processing recorded data. The recording itself continues. The music identification service admits the behaviour but says it only keeps recording purely for technical reasons. Patrick Wardle, a former NSA staffer who heads …
John Leyden, 15 Nov 2016
zombie_648

Origin of the beasties: Mirai botnet missing link revealed as DVR player

Security researchers have discovered a "missing link" in the Mirai botnet that may prompt a rethink in what makes up the zombie network. The release of Mirai's source code in early October revealed that malware scans for telnet before attempting to hack into devices, using a brute-force attack featuring 61 different user/ …
John Leyden, 14 Nov 2016

Adult FriendFinder users get their privates exposed... again – reports

Hundreds of millions of Adult FriendFinder (AFF) accounts appear to have been exposed once again. A database of usernames, emails, and passwords of footloose and fancy free members, along with those from associated websites, has leaked and surfaced online. The breach has not been confirmed by the site’s parent company …
John Leyden, 14 Nov 2016
Embarrassed/exhausted man sits in front of laptop in hipstery office. Photo by Shutterstock

Pay up or your data gets it. Ransomware highwaymen's attacks on small biz octuple

Small businesses faced eight times more ransomware attacks in the third quarter of 2016 than the same quarter last year, according to stats from Kaspersky Lab. Kaspersky Small Office Security thwarted 27,471 attempts to block access to corporate data in Q3 2016, compared to 3,224 similar attacks in Q3 2015. Ransomware makes …
John Leyden, 14 Nov 2016
Q in James Bond

Join the Q: British intel agencies seek tech-savvy apprentices

GCHQ, MI5 and MI6 are searching for would-be Qs, technically minded apprentices keen to cut their teeth working for British intelligence. Would-be tech quartermasters have until 14 November to get in their security service apprenticeship applications for this year's scheme. An apprenticeship "could be a tempting alternative to …
John Leyden, 11 Nov 2016
Russian hacking

Russian banks floored by withering DDoS attacks

At least five Russian banks weathered days-long DDoS attacks this week. A wave of assaults began on Tuesday afternoon and continued over the next two days. Victims include Sberbank and Alfabank, both of which confirmed DDoS attacks on their online services, RT reports. The attacks were powered by compromised IoT devices, …
John Leyden, 11 Nov 2016

Left-wing cyber-hangout blames security breach on pro-Trump trolls

A news and comment website for Democratic voters fears data loss after an attack it blames on pro-Trump hacker trolls. DemocraticUnderground.com's forums were hacked and rendered unavailable on Tuesday afternoon "apparently by a supporter of Donald Trump". "This person clearly knew what they were doing, and despite our best …
John Leyden, 10 Nov 2016

Some! at! Yahoo! knew! about! mega-breach! as! early! as! 2014!

Yahoo! knew it had been compromised by a state-sponsored hackers in 2014 despite not publicly disclosing this crucial information until 2016. The disclosure of some internal knowledge prior to public admission of a problem in September 2016 comes from a recent SEC filling, in paragraphs covering the investigation of the …
John Leyden, 10 Nov 2016
Bank vault

What went wrong at Tesco Bank?

Tesco Bank has enlisted the help of the National Cyber Security Centre (NCSC) following the most serious cyber-attack launched against a UK bank. The attack against the supermarket giant's banking arm involved the theft of £2.5m from 9,000 customers' accounts, funds that the bank quickly reimbursed. Initially theft against 20, …
John Leyden, 10 Nov 2016
Clint Eastwood bounty hunter

Fatigue fears over bug bounty programs

Bug bounty fatigue means that bounty hunters are only picking up the easy-to-find flaws while leaving more difficult-to-tease-out vulnerabilities undiscovered, according to a security testing organization. High-Tech Bridge said its mix of automated scanning and manual inspection is unearthing problems at organizations that …
John Leyden, 09 Nov 2016
London financial centre gherkin etc. photo by shutterstock

Losses and sales up, shares down at Sophos

Losses at London Stock Exchange-listed Sophos have gone up despite increasing sales. For the six months up to 30 September, revenues were $256.9m (£207.4m) compared to $234.2m in the same period a year ago. Losses, however, widened from $13.4m to $24.6m on rising R&D costs and more recurring business. Unified Threat …
John Leyden, 09 Nov 2016
Spam

SpamTorte botnet gets turbo-charged

A revamped version of the Torte botnet malware is turning insecure CMS servers into spam-spewing zombies. SpamTorte 2.0 is a powerful, multi-layered Spambot that is capable of running large-scale spam campaigns while cleverly masking itself to avoid detection, security firm Verint warns. The SpamTorte botnet relies on …
John Leyden, 08 Nov 2016

Synopsys buys Cigital in secure DevOps push

Synopsys has acquired Cigital, the software security services provider, and Codiscope, a 2015 Cigital spinoff and provider of complementary security tools. Terms of the deal, announced Tuesday, were undisclosed. The purchase of Cigital and Codiscope will add “complementary products, services, and a highly skilled workforce” to …
John Leyden, 08 Nov 2016
Prince philip Thames barrier old control room photo Environment Agency

Definitely not another Stuxnet, researchers claim as they demo industrial control rootkit

Black Hat EU Security researchers have come up with another way to hack Programmable Logic Controllers (PLCs) at industrial plants. Ali Abbasi, a PhD student at the University of Twente, and Majid Hashemi, a research engineer at Quarkslab, have developed an attack that involves tweaking the PIN configuration of a system chip in order to …
John Leyden, 08 Nov 2016

Mirai scan tool unleashed

Security researchers have released a Mirai IoT botnet scanning tool. The utility – aimed at consumers and small businesses – allows users to find out if devices on their network are either infected by or vulnerable to the Mirai malware. When users click on "Scan My Network Now", the scanner will discover their public IP …
John Leyden, 07 Nov 2016

Web security still outstandingly mediocre, experts report

Black Hat EU Cross-site scripting (XSS) vulnerabilities continue to dominate the list of most common vulnerabilities found in real-world tests. In more than a third (37 per cent) of cases, a website vulnerable to XSS is also vulnerable to a more critical flaw such as SQL injection or improper access control, according to web security …
John Leyden, 07 Nov 2016

Boffins turn phone into tracker by abusing pairing with – that's right – IoT kit

Black Hat EU Security researchers have worked out how to hack into a smartphone and turn it into a tracking device by abusing its pairing with a Belkin home automation device. Joe Tanen and Scott Tenaglia of Invincea Labs were able to root a WeMo device before injecting code into the WeMo Android app from a compromised WeMo device. The …
John Leyden, 07 Nov 2016
Fraud

Tesco Bank limits online transactions after fraud hits thousands

Tesco Bank has restricted the operations of current accounts after funds were looted from a reported 20,000 accounts. The UK bank has confirmed a fraudulent attack, which is under investigation. In the meantime it has suspended online transactions from current accounts, including contactless transactions. Customer can still …
John Leyden, 07 Nov 2016

Mirai IoT botnet blamed for 'smashing Liberia off the internet'

The West African country of Liberia was allegedly flooded offline this week. Early indications are that miscreants blasted the nation's rudimentary net infrastructure using the same method that rendered hundreds of the world's most popular websites inaccessible at the end of October. Once again the Mirai IoT botnet has been …
John Leyden, 04 Nov 2016

Anti-ultrasound tech aims to foil the dog-whistle marketeers

Black Hat EU Marketeers are coming up with ways to invade our privacy in the interests of serving us ads in a way that goes far beyond the dire predictions of films such as Minority Report. Security researchers are already thinking about countermeasures. Cross-device tracking (XDT) technologies allow marketeers to track the user's visited …
John Leyden, 04 Nov 2016

Build your own IMSI slurping, phone-stalking Stingray-lite box – using bog-standard Wi-Fi

Black Hat EU Wi-Fi networks can tease IMSI numbers out of nearby smartphones, allowing pretty much anyone to wirelessly track and monitor people by their handsets' fingerprints. Typically, if you want to stalk and identify strangers via their IMSI numbers, you use a Stingray-like device, or any software-defined radio, that talks to …
John Leyden, 03 Nov 2016
shutterstock_184661174

Sophos buys Irish Barricade

Sophos has bought Barricade, an Irish security analytics start-up. Barricade has built a behaviour-based analytics engine based on machine learning techniques that has applications in malware detection. The technology will be used to enhance the security capabilities of Sophos' network and endpoint protection portfolio. …
John Leyden, 03 Nov 2016