John Leyden

Contact Mail Follow Twitter RSS feed
The NSA Unchained

The big boys made us do it: US used German spooks to snoop on EU defence industry

Germany's BND spy agency spied on European politicians and enterprises at the behest of the NSA for over a decade. Der Spiegel reports (in German) that for years the NSA sent its counterparts at the BND (Bundesnachrichtendienst – Germany's Federal Intelligence Service) thousands of so-called selectors – IP addresses, emails, and …
John Leyden, 24 Apr 2015
Derailed train wagon. Pic: New York MTA

UK rail signals could be hacked to cause crashes, claims prof

The rollout of a next generation train signalling system across the UK could leave the network at greater risk of hack attacks, a university professor has claimed. Prof David Stupples warns that plans to replace the existing (aging) signalling system with the new European Rail Traffic Management System (ERTMS) could open up the …
John Leyden, 24 Apr 2015
Samsung Galaxy S5

Got a Samsung Galaxy S5? Crooks can steal your fingerprint – claim

RSA 2015 Malware can snaffle fingerprints used to unlock Samsung Galaxy S5 smartphones thanks to a security blunder, researchers claim. The vulnerabilities, due to be discussed at the RSA security conference in San Francisco this week, may be present in non-Samsung Android mobiles, too. Today's smartphones recognize their owners' …
John Leyden, 23 Apr 2015

Infosec bods can now sniff out the NSA's Quantum Insert hacks

Security researchers have developed a method for detecting NSA Quantum Insert-style hacks. Fox-IT has published free open-source tools to detect duplicate sequence numbers of HTTP packets, with different data sizes, that are the hallmarks of Quantum Insert. The utilities developed by Fox-IT are capable of exposing fiddling with …
John Leyden, 23 Apr 2015
Headshot of Trojan horse

Banking trojan scourge gallops on, despite more fences

RSA 2015 Banking botnets persist as a threat despite recent high-profile takedowns which only achieve a temporary calming effect, according to a new study from Dell SecureWorks. Between mid-2014 and early 2015, coordinated efforts involving law enforcement and private-sector industry disrupted three of the most active banking botnets ( …
John Leyden, 23 Apr 2015
The US White House. Pic: Roman Boed

CozyDuke hackers targeting prominent US targets

A newly discovered group of cyber-spies are closely targeting high profile US targets, possibly including both the White House and the State Department. The so-called CozyDuke hackers make extensive use of spear-phishing, sometimes using emails containing a link to a hacked (otherwise legitimate) websites such as "diplomacy.pl …
John Leyden, 22 Apr 2015
Meme of a dog "typing" at a computer, with the large font phrase "I have no idea what I'm doing' above him.

It's official: David Brents are the weakest link in phishing attacks

Middle management are increasingly becoming the focus of phishing attacks, according to a new study. Managers received more malicious emails and doubled their click rates year-on-year, according to a study by security company ProofPoint. Senior staff seemed more clued up about dodgy emails, meaning managers and staff clicked on …
John Leyden, 22 Apr 2015

ID yourself or get NOTHING (except Framework), snarls Metasploit

Metasploit Pro and Community users outside North America now need to prove who they are, thanks to changes introduced this week and a tightening of encryption export rules. The open source Metasploit Framework (a computer security project) is not affected by the new rules. "[This] is yet another reminder that governments have …
John Leyden, 21 Apr 2015

Nork hackers no pantomime villains, but a hugely unpredictable menace

RSA 2015 North Korea's cyber attack on Sony Pictures revealed two uncomfortable truths about cybersecurity: businesses don't have to be an obvious target to get hacked, and their aggressors don't have to be superpowers. Welcome, ladies and gentleman, to the world of asymmetric warfare on the interwebs, a themes that's likely to feature …
John Leyden, 21 Apr 2015
Hacked US CENTCOM Twitter account

IT'S WAR: Hacktivists throw in their lot with spies and the military

Feature Hacktivism has lost its innocence. Once characterised in the early days of Anonymous back in 2008 by assaults against the Church of Scientology, it has now become part and parcel of far darker plans, such as the spread of terrorist propaganda by Islamic militants. Meanwhile, over in the Ukraine, cyber militias of patriot hackers …
John Leyden, 20 Apr 2015
Raytheon Patriot

Raytheon borgs Websense to create cybersecurity behemoth

Defence giant Raytheon has agreed a deal with Vista Equity Partners to form a new company combining Websense with Raytheon Cyber Products. The new joint venture (Raysense? Webtheon?) will combine Raytheon Cyber Products with Websense's TRITON line of web filtering and other enterprise security products. Raytheon – known for the …
John Leyden, 20 Apr 2015
The Kremlin in Moscow. Pic: Pavel Kazachkov

Kremlin hackers exploited TWO 0-day Flash, Windows vulns

A hacking group probably backed by Russia has been making use of two zero-day exploits to target foreign governments. The so-called "Operation RussianDoll" attackers used zero-day exploits in Adobe Flash and Windows to target a specific foreign government organisation. Security firm FireEye says the pattern of the attacks fits …
John Leyden, 20 Apr 2015

Anonymous unleashes online petition against US info-sharing bills

Activist and hacktivist collective Anonymous has launched an online awareness-raising operation opposing pending controversial US information-sharing bills. Critics from across the political spectrum, including libertarian-minded technologist Robert Graham, argue that the Cybersecurity Information Sharing Act sacrifices privacy …
John Leyden, 20 Apr 2015

Colombian hacker who spied on gov-rebel peace talks jailed for 10 years

A Colombian hacker has been incarcerated for 10 years for spying on the local government’s peace talks with Marxist rebels, among other offences, Fox News Latino reports. Andrés Sepúlveda received the harsh sentence even after he admitted snooping on both sides during government negotiations with the Revolutionary Armed Forces …
John Leyden, 17 Apr 2015
Two upended shopping trolleys in an alleyway. Photo by Cyron, licensecd under CC 2.0

Bank-card-sniffing shop menace Punkey pinned down in US Secret Service investigation

Security researchers have identified a new strain of point-of-sale (POS) malware during an investigation led by the US Secret Service. Stolen payment card information and the IP addresses of more than 75 infected sales tills were found by security researchers at Trustwave during the probe. It's unclear how many victims the so- …
John Leyden, 16 Apr 2015

Miscreants rummage in lawyers' silky drawers at will, despite warnings

UK data privacy watchdogs at the ICO investigated 173 UK law firms for reported breaches of the Data Protection Act (DPA) last year. A total of 187 incidents were recorded last year, with 173 firms investigated for a variety of DPA-related incidents, of which 29 per cent related to "security" and a similar 26 per cent related to …
John Leyden, 16 Apr 2015

Ukraine conflict spilling over into cyber-crime, warns former spy boss

Infiltrate Russian intelligence has begun sharing advanced malware developed for cyber-espionage with cyber-criminals, a former Canadian spy boss warns. Ray Boisvert, former assistant director and head of intelligence for the Canadian Security Intelligence Service (CSIS), told El Reg that Russian security agencies are sharing advanced …
John Leyden, 16 Apr 2015
You can't fight in here, this is the war room!

APT group hacks cyber-spy gang in spy-on-spy pwnage

Cyber-spy groups, whose numbers are growing with little constraint, have begun hacking each other. Hellsing, a small and technically unremarkable cyber-espionage group, was subjected to a spear-phishing attack by another threat actor last year, before deciding to strike back with its own malware-infected emails. The aftermath …
John Leyden, 16 Apr 2015
Cisco 7609 router interface cabling

Troubleshooting feature on Cisco routers is open to data-slurp abuse

Infiltrate A default feature of Cisco routers can readily be abused to collect data, security researchers warn. Embedded Packet Capture (EPC) was designed by Cisco as a troubleshooting and tracing tool. The feature allows network administrators to capture data packets flowing through a Cisco router. Brazilian security researchers Joaquim …
John Leyden, 15 Apr 2015
Hack the planet

Verizon to world: STOP opening dodgy phishing emails, FOOLS

Phishing and web app security problems remain the most common way for hackers to gain access to sensitive information, according to US telco giant Verizon. Two out of three breaches were the result of weak or swiped passwords, making a case for strong two-factor authentication, the latest edition of Verizon’s annual Data Breach …
John Leyden, 14 Apr 2015

Backdoor bot brains snatched after cops, white hats raid servers

Microsoft and Interpol have teamed up to derail a malware infection that compromised more than 770,000 Windows PCs worldwide. Simda is a “pay-per-install” software nasty: fraudsters pay miscreants some sum of money for every 1,000 or so machines they compromise. The hackers effectively earn cash by selling access to the infected …
John Leyden, 13 Apr 2015
Cartoon of  green skeletal figure reaching out of phone

Fraudsters target Nazi Android malware at Russian bank customers

Alleged members of a gang of "cyber-fascist" Android malware-slingers have been arrested in Russia. The alleged perps behind the scam targeted customers of Russian bank Sberbank with software they called "Fifth Reich", which used Nazi symbols in the management system. Fraudsters targeted malware attacks at Android-operated …
John Leyden, 13 Apr 2015

'Chinese hackers' were sniffing SE Asian drawers for YEARS

Security researchers have exposed a decade-long cyber-spying campaign that targeted south-east Asia and India since 2004. The so-called APT 30 hackers are likely to be agents of the Chinese government, according to network security company FireEye. APT 30's primary goal appears to be the theft of sensitive information for …
John Leyden, 13 Apr 2015

Spanish election site in security cert warning screwup snafu

Updated Website crypto problems on the Spanish online voting registration website are causing it to generate all manner of security warnings. Attempts to visit the sede.ine.gob.es site – run by Spain's National Statistics Institute and introduced this year for municipal/regional elections – typically lead to users being confronted with …
John Leyden, 13 Apr 2015
Brute Force

Cisco and Level 3 team up to squash brute force server hijackers

Cisco and service provider Level 3 have teamed up take down netblocks linked to brute-force hack kingpins SSHPsychos, severely degrading (but not destroying) the group's potential to hack servers in the process. Hacker collective SSHPsychos (AKA Group 93) has been running SSH brute force attacks on an industrial scale since June …
John Leyden, 10 Apr 2015
Ransom note saying "Pay Up" in blackmail type

Cyber-crypto-criminal-cock-up. Little money and (probably) embarrassed

A newly released crypto-ransomware strain has been broken, thus allowing victims — in over two out of three cases — to get back their data without paying. The Scraper ransomware has a flaw, meaning that in about 70 per cent of cases files can be decrypted, according to Kaspersky Labs, with the Russian security firm publishing a …
John Leyden, 10 Apr 2015

Bad news everyone: Cybercrime is getting even easier

The volume of malware threats is actually on the decline despite the increase in breaches, according to a study from Websense Security Labs. Websense Security Labs logged 3.96 billion security threats in 2014, which was 5.1 per cent less than 2013. Despite this, the number of high-profile breaches increased. Hackers have …
John Leyden, 09 Apr 2015
Pinterest security

Pinterest, Yammer scramble to patch login thievery headaches

Pinterest has patched a vulnerability that meant its iPhone app leaked passwords to other surfers on the same network. An earlier version of the Pinterest iOS app fails to validate the server certificate, potentially allowing a suitably positioned attacker on the same network to steal login credentials related to the photo …
John Leyden, 08 Apr 2015

Dell System Detect update vulnerability exposed

Dell System Detect doesn't auto-update automatically, leaving millions of systems vulnerable as a result, according to security software firm F-Secure. Even though Dell disputes the problem with its application which interacts with the Dell Support website, F-Secure's claim is based on real figures regarding queries about older …
John Leyden, 08 Apr 2015
Internet of Things

The Internet of Stuff is a gigantic ultra-perv robbery network – study

IoT devices facilitate robbery, stalking and cybercrime. That's the downbeat conclusion of a new study by app security firm Veracode into the insecurity of connected devices. Veracode reached its conclusion after looking into a variety of IoT kit, finding they are often designed without data security or privacy in mind. The …
John Leyden, 08 Apr 2015

Can't patch this: Mozilla pulls Firefox encryption feature after just a week

Mozilla has pulled Firefox 37's opportunistic encryption feature after less than a week when it learned that tech designed to enhance security actually broke SSL certificate validation. A simple patch wouldn't do the trick, so Mozilla opted to release an update, Firefox 37.0.1, that removed opportunistic encryption. Going into …
John Leyden, 07 Apr 2015

France accused of tabling 'Patriot Act' style surveillance law

Privacy advocates have criticised French plans to expand digital surveillance as badly thought out and rushed. A bill (“Projet de Loi Relatif au Renseignement”) – which was drawn up before the Charlie Hebdo and Hyper Casher supermarket attacks – is due to go before the National Assembly next week under an accelerated legislative …
John Leyden, 07 Apr 2015
management governance3

E-commerce enterprises gently told to update those protocols ... or else

A revamp in payment card industry regulations due out later this month will penalise e-commerce enterprises that rely on outdated crypto protocols. The PCI Security Standards Council updated standard – PCI DSS 3.1 – mandates that businesses move away from SSL onto more modern TLS protocols. The council is introducing the …
John Leyden, 07 Apr 2015
Lock security

Check Point snaps up mobile security outfit Lacoon

Check Point is buying Lacoon Mobile Security, in a deal that expands the security software firm beyond its core firewall and IDS market while pushing it further into mobile. Terms of the deal, announced Thursday, were undisclosed. Lacoon develops security apps for both iOS and Android, as well as marketing real-time mobile …
John Leyden, 02 Apr 2015
Costumed pirate

Fake Pirate Bay site pushes banking Trojan to WordPress users

Multiple WordPress sites are being redirected to a Pirate Bay copycat which in turn was being used to sling malware, anti-malware firm Malwarebytes warns. Several WordPress sites were injected with the same iframe over the last few days as part of an attack ultimately geared towards serving content from sites such as …
John Leyden, 01 Apr 2015
Spying image

Mystery 'Explosive' cyber-spy campaign traced back to Lebanon

A nation-state cyber-attack campaign running since 2012 has been traced back to a somewhat unlikely launchpad in Lebanon. Security researchers at Check Point reckon hackers behind the so-called Volatile Cedar campaign have hit defence contractors, telecommunications and media companies, and educational institutions in multiple …
John Leyden, 01 Apr 2015

How a hack on Prince Philip's Prestel account led to UK computer law

This week marks the 30th anniversary of arrests in the infamous Prestel hack case. It led to arrests, breached the Royal Family's security and helped give birth to the UK's first computer crime law. What began as a hack against the Prestel Viewdata system – which opened up access to Prince Philip's mailbox – later led to the …
John Leyden, 26 Mar 2015
Iranian President Mahmoud Ahmadinejad receives news of the successful 'Omid' launch

Spookception: US spied on Israel spying on US-Iran nuke talks

Israel spied on the recent US-Iran nuclear talks, alleges America. And the US knows enough about it to say it publicly because the NSA is spying on Israel, along with everyone else. The Wall Street Journal reports that Israel handed over confidential information from the negotiations to friendly members of the US Congress in a …
John Leyden, 25 Mar 2015

BT Home Hub SIP backdoor blunder blamed for VoIP fraud

Flaws in a BT Home Hub set-up are being blamed for helping facilitate a VoIP scam. El Reg reader Keith Harbridge, an independent IT consultant, said his client, a firm of solicitors, is just one of number of companies stung by the scam, which occurred in early March. Independent security consultants at Pen Test Partners …
John Leyden, 25 Mar 2015
firing range - target in cross hairs

Apple is picking off iOS antivirus apps one by one: Who'll be spared?

Confusion reigns over whether or not Apple is really pulling all iOS antivirus apps from its online software store. One leading developer says yes, another says no, and Apple is keeping schtum. Security specialist Intego claims the Cupertino idiot-tax operation has yanked anti-malware tools from the iOS App Store, leaving just …
John Leyden, 24 Mar 2015

Dell denies 'insecure autoupdate app' flings open PC backdoor

Dell has denied building backdoors into its kit following a security researcher's discovery of an insecure update assistant app. Tom Forbes alleges that the Dell Service Tag Detector app* is so insecure that it creates a backdoor on machines it is installed upon. More specifically, Forbes alleges that the app caries a Remote …
John Leyden, 24 Mar 2015
All UK police forces use Tetra

More than 260 suspects charged in UK child abuse crackdown

Teachers, a retired magistrate, a doctor, and civil servants are among 264 suspected paedophiles charged as part of a major UK police operation targeting those accessing child abuse images online. Operation Notarise, which launched around a year ago, is the biggest UK inquiry into people allegedly sharing child abuse images …
John Leyden, 20 Mar 2015
Abbott and Costello dressed as policemen

NYPD cop in court for allegedly hacking into the FBI

A New York City Police Department auxiliary deputy inspector faces charges of hacking into a restricted NYPD computer and other law enforcement databases, including a system maintained by the FBI. Yehuda Katz, 45, of Brooklyn, New York, allegedly used the databases to obtain information about local traffic accident victims …
John Leyden, 20 Mar 2015

Rocket Kittens target defence and IT bods from Europe & Israel

A seemingly state-sponsored hacking crew has compromised systems in several organisations in Israel and Europe, according to new research by Trend Micro. The so-called Rocket Kitten group has targeted defence and IT industries, government entities and academic institutions. Victims include civilian and academic organisations in …
John Leyden, 20 Mar 2015

OpenSSL 'high' severity flaw just a puny DoS risk

OpenSSL patched a “high” severity flaw as part of a patch batch on Thursday that turned out to be nowhere near as scary as widely feared. Fortunately, fears the software update might address another Heartbleed have been confounded. The worst of the flaws – dubbed ClientHello (CVE-2015-0291) – is simply a DoS risk, as an advisory …
John Leyden, 19 Mar 2015
Bank vault

Banks defend integrity of passcode-less TouchID login

Royal Bank of Scotland and NatWest have played down claims by a security researcher that their new Touch ID banking login feature might be circumvented, arguing the hack would only be possible with jail-broken iPhones — the use of which is not recommended. Last month, RBS and NatWest became the first UK-based banks to offer …
John Leyden, 19 Mar 2015
2001: A Space Odyssey

GCHQ: Ensure biz security by STOPPING everyone from TALKING

GCHQ is advising organisations to consider stripping staff of smartphones and memory sticks in order to make themselves less exposed to cyber attacks. The advice from the intelligence agency's CESG (Communications-Electronics Security Group) information assurance arm comes against a backdrop of increased concerns about the theft …
John Leyden, 19 Mar 2015
James Franco clutches puppy alongside Seth Rogen in a still from The Interview

NORK internet outage was payback for Sony hack – US politician

A North Korea network outage last December came in retaliation for the Sony hack, a US lawmaker claims. Michael McCaul of Texas – Republican chairman of the House Homeland Security Committee – linked disruption of North Korea's thin internet pipe to the earlier devastating attack against Sony Pictures Entertainment. “There were …
John Leyden, 18 Mar 2015

Fatally flawed RC4 should just die, shout angry securobods

Security researchers have banged another nail into the coffin of the ageing RC4 encryption algorithm. The latest password recovery attacks against RC4 in TLS by Christina Garman of Johns Hopkins University, Prof. Kenny Paterson and research student Thyla van der Merwe (both of Royal Holloway, University of London) show that …
John Leyden, 18 Mar 2015
jack russells racing with knitted 'jockeys' on their backs

Betting exchange WBX closes, Betfair romps on

Betting exchange WBX is pulling down the shutters on its operation, citing increased regulatory compliance costs and competition from market leader Betfair in its decision to close. WBX suspended betting and closed its exchange on Monday. No further bets can be staked, but unsettled bets on longer-term markets will be honoured …
John Leyden, 17 Mar 2015