Feeds
The Register Columnists

John Leyden

Contact Mail Follow Twitter RSS feed

Show Mother Russia you love her: Click HERE and AHHH NYET!

Software being offered to patriotic Russians as a way to attack Western governments, especially the US, is actually loaded with malware that attacks supporters' computers, security researchers warn. Hackers have crafted ingenious spam messages that help them deliver the Trojan to those who support the Russian cause and are …
John Leyden, 26 Aug 2014

Loss of unencrypted back-up disk costs UK prisons ministry £180K

The UK's Ministry of Justice has been fined £180,000 following the latest in a series of failures involving how prisons handle private information. The penalty (PDF) follows the loss of a back-up hard drive at HMP Erlestoke prison in Wiltshire back in May 2013. The *unencrypted* hard drive contained sensitive and confidential …
John Leyden, 26 Aug 2014

‪‪Email list hack flap at 'sleep with a stranger' site Couchsurfing‬

‪CouchSurfing’s email distribution system was breached before messages ostensibly promoting a rival hospitality exchange were sent to many of its one million members.‬ The email headed "Site Improvements" might appear on casual inspection to prompt recipients towards rival paid-for service Airbnb. ‪CouchSurfing hosts and guests …
John Leyden, 26 Aug 2014

Renegade NSA, GCHQ spies help fix Tor vulns, claims project boss

GCHQ and NSA cyber-spooks secretly report vulnerabilities in Tor so they can be patched, a leading developer of the anonymity-preserving software has claimed. Andrew Lewman, the Tor Project's executive director, claimed that some spies place a higher priority on fixing flaws in the privacy-preserving technology than keeping …
John Leyden, 22 Aug 2014
Bitcoins

Brainboxes caught opening Bitcoin fraud emails. Seriously, guys?

Cybercrooks have launched a phishing campaign targeting Bitcoin users – and it's enjoying high response rates despite the seemingly random spraying of corporate email addresses with the spam-based scam. Security-as-a-service provider Proofpoint has detected 12,000 messages sent in two separate waves to more than 400 …
John Leyden, 22 Aug 2014

Cyber spies whip out 'Machete', stride towards Latin America

Security watchers are tracking a new cyber-espionage campaign that appears to be targetting Latin American countries including Venezuela, Colombia and Ecuador. The so-called "Machete" campaign has been zoning in on governments, military and law enforcement agencies and embassies in South America for the last four years, stealing …
John Leyden, 21 Aug 2014
Windows 8.1 update 1 power search

Microsoft: We plan to CLEAN UP this here Windows Store town

Microsoft has promised to crack down on rogue apps in its Windows Store following criticisms that the marketplace is littered with "scam" software. Windows Store – which debuted with Windows 8 – is littered with misleading apps. Typical problems include knock-off "unofficial" packages of free apps such as the VLC media player. …
John Leyden, 21 Aug 2014
Malaysia Airlines Boeing 777 9M-MRO

Chinese hackers spied on investigators of Flight MH370 - report

Malaysian officials investigating the disappearance of flight MH370 have been targeted in a hacking attack that resulted in the theft of classified material. The malware-based hacking attack hit around 30 PCs assigned to officials in the Malaysia Airlines, the Civil Aviation Department and the National Security Council, a …
John Leyden, 21 Aug 2014
LG’s Bluetooth Magic Remote

RealVNC distances itself from factories, power plants, PCs hooked up to password-less VNC

A scan of the public internet by security researchers has seemingly revealed thousands upon thousands of computers fully accessible via VNC – with no password required. Worryingly, the unsecured systems – from PCs and shopping tills to terminals controlling factories and heating systems – are at the mercy of any passing …
John Leyden, 21 Aug 2014

Heartbleed implicated in US hospital megahack

The Heartbleed flaw is responsible for the high-impact US hospital hacking attack disclosed this week, an unnamed investigator told Bloomberg. As many as 4.5 million patient records have been exposed in an attack against Community Health Systems, a US hospital group that manages more than 200 hospitals. China-based attackers …
John Leyden, 20 Aug 2014

Brother, can you spare a DIME for holy grail of secure webmail?

Lavabit founder Ladar Levison promised attendees at security conference DefCon that he'd carve out a secure messaging service from the wreckage of the email service favoured by rogue NSA sysadmin Edward Snowden within six months. The Dark Internet Mail Environment (DIME) project is promising, but recent problems experienced by …
John Leyden, 20 Aug 2014
The Blue Mosque in Istanbul

Dozens of COPS cuffed in Turkish Prime Minister's wiretap probe

Twenty-five more cops were arrested in Turkey on Tuesday amid a widening probe into wiretaps on the country's Prime Minister Recep Tayyip Erdoğan and other key officials. The arrests were made during nationwide raids in cities including Istanbul and Izmir for an investigation into allegations of unauthorized spying, AFP reports …
John Leyden, 19 Aug 2014

Germany 'accidentally' snooped on John Kerry and Hillary Clinton

Calls made by US secretary of state John Kerry and his predecessor Hillary Clinton were "accidentally" intercepted by German intelligence agencies, Der Spiegel reports. The Bundesnachrichtdienst (BND), the German intelligence service, snooped on a satellite phone conversation that Kerry made in 2013, a year after it intercepted …
John Leyden, 18 Aug 2014

Something's phishy: More holiday scam spam flung at real hotel customers

Multiple customers at several hotels are getting hit up with a sophisticated phishing scam based on real hotel bookings. The latter all share the common factor of being made through Booking.com. Last week we reported how the wife of a Reg reader received a scam email after booking a family holiday in a hotel in Mallorca, Spain …
John Leyden, 18 Aug 2014

Revealed ... GCHQ's incredible hacking tool to sweep net for vulnerabilities: Nmap

For the past five years, British spying nerve-center GCHQ has been port scanning internet-connected computers in 27 countries – in a exhaustive hunt for systems to potentially exploit. That bombshell comes amid fresh leaks detailing the dragnet surveillance programs operated by the Five Eyes nations: America, UK, Canada, …
John Leyden, 15 Aug 2014
apple mac malware vxer

Don't think you're SAFE from Windows zombies just 'cos you have an iPhone - research

Fanbois aren't safe from Windows malware - and it's all down to iTunes syncing. The music software's sync is the Achilles' heel that could expose otherwise secure iOS devices to malware, security researchers warn. Simply connecting an iPhone or iPad to an infected Windows machine through a USB cable leaves it vulnerable to …
John Leyden, 15 Aug 2014

It's time for PGP to die, says ... no, not the NSA – a US crypto prof

A senior cryptographer has sparked debate after calling time on PGP – the gold standard for email and document encryption. Matthew Green is an assistant research professor who lectures in computer science and cryptography at Johns Hopkins University in Maryland, US. This week, on his personal blog, he argued that it's "time for …
John Leyden, 14 Aug 2014

Russian PM's Twitter hacked to slap down Putin, post fake resignation

The Twitter feed of the Russian prime minister was hacked on Thursday to post false claims that Dmitry Medvedev had resigned to try his hand as a freelance photographer. The Russian-language profile, which boasts more than 2.5 million followers, was also updated with messages criticising Russia's president, Vladimir Putin. …
John Leyden, 14 Aug 2014

SynoLocker Trojan crime gang: We QUIT this gig

A ransomware Trojan gang appears to be moving on, and has offered to sell its remaining decryption keys in bulk for 200 BTC ($103,000, £61,500). Cybercrooks behind the recent SynoLocker Trojan – which targets the network attached storage devices manufactured by Synology – have apparently decided to cash out on their ill-gotten …
John Leyden, 14 Aug 2014

Five Totally Believable Things Car Makers Must Do To Thwart Hackers

Car manufacturers are urged to implement a five-step program to improve their motors' computer security defenses. Today's rides are PCs on wheels and thus vulnerable to all sorts of potential hacks – such as the ones documented by Charlie Miller and Chris Valasek in their paper A Survey of Remote Automotive Attack Surfaces, here …
John Leyden, 14 Aug 2014
ISIS leader Shakir Wahiyib with Facebook thumbs-up

Snowden leaks show that terrorists are JUST LIKE US

NSA whistleblower Edward Snowden's media allies have launched a counteroffensive against allegations by intelligence agencies that terrorists have upped their game in cryptography as a result of his leaks about NSA spying. Glenn Greenwald's The Intercept published leaked GCHQ mobile phone OPSEC guidance from 2010 alongside …
John Leyden, 13 Aug 2014
The Blue Mosque in Istanbul

LulzSec supergrass Sabu led attacks against Turkey – report

Just months after reports emerged that LulzSec "kingpin" turned FBI snitch Hector Xavier Monsegur had allegedly led cyber-attacks against foreign governments while under FBI control, a "cache of sealed court documents" has provided some more startling reading. Monsegur – who prosecutors insist is "Sabu", a leading figure in …
John Leyden, 13 Aug 2014

No Apple fanbois here: Man United BANS iPads from Old Trafford

Manchester United is banning tablets from Old Trafford on match days as part of a tightening-up of security procedures to reflect heightened terrorist concerns.‬ Large electronic devices including laptops and tablets will be added to the list of prohibited items as a result of security concerns, the Premier League side said in a …
John Leyden, 13 Aug 2014
android malware mobile iphone

Chinese cops cuff teen over Heart App Android malware flap

Chinese authorities have arrested a 19-year-old suspected of unleashing a fast spreading strain of malware that infects Android smartphones. Police told Chinese newspapers including Sina.com that "Li", a 19-year-old software engineering student, was cuffed in Shenzhen on suspicion of creating the Heart App Android malware within …
John Leyden, 12 Aug 2014

Maybe it's because I'm a Londoner: Capital is top target for computer thieves, say police

Computer kit including smartphones, laptops, tablets and desktop themselves, is twice as likely to be stolen in reported thefts in London compared to other regions in the UK. A series of Freedom of Information (FOI) requests from security and communications firm ViaSat revealed the theft of electronic devices crops up in 34 per …
John Leyden, 11 Aug 2014
Hacker image

GCHQ recruits spotty teens – for upcoming Hack Idol

The GCHQ-backed Cyber Security Challenge UK is bringing cybersecurity education to UK schoolkids aged from 12 to 18 with the importation of the US-created Cyber Patriot programme. The US Air Force Association ​CyberPatriot youth programme involves as battle of wits in cyberspace involving 1,500 international teams of under-18s …
John Leyden, 11 Aug 2014
An alternative Yahoo! logo, courtesy of a Flickr user

CryptoWall! crooks! 'turn! to! Yahoo! ads! to! spread! ransomware!'

Crooks are using Yahoo!'s advertising network to infect PCs with the CryptoWall ransomware, it's claimed. Windows software nasty CryptoWall encrypts a victim's files using an OpenSSL-generated key pair before demanding a ransom to decrypt the data. It communicates with its masters using RC4-encrypted messages to command servers …
John Leyden, 11 Aug 2014
Nuclear bomb image

Intruder alert: Cyber thugs are using steganography to slip in malware badness

Common or garden cybercrooks have taken to using steganography – the art of hiding secret information within another image or message file – to run a click-fraud scam. Steganography has long been the stuff of spy trade-craft and cypherpunk novels, but now cybercrooks have made the practice downmarket by applying it to the Lurk …
John Leyden, 08 Aug 2014
Photo of a stack of $100 bills

Smartcard firm Gemalto slurps SafeNet in $890m securo-boost deal

Security company Gemalto is buying data protection firm SafeNet. The deal, announced Friday, is valued at $890m and is being financed through cash and existing long-term credit facilities. Once completed the acquisition will add data protection technologies to Gemalto's core authentication products and services (e.g. smartcards …
John Leyden, 08 Aug 2014
Brute force

Hey guys. We've got 1.2 BILLION stolen accounts here. Send us your passwords, 'cos safety

The backlash is growing against the infosec firm that claimed it had uncovered a Russia-based gang's stash of 1.2 billion nicked website passwords. Hold Security claimed the gang was hoarding over a one billion unique stolen usernames and passwords, siphoned off from insecure websites vulnerable to SQL injection and other common …
John Leyden, 07 Aug 2014
padlock

HTTP-Yes! Google boosts SSL-encrypted sites in search results

Google plans to reward websites that always use secure, encrypted HTTPS connections to transmit pages and exchange data – with a boost to their search rankings. The change is designed to promote improved online security in particular by encouraging developers to implement SSL/TLS (Transport Layer Security) to encrypt website …
John Leyden, 07 Aug 2014
Microsoft OneDrive

Microsoft OneDrive tip-off leads to arrest over child abuse images

Microsoft's tip-off has led to the arrest of a Pennsylvania man subsequently charged with receiving and sharing child abuse images. The as-yet-unnamed suspect is alleged to have saved an indecent image involving a young girl to a OneDrive cloud storage account. Prosecutors allege in court documents that the suspect subsequently …
John Leyden, 07 Aug 2014
Evil Android

Android banking apps vulnerable to cash theft by CAS hole hackers

Hackers can swipe login credentials and other sensitive data from one in 10 Android banking apps, and about six per cent of all Android apps, IBM researchers warn. Users should avoid using the vulnerable apps, which were built using Apache Cordova up to version 3.5.0, until they have been updated to squash the bug. Big Blue's …
John Leyden, 06 Aug 2014

CryptoLocker victims offered free key to unlock ransomed files

Security researchers have released a tool that allows victims of the infamous CryptoLocker ransomware to unlock their computers at no charge. DecryptoLocker from net security firm FireEye and threat intelligence company FoxIT offers a cure for the estimated 500,000 victims of CryptoLocker. Victims need to upload a CryptoLocker- …
John Leyden, 06 Aug 2014
snowden SXSW

Edward Snowden's not a one-off: US.gov hunts new secret doc leaker

It appears former NSA contractor Edward Snowden is not the only leaker of secret US documents around, as the US government searches for another whistleblower in the aftermath of another leak of classified information. CNN reports that leaked documents related to a terrorist watch list and published by The Intercept (a site …
John Leyden, 06 Aug 2014
Homer Simpson confronts rigged voting machine

White Hats splat Black Hat chats: Talks on home alarm flaws and Russian spy tools axed

Two further talks have been pulled from this year's Black Hat USA program. A presentation on weaknesses in home security alarms systems, and another about Russian espionage software, have been yanked from the annual hacking conference, which opens today in Las Vegas, Nevada. The move follows the cancellation of a presentation …
John Leyden, 05 Aug 2014
balaclava_thief_burglar

Google on Gmail child abuse trawl: We're NOT looking for other crimes

Google has said its scanning for child abuse images on Gmail and other services does not extend to searching for evidence of other crimes. US police recently arrested a registered sex offender after Google notified the authorities about illegal photos of children that were allegedly found in the 41-year-old's Gmail account. The …
John Leyden, 05 Aug 2014

UK WhatsApp duo convicted of possessing extreme porn

Two UK men have been convicted of possessing extreme pornography, received via WhatsApp, in a case also involving the distribution of images featuring bestiality.‬ A judge accepted that they hadn't solicited the shock images and one claimed he didn't watch the material he'd been sent. Nonetheless, Gary Ticehurst, 28, of Canvey …
John Leyden, 05 Aug 2014
US Secretary of State John Kerry. Credit: Nostri Imago, Flickr

Israel snooped on John Kerry's phone calls during Middle East peace talks

Israeli spies are alleged to have snooped on John Kerry’s phone calls during recent Middle East peace talks. The IDF tapped the US Secretary of State's unencrypted calls while trying to broker a ceasefire between Israel and the Palestinian Authority, Der Spiegel reports sources as saying. Kerry used both encrypted and open …
John Leyden, 05 Aug 2014
Remy from Ratatouille

Why no one smells a RAT: Trojan uses YAHOO WEBMAIL to pick up instructions

Cybercrooks commonly run botnet command-and-control networks using servers or (less frequently) a peer-to-peer network, but one gang of scammers has broken the mould by managing a Trojan using Yahoo webmail. The recently discovered IcoScript Trojan is a classic remote administration tool (RAT), but what makes it highly unusual …
John Leyden, 05 Aug 2014
Fish and chips lunch before the challenge

Crumbs! Holiday phish based on genuine hotel booking surfaces

Scammers have launched a devious phishing campaign aimed at tricking customers of targeted hotels into transferring funds to a drop account. Securobods suggested cybercrooks either hacked into a Spanish hotel's system or persuaded someone to hand over customer records on a false pretext before using the purloined details to …
John Leyden, 04 Aug 2014
Flag of Israel; credit James Emery

Snowden latest: NSA targets Gaza, pumps intelligence to Israel

According to the latest drop of leaks from NSA whistleblower Edward Snowden, the US spy agency provides financial assistance, weapons and signals intelligence to Israel. The Intercept reports that Canadian, British and Jordanian signals intelligence is also shared with Israel. This intelligence relates to Palestinian targets, …
John Leyden, 04 Aug 2014
Scotland

Pentagon hacker McKinnon can't visit sick dad for fear of extradition

Pentagon hacker Gary McKinnon is afraid tor visit his sick father in Glasgow after advice from his lawyers about the possibility of extradition. McKinnon's father, Charlie, is in hospital after suffering a stroke. But lawyers for the London-based hacker have advised him against visiting his dad in hospital in Scotland because …
John Leyden, 01 Aug 2014
padlock

IBM snaps up identity access gatekeeper tech

IBM has snapped up privately held security software firm CrossIdeas. Financial terms of the deal, announced Thursday, were undisclosed. Rome, Italy based CrossIdeas has been developing identity access technology since 2011. Its technology allows CISOs and security teams in big companies to automatically detect conflicts in …
John Leyden, 01 Aug 2014

Grabby baddie scours Paddy Power's towers: 650k punters leaked and it took 4 years to admit it

Irish bookmakers Paddy Power has admitted miscreants copied from its systems more than 649,000 customer records containing personal information. The snaffled dataset contained names, usernames, addresses, email addresses, phone contact numbers, date of birth, and security question and answer pairs. The leaked data comes from …
John Leyden, 31 Jul 2014
Gary McKinnon at Infosec

Pentagon hacker McKinnon reinvents himself as SEO guru

Former hacker and US extradition target Gary McKinnon has found a new career as a search engine optimisation expert. McKinnon - who successfully fought a 10-year campaign against extradition to the US over charges he hacked into Pentagon systems - has launched Small SEO, which specialises in making sure small businesses appear …
John Leyden, 31 Jul 2014

AVG stung as search revenue from freebie scanners dries up

Security software firm AVG net income has fallen from $24.7m in Q2 2013 to $13.7mn in Q2 2014, according to financial results out Wednesday. The profits slide is explained by the slip in revenue from $100.4m in Q2 2013 to $88m in the three months running up to 30 June 2014. AVG responded to the results by revising its outlook …
John Leyden, 31 Jul 2014

Tor attack nodes RIPPED MASKS off users for 6 MONTHS

The Tor Project has warned users about a subtle attack aimed at partially uncloaking their activities on the anonymising network. The attack, which ran from late January until early July, when it was thwarted, bears hallmarks attributed to a an attack slated for description in a cancelled Black Hat conference presentation. …
John Leyden, 30 Jul 2014
australian credit cards fraud contactless

iWallet: No BONKING PLEASE, we're Apple

Apple's iWallet mobile money app could be the start of a more general trend that sees web giants such as Facebook pushing into the payment industry, according to online payment experts. iWallet would give iPhone-toting consumers the ability to pay for goods with their smartphones. It is predicted to use the firm's Touch ID …
John Leyden, 30 Jul 2014
Data breach image

Who has your credit card data? 1 million HOLIDAY-MAKERS' RECORDS exposed

A UK-based online travel firm has been fined £150,000 over a breach of breach of the Data Protection Act after their "insecure" coding reportedly exposed more than a million customer records to cybercrooks. Think W3 Limited was hacked in December 2012 in an attack that relied on what the ICO described as "insecure" coding on the …
John Leyden, 24 Jul 2014