Boffins use HOT maths MODELS to predict spam of the future
Australian computer boffins reckon game theory can be applied to build better spam filters.
The new spam classifier, developed by Professor Sanjay Chawla, Fei Wang and Wei Liu of the University of Sydney, outsmarts would-be spammers by predicting the likely pattern of future spam runs by learning from past attacks.
The two …
Hacktivists boast of English Defence League KO after website downed
Hacktivists linked to Anonymous have claimed responsibility for knocking shouty anti-Islam group the English Defence League's website offline.
The EDL is a far-right street protest movement whose official stance is an objection to the "spread of Sharia law and Islamic extremism in the UK". Its numerous critics argue the league …
Bank man: System's down, let's have coffee. Oh SNAP, where's all the CASH?
Cybercrooks are running distributed denial of service attacks as a smokescreen to distract bank security staff while they plunder online banking systems, according to a researcher.
Avivah Litan, vice president at Gartner Research, reports that cyber criminals looking to attack financial institutions are getting more ambitious by …
'Hacked' estate agency Foxtons breaks glass, pulls password reset cord
Trendy UK estate agency Foxtons pushed the big red password reset button, as a precaution, after it appeared hackers lifted thousands of clients' usernames and passwords from its systems.
Miscreants claimed to have leaked online user names, email addresses and passwords of nearly 10,000 Foxtons’ customers, Estate Agent Today …
Forget hackers - storms and snafus are bigger threat, say infosec bods
Cyber attacks caused fewer problems to communications networks than unrelated system failures and natural disasters, a study by an EU security agency has found.
The European Union Agency for Network and Information Security (ENISA) reports that the average duration of cyber attacks was four hours whilst outages due to nature …
Second time's a charm! Microsoft tries again with Active Directory patch
Microsoft made a second attempt to cleanly patch an "important" security flaw in its Active Directory Federation Services technology on Monday - days after yanking the original update for causing stability problems.
The original MS13-066 upgrade caused the active directory service to stop working entirely in some cases. The …
Bloke leaks '1000s' of Twitter login tokens, says he can hack ANY twit
A hacker calling himself the "Mauritania Attacker" claims he has compromised every Twitter user account on the planet - and leaked the OAuth tokens for thousands of Turkish tweeters.
Meanwhile, a security researcher claims to have obtained similar details by creating a fake app that masqueraded as Twitter's own third-party …
Guardian lets UK spooks trash 'Snowden files' PCs to make them feel better
GCHQ spooks reportedly rocked up at The Guardian's London headquarters and oversaw the destruction of some computer hardware - because the machines may have stored copies of documents leaked by whistleblower Edward Snowden.
The move came after the newspaper's editor-in-chief Alan Rusbridger refused to comply with demands to …
Password-keeper LastPass plugs up IE cache leak vuln
LastPass has patched a flaw that meant Windows versions of its password-management software were capable of leaking login credentials that had been auto-filled into fields by its password manager.
The bug – which affected Internet Explorer users on Windows only – meant that an attacker who managed to obtain a memory dump of …
Probation officer gets TINY fine for spilling domestic violence victim's ADDRESS
A probation officer who disclosed a domestic abuse victim’s new address to her alleged abuser has been fined £150 and order to pay court costs after being prosecuted and given what has been described by Information Commissioner Christopher Graham as "a relatively minor penalty".
Data privacy watchdogs at the Information …
British spooks seize tech from Snowden journo's boyfriend at airport
The Brazilian partner of Guardian journalist Glenn Greenwald – Edward Snowden's go-to reporter for the dissemination of sensitive papers about the NSA's dragnet surveillance programmes – has been released from custody. The 28-year-old was held for almost nine hours for questioning by Metropolitan Police officers when he passed …
Card-cloning crooks use 3D printers to make ever-better skimmers
Cybercrooks in Australia are using 3D printers and computer-aided design software to manufacture ATM skimming devices.
New South Wales Police recently arrested and charged a Romanian national with fraud involving the use of an ATM skimmer made on a 3D printer to fleece Sydney residents, Australia-based iTnews reports.
Police in …
NSA coughs to 1000s of unlawful acts of snooping on US soil since 2008
The NSA violated privacy laws thousands of times in the last five years by spying on US citizens, an internal audit by the super-snoopers has disclosed.
The Washington Post reports that the intelligence agency also overstepped its legal remit since Congress gave it broad powers in 2008.
Most of the violations involved …
Fiendish fake Flash plugin squirts grumble-flick ads into kiddies' websites
A fake Adobe Flash browser plugin that hijacks on-screen web adverts to tout hardcore smut is doing the rounds, we're told.
The rogue add-on even slaps racy adults-only teasers on websites aimed at children, according to Jérôme Segura, a security researcher at antivirus firm Malwarebytes. The software nasty, named FlashPlayer11. …
Oh, those crazy Syrian hackers: Now Wash Post, CNN, Time vandalised
Syrian hacktivists claim they are the vandals responsible for scribbling over the websites of CNN, Time mag and The Washington Post yesterday.
But these latest boasts by the Syrian Electronic Army (SEA) are somewhat misleading, according to computer security experts who say that the hacking crew actually ransacked Outbrain - a …
NORKS build TROLL ARMY to tear down S Korean surfers
North Korea has tasked 200 agents with the job of posting negative comments online, often using stolen online identities, in a bid to undermine the morale of their neighbours in the South.
The brigade of NORK trolls is part of a brigade of 3,000 cyber warriors and hackers that make up the Reconnaissance General Bureau …
IBM snaps up banking security biz Trusteer, won't say what it paid
IBM has announced a deal to acquire transaction security firm Trusteer and open a new cybersecurity lab in Israel. Financial terms of the buyout, announced Thursday, were not disclosed.
Big Blue said the deal would allow it to offer improved cloud-delivered software and services to defend against advanced security threats to its …
Microsoft pulls faulty Exchange 2013 patch HOURS after release
Microsoft has pulled a security update for Exchange 2013 after problems emerged with the latest patch to the email server software just hours after its release.
The critical MS13-061 security update for Exchange Server 2013 broke the message index service, preventing Exchange 2013 email users from searching their mailboxes. …
Your encrypted files are 'exponentially easier' to crack, warn MIT boffins
Encryption systems may be a lot less secure than we thought, according to new research into the maths underpinning today's cryptography.
Boffins in the US and Ireland have managed to poke holes in modern information theory, an area of mathematics used to prove the strength of cryptographic systems before they are trusted and …
UK.gov intros shiny CREST badge for cyber crime-scene cleanup squad
The UK has launched two cyber incident response schemes geared towards helping businesses cope better with the aftermath of malware outbreaks and other hacking attacks.
The schemes were launched on Tuesday by the Communications Electronics Security Group (known as CESG), the information security arm of GCHQ, and the Centre for …
Microsoft Patch Tuesday: The '90s called. It wants its 'Ping of Death' back
Microsoft has pushed out eight advisories as part of the August edition of its regular Patch Tuesday update cycle. With just three critical patches, the most interesting thing about this week's batch is the return of the "Ping of Death" in the form of a stability bug in the Windows IPv6 stack.
The critical updates offer new …
Zombie PCs are for crimelord chumps: Fear clusters, says infosec ace
It may be possible for a "single dedicated attacker" to run an internet "carpet-bombing" attack by applying Big Data and distributed computing technologies, security researcher Alejandro Caceres warns.
The traditional botnet, or network of hijacked computers, has been used for distributed computing problems, such as Bitcoin …
Does Gmail's tarted-up tab makeover bust anti-spam laws?
Anti-spam experts are openly wondering whether Google's redesigned web mail service Gmail violates US laws against bulk unsolicited messages.
The CAN-SPAM Act (passed in 2003) makes the mass distribution of commercial electronic mail legal as long as the messages are properly formatted, include correct contact information and …
Bacon 'n' egg on his face: Hollywood heartthrob pwned by Twitter phishers
Miscreants broke into the Twitter profile of prominent advertising bloke Footloose star Kevin Bacon to scam his fans.
The 300,000-plus followers of the actor - who these days is just as well known for the “six degrees of Kevin Bacon” trivia game as his starring roles in films such as Apollo 13 - were spammed with web links …
Beware the ad-punting crapware-laden Firefox, warn infosec bods
Internet users looking for a US Green Card are at risk of being conned by a fake advert into installing an adware-laden version of Firefox, security researchers have warned.
The ruse was spotted over the weekend after it began appearing in online ads peddling supposed US Green Card lotteries. Regardless of what make or version …
NSA-proof email encryption? Cobblers, sniff German hackers
German hackers have poured scorn on Deutsche Telekom's plan to offer "secure email", describing it as little more than a marketing gimmick.
Deutsche Telekom and partner United Internet are rolling out SSL-encrypted connections between users’ computers and the companies' mail servers as part of the “Email made in Germany” offer …
The secure mail dilemma: If it's useable, it's probably insecure
The sudden closure of two secure email services may cause many privacy-conscious people to begin looking for alternatives. However, security experts warn that any service provider may be put under pressure to comply with authorities, and this might kill off secure mail as we know it.
Lavabit's Levison: No more palaver, I'm …
Notorious Mexican drug kingpin nabbed thanks to drones and spyware
An alleged leader of Mexico's infamous Los Zetas gang was captured last month using a combination of commercial computer spyware, GPS mobile tracking and aerial drones, according to Mexican reports.
Miguel Treviño Morales – also known as “Z-40” – was captured by the North American country's marines on 15 July.
The US Drug …
Second LulzSec Sony website hacker starts a year in the cooler
A LulzSec hacker has been sentenced to a year in a US jail for hacking Sony Pictures and dumping personal information of 138,000 movie fans online.
Raynaldo Rivera, 21, of Tempe, Arizona, will spend 366 days behind bars, followed by 13 months of house arrest and 1,000 hours of community service for his involvement in the …
US taxmen told to hush up shadowy drug squad unit laundering NSA intel
A manual for America's taxmen detailing US drug squads' access to NSA intelligence has emerged - and revealed that the controversial supply of information has been an open secret in government for years.
Reuters reports that the handbook, which was issued to IRS tax collectors between 2005 and 2006, instructs officials to omit …
'Hand of Thief' banking Trojan reaches for Linux – for only $2K
Cybercrooks have created a banking Trojan that targets Linux users, which is been touted for sale on underground cybercrime forums for just $2,000 a pop.
The "Hand of Thief" malware is a rare example of malicious code written especially to target the open-source operating system. The digital nasty includes form-grabbers for HTTP …
Child abuse ransomware tweaked to tout bogus antivirus saviours
Cybercrooks have found another application for ransomware, the horrible software that locks up a PC until money is handed over: it's now being used to push fake antivirus onto victims.
Reveton - a widespread piece of ransomware that infects machines, falsely accuses marks of downloading images of child abuse and demands a fine …
HP plugs password-leaking printer flaw
Security flaws in a range of HP printers create a way for hackers to lift administrator's passwords and other potentially sensitive information from vulnerable devices, infosec experts have warned.
HP has released patches for the affected LaserJet Pro printers to defend against the vulnerability (CVE-2013-4807), which was …
Blogs with 'weakest of the weak' passwords hijacked for bot army
Cybercrooks are running a wide-ranging password-guessing attack against some of the most widely used blogging and content management systems on the net.
The so-called Fort Disco cracking campaign began in late May this year and is still ongoing, DDoS mitigation firm Arbor Networks warns. Arbor has identified six command-and- …
Malicious snoopware targeting India found at tiny Midwest ISP
Security researchers have uncovered what appears to be a malware-based attack targeting Indian military or government entities and designed to steal information.
The malware linked to the attack "contains specific artifacts that [link it] to a commercial Pakistani entity," according to security intelligence firm ThreatConnect. …
Suspected brains behind bank-account-draining Gozi extradited to US
Latvia will extradite an alleged pusher of the online bank account raiding Trojan Gozi to the US - despite opposition from the Baltic republic's foreign minister.
Deniss Calovskis, 27, and two other alleged co-conspirators (Russian national Nikita Kuzmin and Mihai Ionut Paunescu, a 28-year-old Romanian) were accused of …
Hacktivists torch C4's Jon Snow's web diary, reveal 'nuke strike' on Syria
Syrian hacktivists have chalked up more media-luvvie victims after hacking into and defacing blogs run by British broadcaster Channel 4.
The Syrian Electronic Army, which backs the regime of President Bashar al-Assad, took over an online diary maintained on behalf of veteran newscaster Jon Snow before posting a fictitious story …
Stop! Yammer time: Microsoft blats biz babble account hijacking bug
Microsoft has fixed a potentially nasty set of authentication vulnerabilities involving Yammer, the "Facebook for business" enterprise collaboration and social networking platform.
The flaws - discovered by Ateeq Khan, a security researcher in the Vulnerability Laboratory Research Team - would have allowed hackers to bypass the …
Did a bunch of bankers fax a stranger's sensitive privates to YOU?
The Bank of Scotland has been hit by a £75,000 fine over a snafu that led to it repeatedly faxing customers’ account details to the wrong people.
Sensitive information included payslips, bank statements, account details and mortgage applications, along with customers’ names, addresses and contact details. The information was …
REVEALED: Cyberthug tool that BREAKS HSBC's anti-Trojan tech
Cybercrooks on an underground forum have developed a technique to bypass anti-Trojan technology from Trusteer used by financial institutions worldwide – including HSBC and Paypal – to protect depositors from cybersnoopers.
Trusteer has downplayed the vulnerability and said it's in the process of rolling out beefed-up protection …
Bad timing: New HTML5 trickery lets hackers silently spy on browsers
New time-measuring features in HTML5 can be exploited by malicious websites to illicitly peek at pages open on a victim's browser, it is claimed.
Security researchers at Context Information Security have figured out how to precisely observe the speed at which CSS and SVG graphics are drawn on screen to extract sensitive data …
Earn £8,000 a MONTH with bogus apps from Russian malware factories
Just 10 professionally run malware-making workshops in Russia are responsible for 30 per cent of the Trojans, spyware and other nasties infecting smartphones globally. That's according to a study by mobile security outfit Lookout.
These underground crime labs churn out DIY kits ideal for scriptkiddies looking to make a fast buck …
Step into the BREACH: HTTPS encrypted web cracked in 30 seconds
A new hacking technique dubbed BREACH can extract login tokens, session ID numbers and other sensitive information from SSL/TLS encrypted web traffic, say researchers.
Secret data crucial to securing online banking and shopping can be lifted from an HTTPS channel in as little as 30 seconds, we're told.
BREACH (short for Browser …
Snowden picks up 'Epic 0wnage' gong in Vegas... well, not literally
Security researcher Barnaby Jack, famous for his "jackpot" hack on ATMs, which forced them to spit out cash, has won a lifetime achievement award less than a week after his death.
The honour was announced yesterday at the Pwnie awards, Infosec's equivalent to the Oscars.
Jack, 35, died last Thursday just days before he was due …
Ubuntu puts forums back online, reveals autopsy of a brag hacker
Ubuntu Forums are back to normal following a serious hack attack that exposed the usernames, email addresses and hashed passwords of 1.8 million open source users.
Parent firm Canonical restored the forums on Tuesday as well as publishing a detailed summary of what went wrong and the broad steps it has taken to beef up security …
MPs get secret squirrel dossier of 'lawyers, megabiz hiring hackers'
Blue-chip firms who allegedly hired private investigators to unlawfully hack systems for personal and sensitive information have been named in a secret list submitted to Parliament.
That's the same sort of alleged skullduggery that ended up bringing down Rupert Murdoch’s best-selling Sunday tabloid News of the World.
Law firms …
Edward Snowden skips into Russia as Putin grants him asylum
NSA whistleblower Edward Snowden has been granted temporary asylum in Russia.
Russia's decision to grant the former CIA technician temporary political asylum has allowed the 30-year-old to leave the transit area of Moscow's Sheremetyevo airport - where he has been stuck in limbo for weeks following his flight from Hong Kong on …
Gmail, Outlook.com and e-voting 'pwned' on stage in crypto-dodge hack
Security researchers say they have developed an interesting trick to take over Gmail and Outlook.com email accounts - by shooting down victims' logout requests even over a supposedly encrypted connection.
And their classic man-in-the-middle attack could be used to compromise electronic ballot boxes to rig elections, we're told …
Syrian Electronic Army no longer just Twitter feed jackers... and that's bad news
The Syrian Electronic Army is starting to pose a serious risk to enemies of the Assad regime in both Syria and further afield, according to security watchers.
Reports that the SEA managed to take over three personal email accounts of White House employees remain unconfirmed. However, recent worrying attacks on VoIP apps Viber …
New NSA tool exposed: XKeyscore sees 'nearly EVERYTHING you do online'
The cover has been blown on an NSA program which collects data on “nearly everything a user does on the internet” even as the debate rages over the secretive US agency's mass surveillance of innocent people.
The XKeyscore program covers emails, social media activity and browsing history and is accessible to NSA analysts with …
