John Leyden

Contact Mail Follow Twitter RSS feed

SCADA malware caught infecting European energy company

Security researchers have identified a strain of malware that has already infected at least one European energy company. The malware, dubbed SFG, is related to an earlier sample called Furtim, that created a backdoor on targeted industrial control systems. This backdoor might be used to deliver a payload which could be used to …
John Leyden, 12 Jul 2016
Image by gyn9037 http://www.shutterstock.com/gallery-691846p1.html

Nukeware: New malware deletes files and zaps system settings

Lazy but sneaky cybercrooks are slinging a new ransomware variant that falsely claims to have encrypted files when in reality it has deleted them. Ranscam tricks victims by falsely claiming that files have been moved onto an hidden, encrypted partition. In reality the malware has deleted files and comprehensively messed with …
John Leyden, 12 Jul 2016
stack of newspapers view from the side

PhonepayPlus to rename

UK telecoms regulator that is definitely not a cut-rate mobile phone biz, PhonepayPlus, is to rename itself as the Phone-paid Services Authority. The name change will come into effect in autumn 2016 along with a new mission statement defining it as “the UK regulator for content, goods and services charged to a phone bill.” …
John Leyden, 12 Jul 2016
Bearded man sitting at desk reading from his tablet by hi laptop

4K state hacker Google alerts

Google is notifying customers about 4,000 state-sponsored cyber attacks per month. The APT notification ran rate was disclosed by Google senior vice president and Alphabet board member Diane Greene during a Fortune magazine tech conference in Aspen, Colorado, Reuters reports. Google began notifying users about suspected …
John Leyden, 12 Jul 2016

EU cybersecurity directive will reach Britain, come what May

The passage of the EU Directive on the Security of Network and Information Systems (NIS) will have a profound effect on corporate security across Europe and even in Britain, despite the Brexit vote. The NIS Directive applies to organisations that provide elements of a country’s critical national infrastructure – i.e. operators …
John Leyden, 11 Jul 2016
A dog wearing glasses, on a park bench reading the news paper

Scammers gotta catch em all

Survey scams have joined potential muggings and malware as another peril for Pokémon Go fans. A pitch promising Pokécoins (the microtransaction currency) doing the rounds is actually a ruse designed to trick victims into visiting a scam site. Prospective marks are invited to fill in a variety of survey on the pre-text of a non …
John Leyden, 11 Jul 2016
Mullard Radio Astronomy Observatory

Amazingly insecure industrial control systems + internet = Cupful of nope

Many industrial control system are exposed to the internet, creating a severe risk because most are hopelessly insecure, according to a new study by Kaspersky Lab. To minimise the possibility of a cyber-attack, Industrial Control Systems (ICS) are supposed to be run in a physically isolated environment. In total, 188,019 hosts …
John Leyden, 11 Jul 2016

Lurk trojan takedown also took out Angler exploit kit

Security researchers have discovered a possible link between the demise of the Angler Kit and a crackdown against the Lurk banking trojan crew. In June, a group of individuals was arrested in Russia for using Lurk to target Russian banks. Cisco Talos researchers noticed that within a week of the arrests, Angler had disappeared …
John Leyden, 11 Jul 2016
Confused lost-looking driver with map. Photo by SHutterstock

BMW web portal vulns pose car hack risk – researchers

Two unpatched vulnerabilities in BMW's ConnectedDrive web portal create a mechanism to manipulate car settings, a security researcher warns. The first (and more serious) vulnerability creates a means for a hacker to access another driver’s Vehicle Identification Number (VIN) before changing in-car settings such as lock/ …
John Leyden, 08 Jul 2016

Malaysia-based credit card fraud ring broken, 105 arrested

A total of 105 credit card fraud suspects have been arrested in Asia and Europe following a complex months-long investigation across two continents. The investigation targeted a gang led from Malaysia whose tentacles spread into 14 European countries (including the UK and Germany) and specialised in using counterfeit credit …
John Leyden, 08 Jul 2016
A partially-eaten langos

Women, got an infosec?

The British Computer Society is co-sponsoring a one day conference geared towards encouraging more women to consider careers in infosec. The Cyber Security Women’s Day will take place this Saturday, 9 July, at the University of Westminster. The event will offer networking opportunities with security professionals, some from …
John Leyden, 08 Jul 2016
Rosetta's view of Earth on March 5th, 2005

NASA Twitter feed hijacked

A NASA-run Twitter account was briefly hijacked on Wednesday to distribute a lewd image. The @NASAKepler account normally keeps 570K space enthusiasts up to date with the progress of the Kepler mission, a search for Earth-size and smaller planets in the habitable zone around nearby stars. The feed was hijacked on Wednesday to …
John Leyden, 07 Jul 2016

Infosec bods NCC walk away from the domain services biz

UK-based infosec consultancy NCC Group is withdrawing from the domain services biz while retaining domain security capability. The tactical switch was announced as NCC reported revenues up 56 per cent to £209.1m in the 12 months to 31 May 2016, compared to £133.7m in its previous financial year. NCC’s adjusted pre-tax profits …
John Leyden, 07 Jul 2016

Avast woos AVG shareholders with $1.3bn buyout offer

Avast is offering to buy anti-virus rival AVG for $1.3bn. AVG shareholders are being offered $25.00 per share in cash, a 33 per cent mark-up on the closing share price on Wednesday. AVG, Avast and rival Avira are the three main players in the market for freebie anti-virus scanners for Windows. All make their money by offering …
John Leyden, 07 Jul 2016
Daisywheel with Courier font

Google disputes Gmail ‘bug’

A security researcher warns that Google Gmail is vulnerable to an Open URL redirection flaw, a finding disputed by Google itself. The alleged bug creates a means for attackers to send intended victims a special crafted UR before stealing credentials or tricking them into visiting a malicious website, according to security …
John Leyden, 06 Jul 2016
Illustration of a "bitcoin" dissolving into numbers. Photo by SHutterstock

Bitcoin child abuse image pervs will be hunted down by the IWF

Blockchain forensics are being harnessed in an effort to clamp down on the trade in images of child sex abuse on the dark web. The Internet Watch Foundation (IWF) is teaming up with Elliptic, a UK blockchain intelligence start-up, in a bid to track individuals who use Bitcoin to pay for images of child sex abuse. The IWF is …
John Leyden, 06 Jul 2016
stack of newspapers with a pair of ethernet cables next to them

File converter actually Mac backdoor

New backdoor allows full access to Mac systems. The backdoor is embedded into a fake file converter application available through reputable Mac applications sites, Romanian security firm Bitdefender warns. The EasyDoc converter.app poses as a drag-and-drop file converter but has no real functionality other than downloading …
John Leyden, 06 Jul 2016
High-tech startup-rich neighbourhood Herzliya Pituach, Israel. Pic by InnaFelker, editorial use only via Shutterstock

Israeli tech firms make their exits, stage rich

Israeli hi-tech companies rang the tills with exits adding up to $3.3bn in the first half of 2016. A total of 45 hi-tech firms completed exit deals that averaged $74m, according to a study by IVC Research Center and law firm Meitar Liquornik. Increased difficulties in raising capital, particularly in the United States and …
John Leyden, 06 Jul 2016
Illustration of a man with a beard reading a tablet

Brexit-themed spam surges

Symantec has uncovered a fivefold (392 per cent) increase in spam emails that use Brexit as a news hook. Cybercriminals have latched onto Brexit as a theme simply because it’s topical and likely to get the attention of prospective marks. These lures are ultimately geared towards tricking people into divulging sensitive …
John Leyden, 05 Jul 2016

EU uncorks €1.8bn in cybersecurity investment. Thirsty, UK?

The EU Commission has launched a public-private partnership on cybersecurity that is expected to trigger €1.8bn ($2bn) of investment by 2020. The EU is promising to invest €450m ($502m) in a bid to spur innovation in cybersecurity with the remainder coming from the private sector. Some security commentators reckon the Brexit …
John Leyden, 05 Jul 2016
Users with laptop, mobile, tablet have tea in a coffee house. Pic via shutterstock

Theft of twenty-somethings' IDs surges

Last year saw a surge in identity fraud against young UK adults, according to official figures published today. Cifas' data reveals identity fraud victims aged 30 and under rose 52 per cent in 2015. Just under 24,000 (23,959) people aged 30 and under were victims of identity fraud, according to figures from the UK’s leading …
John Leyden, 05 Jul 2016

Second celebgate hacker pleads guilty to phishing

A second US man has pleaded guilty to stealing intimate pictures of celebrities using a phishing scam. Edward Majerczyk, 28, who resides in Chicago and Orland Park, Illinois, was charged with hacking into the Apple iCloud and Gmail accounts of more than 300 people, including Hollywood celbrities. In a plea bargaining deal, …
John Leyden, 05 Jul 2016

UEFA's Euro 2016 app is airing football fans’ privates in public

The official UEFA Euro 2016 app is leaking football fans’ personal data, security researchers warn. The app is transmitting user credentials - including usernames, passwords, addresses and phone numbers - over an insecure internet connection, mobile security outfit Wandera discovered. The lack of encryption in the app, which …
John Leyden, 01 Jul 2016

700,000 Muslim Match dating site private messages leaked online

Hackers have leaked the personal details of 150,000 users of the Muslim Match website after breaking into the niche dating portal. Almost 150,000 user credentials and profiles, as well as more than 700,000 private messages between users, were posted online. "These private messages cover a range of subjects from religious …
John Leyden, 01 Jul 2016

Hackers: Ditch the malware, we're in... Just act like a normal network admin. *Whistles*

Hackers almost exclusively use standard network admin tools to move around a compromised network once they’ve broken in using malware or other hacking techniques. Researchers at security startup LightCyber found that 99 per cent of post-intrusion cyberattack activities did not employ malware, but rather employed standard …
John Leyden, 30 Jun 2016