John Leyden

Contact Mail Follow Twitter RSS feed
You can't fight in here, this is the war room!

APT group hacks cyber-spy gang in spy-on-spy pwnage

Cyber-spy groups, whose numbers are growing with little constraint, have begun hacking each other. Hellsing, a small and technically unremarkable cyber-espionage group, was subjected to a spear-phishing attack by another threat actor last year, before deciding to strike back with its own malware-infected emails. The aftermath …
John Leyden, 16 Apr 2015
Cisco 7609 router interface cabling

Troubleshooting feature on Cisco routers is open to data-slurp abuse

Infiltrate A default feature of Cisco routers can readily be abused to collect data, security researchers warn. Embedded Packet Capture (EPC) was designed by Cisco as a troubleshooting and tracing tool. The feature allows network administrators to capture data packets flowing through a Cisco router. Brazilian security researchers Joaquim …
John Leyden, 15 Apr 2015
Hack the planet

Verizon to world: STOP opening dodgy phishing emails, FOOLS

Phishing and web app security problems remain the most common way for hackers to gain access to sensitive information, according to US telco giant Verizon. Two out of three breaches were the result of weak or swiped passwords, making a case for strong two-factor authentication, the latest edition of Verizon’s annual Data Breach …
John Leyden, 14 Apr 2015

Backdoor bot brains snatched after cops, white hats raid servers

Microsoft and Interpol have teamed up to derail a malware infection that compromised more than 770,000 Windows PCs worldwide. Simda is a “pay-per-install” software nasty: fraudsters pay miscreants some sum of money for every 1,000 or so machines they compromise. The hackers effectively earn cash by selling access to the infected …
John Leyden, 13 Apr 2015
Cartoon of  green skeletal figure reaching out of phone

Fraudsters target Nazi Android malware at Russian bank customers

Alleged members of a gang of "cyber-fascist" Android malware-slingers have been arrested in Russia. The alleged perps behind the scam targeted customers of Russian bank Sberbank with software they called "Fifth Reich", which used Nazi symbols in the management system. Fraudsters targeted malware attacks at Android-operated …
John Leyden, 13 Apr 2015

'Chinese hackers' were sniffing SE Asian drawers for YEARS

Security researchers have exposed a decade-long cyber-spying campaign that targeted south-east Asia and India since 2004. The so-called APT 30 hackers are likely to be agents of the Chinese government, according to network security company FireEye. APT 30's primary goal appears to be the theft of sensitive information for …
John Leyden, 13 Apr 2015

Spanish election site in security cert warning screwup snafu

Updated Website crypto problems on the Spanish online voting registration website are causing it to generate all manner of security warnings. Attempts to visit the sede.ine.gob.es site – run by Spain's National Statistics Institute and introduced this year for municipal/regional elections – typically lead to users being confronted with …
John Leyden, 13 Apr 2015
Brute Force

Cisco and Level 3 team up to squash brute force server hijackers

Cisco and service provider Level 3 have teamed up take down netblocks linked to brute-force hack kingpins SSHPsychos, severely degrading (but not destroying) the group's potential to hack servers in the process. Hacker collective SSHPsychos (AKA Group 93) has been running SSH brute force attacks on an industrial scale since June …
John Leyden, 10 Apr 2015
Ransom note saying "Pay Up" in blackmail type

Cyber-crypto-criminal-cock-up. Little money and (probably) embarrassed

A newly released crypto-ransomware strain has been broken, thus allowing victims — in over two out of three cases — to get back their data without paying. The Scraper ransomware has a flaw, meaning that in about 70 per cent of cases files can be decrypted, according to Kaspersky Labs, with the Russian security firm publishing a …
John Leyden, 10 Apr 2015

Bad news everyone: Cybercrime is getting even easier

The volume of malware threats is actually on the decline despite the increase in breaches, according to a study from Websense Security Labs. Websense Security Labs logged 3.96 billion security threats in 2014, which was 5.1 per cent less than 2013. Despite this, the number of high-profile breaches increased. Hackers have …
John Leyden, 09 Apr 2015
Pinterest security

Pinterest, Yammer scramble to patch login thievery headaches

Pinterest has patched a vulnerability that meant its iPhone app leaked passwords to other surfers on the same network. An earlier version of the Pinterest iOS app fails to validate the server certificate, potentially allowing a suitably positioned attacker on the same network to steal login credentials related to the photo …
John Leyden, 08 Apr 2015

Dell System Detect update vulnerability exposed

Dell System Detect doesn't auto-update automatically, leaving millions of systems vulnerable as a result, according to security software firm F-Secure. Even though Dell disputes the problem with its application which interacts with the Dell Support website, F-Secure's claim is based on real figures regarding queries about older …
John Leyden, 08 Apr 2015
Internet of Things

The Internet of Stuff is a gigantic ultra-perv robbery network – study

IoT devices facilitate robbery, stalking and cybercrime. That's the downbeat conclusion of a new study by app security firm Veracode into the insecurity of connected devices. Veracode reached its conclusion after looking into a variety of IoT kit, finding they are often designed without data security or privacy in mind. The …
John Leyden, 08 Apr 2015

Can't patch this: Mozilla pulls Firefox encryption feature after just a week

Mozilla has pulled Firefox 37's opportunistic encryption feature after less than a week when it learned that tech designed to enhance security actually broke SSL certificate validation. A simple patch wouldn't do the trick, so Mozilla opted to release an update, Firefox 37.0.1, that removed opportunistic encryption. Going into …
John Leyden, 07 Apr 2015

France accused of tabling 'Patriot Act' style surveillance law

Privacy advocates have criticised French plans to expand digital surveillance as badly thought out and rushed. A bill (“Projet de Loi Relatif au Renseignement”) – which was drawn up before the Charlie Hebdo and Hyper Casher supermarket attacks – is due to go before the National Assembly next week under an accelerated legislative …
John Leyden, 07 Apr 2015
management governance3

E-commerce enterprises gently told to update those protocols ... or else

A revamp in payment card industry regulations due out later this month will penalise e-commerce enterprises that rely on outdated crypto protocols. The PCI Security Standards Council updated standard – PCI DSS 3.1 – mandates that businesses move away from SSL onto more modern TLS protocols. The council is introducing the …
John Leyden, 07 Apr 2015
Lock security

Check Point snaps up mobile security outfit Lacoon

Check Point is buying Lacoon Mobile Security, in a deal that expands the security software firm beyond its core firewall and IDS market while pushing it further into mobile. Terms of the deal, announced Thursday, were undisclosed. Lacoon develops security apps for both iOS and Android, as well as marketing real-time mobile …
John Leyden, 02 Apr 2015
Costumed pirate

Fake Pirate Bay site pushes banking Trojan to WordPress users

Multiple WordPress sites are being redirected to a Pirate Bay copycat which in turn was being used to sling malware, anti-malware firm Malwarebytes warns. Several WordPress sites were injected with the same iframe over the last few days as part of an attack ultimately geared towards serving content from sites such as …
John Leyden, 01 Apr 2015
Spying image

Mystery 'Explosive' cyber-spy campaign traced back to Lebanon

A nation-state cyber-attack campaign running since 2012 has been traced back to a somewhat unlikely launchpad in Lebanon. Security researchers at Check Point reckon hackers behind the so-called Volatile Cedar campaign have hit defence contractors, telecommunications and media companies, and educational institutions in multiple …
John Leyden, 01 Apr 2015

How a hack on Prince Philip's Prestel account led to UK computer law

This week marks the 30th anniversary of arrests in the infamous Prestel hack case. It led to arrests, breached the Royal Family's security and helped give birth to the UK's first computer crime law. What began as a hack against the Prestel Viewdata system – which opened up access to Prince Philip's mailbox – later led to the …
John Leyden, 26 Mar 2015
Iranian President Mahmoud Ahmadinejad receives news of the successful 'Omid' launch

Spookception: US spied on Israel spying on US-Iran nuke talks

Israel spied on the recent US-Iran nuclear talks, alleges America. And the US knows enough about it to say it publicly because the NSA is spying on Israel, along with everyone else. The Wall Street Journal reports that Israel handed over confidential information from the negotiations to friendly members of the US Congress in a …
John Leyden, 25 Mar 2015

BT Home Hub SIP backdoor blunder blamed for VoIP fraud

Flaws in a BT Home Hub set-up are being blamed for helping facilitate a VoIP scam. El Reg reader Keith Harbridge, an independent IT consultant, said his client, a firm of solicitors, is just one of number of companies stung by the scam, which occurred in early March. Independent security consultants at Pen Test Partners …
John Leyden, 25 Mar 2015
firing range - target in cross hairs

Apple is picking off iOS antivirus apps one by one: Who'll be spared?

Confusion reigns over whether or not Apple is really pulling all iOS antivirus apps from its online software store. One leading developer says yes, another says no, and Apple is keeping schtum. Security specialist Intego claims the Cupertino idiot-tax operation has yanked anti-malware tools from the iOS App Store, leaving just …
John Leyden, 24 Mar 2015

Dell denies 'insecure autoupdate app' flings open PC backdoor

Dell has denied building backdoors into its kit following a security researcher's discovery of an insecure update assistant app. Tom Forbes alleges that the Dell Service Tag Detector app* is so insecure that it creates a backdoor on machines it is installed upon. More specifically, Forbes alleges that the app caries a Remote …
John Leyden, 24 Mar 2015
All UK police forces use Tetra

More than 260 suspects charged in UK child abuse crackdown

Teachers, a retired magistrate, a doctor, and civil servants are among 264 suspected paedophiles charged as part of a major UK police operation targeting those accessing child abuse images online. Operation Notarise, which launched around a year ago, is the biggest UK inquiry into people allegedly sharing child abuse images …
John Leyden, 20 Mar 2015
Abbott and Costello dressed as policemen

NYPD cop in court for allegedly hacking into the FBI

A New York City Police Department auxiliary deputy inspector faces charges of hacking into a restricted NYPD computer and other law enforcement databases, including a system maintained by the FBI. Yehuda Katz, 45, of Brooklyn, New York, allegedly used the databases to obtain information about local traffic accident victims …
John Leyden, 20 Mar 2015

Rocket Kittens target defence and IT bods from Europe & Israel

A seemingly state-sponsored hacking crew has compromised systems in several organisations in Israel and Europe, according to new research by Trend Micro. The so-called Rocket Kitten group has targeted defence and IT industries, government entities and academic institutions. Victims include civilian and academic organisations in …
John Leyden, 20 Mar 2015

OpenSSL 'high' severity flaw just a puny DoS risk

OpenSSL patched a “high” severity flaw as part of a patch batch on Thursday that turned out to be nowhere near as scary as widely feared. Fortunately, fears the software update might address another Heartbleed have been confounded. The worst of the flaws – dubbed ClientHello (CVE-2015-0291) – is simply a DoS risk, as an advisory …
John Leyden, 19 Mar 2015
Bank vault

Banks defend integrity of passcode-less TouchID login

Royal Bank of Scotland and NatWest have played down claims by a security researcher that their new Touch ID banking login feature might be circumvented, arguing the hack would only be possible with jail-broken iPhones — the use of which is not recommended. Last month, RBS and NatWest became the first UK-based banks to offer …
John Leyden, 19 Mar 2015
2001: A Space Odyssey

GCHQ: Ensure biz security by STOPPING everyone from TALKING

GCHQ is advising organisations to consider stripping staff of smartphones and memory sticks in order to make themselves less exposed to cyber attacks. The advice from the intelligence agency's CESG (Communications-Electronics Security Group) information assurance arm comes against a backdrop of increased concerns about the theft …
John Leyden, 19 Mar 2015
James Franco clutches puppy alongside Seth Rogen in a still from The Interview

NORK internet outage was payback for Sony hack – US politician

A North Korea network outage last December came in retaliation for the Sony hack, a US lawmaker claims. Michael McCaul of Texas – Republican chairman of the House Homeland Security Committee – linked disruption of North Korea's thin internet pipe to the earlier devastating attack against Sony Pictures Entertainment. “There were …
John Leyden, 18 Mar 2015

Fatally flawed RC4 should just die, shout angry securobods

Security researchers have banged another nail into the coffin of the ageing RC4 encryption algorithm. The latest password recovery attacks against RC4 in TLS by Christina Garman of Johns Hopkins University, Prof. Kenny Paterson and research student Thyla van der Merwe (both of Royal Holloway, University of London) show that …
John Leyden, 18 Mar 2015
jack russells racing with knitted 'jockeys' on their backs

Betting exchange WBX closes, Betfair romps on

Betting exchange WBX is pulling down the shutters on its operation, citing increased regulatory compliance costs and competition from market leader Betfair in its decision to close. WBX suspended betting and closed its exchange on Monday. No further bets can be staked, but unsettled bets on longer-term markets will be honoured …
John Leyden, 17 Mar 2015

One BEEEEEELLION sensitive records went AWOL in 2014

At least one billion records of personally identifiable information (PII) were leaked in 2014, according to IBM X-Force. The total number of records compromised in 2014 was more than 25 per cent higher than in 2013, when 800 million records were leaked. Three in four (74.5 per cent) of these incidents took place in the United …
John Leyden, 16 Mar 2015
Bounty hunters

Bounty! hunter! discovers! holes! in! Yahoo! Stores! security!

Security researcher Mark Litchfield is $24,000 the richer after discovering three vulnerabilities involving Yahoo! Stores and hosted websites. The three vulnerabilities were fixed by Yahoo! after Litchfield alerted the internet giant through its bug bounty programme. The first and most serious of the vulnerabilities opened up …
John Leyden, 16 Mar 2015
Logging onto Windows 10 with a mobile for 2-factor authentication

Yahoo! wheels! out! password! on-demand! service! for! simpletons!

Yahoo! is trialling a service that removes the need to remember your passwords, providing users aren't so absent-minded they don't also lose or mislay their mobile phones. The on-demand password service allows registered users to get a short password sent to their phone. On-demand passwords is an opt-in service, initially only …
John Leyden, 16 Mar 2015

OpenDNS snags network monitoring service BGPmon

Cloud security firm OpenDNS is buying network and routing monitoring services outfit BGPmon. Financial terms of the deal, announced on Thursday, were not disclosed. BGPmon offers services based on the Border Gateway Protocol (BGP), a core network protocol used by every major network and ISP, which maps preferred paths for …
John Leyden, 13 Mar 2015

UK call centre linked to ‘millions’ of nuisance robo-calls raided by ICO

UK data privacy watchdogs raided Thursday a call centre allegedly linked to millions of nuisance calls. Officers from the ICO (Information Commissioner's Office) and Trading Standards conducted the operation against a business in the Brighton area suspected of using automatic dialling technology to make four to six million …
John Leyden, 12 Mar 2015
GCHQ is following you on Twitter, Faceboo, email...

Bulk interception is NOT mass surveillance, says parliamentary committee

Parliament's intelligence committee report into security and privacy has concluded GCHQ's bulk interception of net traffic is not mass surveillance, and so permissible. However, it also called for new umbrella laws to regulate the actives of spy agencies and provide greater transparency. The Intelligence and Security Committee …
John Leyden, 12 Mar 2015
Hillary Clinton

Clinton defence of personal email server fails to placate critics

Analysis Hillary Clinton's admission that she was perhaps unwise to make exclusive use of a personal email account while serving as US Secretary of State has failed to placate critics, some of whom are trying to use the affair to derail her expected challenge for the White House next year. Clinton has issued a minimal mea-culpa stating …
John Leyden, 12 Mar 2015
bug on keyboard

Panda antivirus labels itself as malware, then borks EVERYTHING

Panda users had a bad hair day on Wednesday, after the Spanish security software firm released an update that classified components of its own technology as malign. As a result, enterprise PCs running the antivirus software tied themselves in something of a knot, leaving some systems either unstable or unable to access the …
John Leyden, 11 Mar 2015
Cartoon of fist clutching dollars smashing out of smartphone

PayPal pays $60m for Israeli predictive security start-up

PayPal has confirmed a $60m acquisition of security intelligence firm CyActive. The online payments firm, soon to be spun off from eBay, accompanied the announcement of the deal with plans to open a research hub in Israel. CyActive, founded by ex IDF intelligence unit cyberspies in 2013, specialises in trying to predict the …
John Leyden, 11 Mar 2015
ISIS leader Shakir Wahiyib with Facebook thumbs-up

Faux ‪pro-IS Facebook‬ shot down within hours of launch

A pro-Islamic State social network was pulled offline hours after its launch. The network, 5elafabook, was supposedly set up in the wake of a ramp-up in efforts by Twitter to quickly shut down accounts promoting violent jihad. Facebook has likewise applied the ban-hammer on accounts spouting pro-Caliphate propaganda. 5elafabook …
John Leyden, 11 Mar 2015
US Military hacking team

Cyber-whizs partake in mass eye-roll event over latest leaks: CIA spies 'spying on iPhones'

CIA brainiacs at least thought about, or experimented with, breaking the security of Apple's iPhones, iPads and OS X computers, it appears from leaked intelligence documents. The intel agency wanted to crack the encrypted firmware stored on targeted iThings, and spy on selected users via poisoned apps, Snowden newsletter The …
John Leyden, 11 Mar 2015
Apple Watch lineup

Hackers' delight? New Apple wrist-puter gives securobods the FEAR

Security pundits are already fretting over the security of the Apple Watch, just hours after the expensive gizmo was launched at a high profile US event. Ken Westin, security researcher at Tripwire, said that the security implications of the wearable device's Wi-Fi connection capabilities create a potential opportunity for …
John Leyden, 10 Mar 2015
WordPress

Pro-ISIS script kiddies deface Dublin Rape Crisis Centre site

The FBI has begun investigating the hack of a number of websites – including the site of Dublin Rape Crisis Centre – by pro-ISIS script kiddies. The Dublin Rape Crisis Centre in Ireland was defaced so that its home page featured the black ISIS flag and the message "Hacked by ISIS, we are everywhere." A Flash audio plug-in …
John Leyden, 10 Mar 2015
Files

Crap employers banned from enforcing backdoor crim records checks

Employers who force potential workers to request a criminal record check on themselves face prosecution after a change in UK law that comes into effect on Tuesday, 10 March. New regulations – to be enforced by data privacy watchdogs at the Information Commissioner's Office (ICO) – will outlaw so-called "back door" criminal …
John Leyden, 10 Mar 2015
Air traffic control at NATS

US air traffic control 'vulnerable to hackers' says watchdog

US air traffic control systems are potentially vulnerable to hackers, according to an audit by the American government. A report [46 pages, PDF] by the Government Accounting Office (GAO) faults the Federal Aviation Administration (FAA) for failing to meet compliance with the relevant government standards, specifically the …
John Leyden, 09 Mar 2015
DDoS image

Obsolete – and IP-baring – Anon tool linked to feminist blog DDoS

A feminist blog hit by a DDoS attack on International Women’s Day has used the attack to its advantage. Amber Gordon, founder of femsplain.com, said although the site is no stranger to Distributed Denial of Service assaults, Sunday's attack differed in being unusually intense. “I think it’s because it’s International Women’s …
John Leyden, 09 Mar 2015
Minority report precogs

Mind-reading DNS security analysis offers early warning for APT attacks

The application of predictive algorithms to DNS data may be able to spot malware sites before they serve up nasties. Security firm OpenDNS is applying ideas from natural language processing to automatically identify malicious domains using a prototype tool called NLPRank, as a blog post by the firm explains. Utilising natural …
John Leyden, 06 Mar 2015