John Leyden

Contact Mail Follow Twitter RSS feed

Second celebgate hacker pleads guilty to phishing

A second US man has pleaded guilty to stealing intimate pictures of celebrities using a phishing scam. Edward Majerczyk, 28, who resides in Chicago and Orland Park, Illinois, was charged with hacking into the Apple iCloud and Gmail accounts of more than 300 people, including Hollywood celbrities. In a plea bargaining deal, …
John Leyden, 05 Jul 2016

UEFA's Euro 2016 app is airing football fans’ privates in public

The official UEFA Euro 2016 app is leaking football fans’ personal data, security researchers warn. The app is transmitting user credentials - including usernames, passwords, addresses and phone numbers - over an insecure internet connection, mobile security outfit Wandera discovered. The lack of encryption in the app, which …
John Leyden, 01 Jul 2016

700,000 Muslim Match dating site private messages leaked online

Hackers have leaked the personal details of 150,000 users of the Muslim Match website after breaking into the niche dating portal. Almost 150,000 user credentials and profiles, as well as more than 700,000 private messages between users, were posted online. "These private messages cover a range of subjects from religious …
John Leyden, 01 Jul 2016

Hackers: Ditch the malware, we're in... Just act like a normal network admin. *Whistles*

Hackers almost exclusively use standard network admin tools to move around a compromised network once they’ve broken in using malware or other hacking techniques. Researchers at security startup LightCyber found that 99 per cent of post-intrusion cyberattack activities did not employ malware, but rather employed standard …
John Leyden, 30 Jun 2016
Curser icon over a news paper folded

Android 'ransomware surge'

Ransomware attacks on Android devices running Kaspersky Lab's security software increased almost four-fold in a little more than a year, we're told. File-scrambling malware attempted to infiltrate 136,532 Kaspersky-protected Android users' gadgets at least once between April 2015 and March 2016, compared to 35,413 users in …
John Leyden, 30 Jun 2016
Ben Mezrich, Once Upon a Time in Russia: The Rise of the Oligarchs and the Greatest Wealth in History

Kremlin hackers and the Democratic National Committee: How deep is the rabbit-hole?

Well publicised attacks against the US Democrat National Committee exposed earlier this month are part of a wider pattern of attacks against a much broader range of US political targets, according to new research by Dell SecureWorks. The same group of cyber-spies is predominantly spying on Russia and neighbouring countries but …
John Leyden, 29 Jun 2016

Fancy hacking Man City? Happy days: Footy club to host hackathon

Manchester City FC has detailed plans to become the first football club to host a data hackathon. The English Premier League Team hopes the event will lead to exclusive insights into the performance of football stars such as Joe Hart, Yaya Touré and Sergio Agüero. Participants in the weekend hack event will be offered access …
John Leyden, 29 Jun 2016
Plymouth Hoe, Devon. Pic: Shutterstock

Plymouth 'animal rights' teen admits Florida SeaWorld cyber attack

A British teenager has admitted taking part in cyber-attacks against Florida's SeaWorld theme park and Devon and Cornwall Police. However, the 16 year-old from Plymouth, Devon – who can’t be named for legal reasons – denied sending threatening messages to airlines. During a hearing at Plymouth’s youth court the youngster …
John Leyden, 29 Jun 2016

SWIFT hackers nick $10m from Ukraine bank

Hackers stole $10m from a Ukrainian bank by – yup, you guessed it – invading its computers and using the inter-bank transfer system SWIFT to shift their loot. The theft from an unnamed Ukrainian bank follows news of cyber-heists at other banks worldwide, most notoriously the lifting of $81m from an account held in New York …
John Leyden, 28 Jun 2016
NBC suit worker image via Shutterstock

You know how that data breach happened? Three words: eBay, hard drives

Users are unwittingly selling sensitive and unencrypted data alongside their devices through the likes of eBay and Craigslist. Secure data erasure firm Blancco Technology Group (BTG) purchased 200 second-hand hard disk drives and solid state drives before conducting a forensic analysis to find out what data was recoverable. …
John Leyden, 28 Jun 2016

Eat my reports! Bart ransomware slips into PCs via .zip'd JavaScript

The cybercrooks behind ransomware Dridex and Locky have started distributing a new file-scrambling software nasty dubbed Bart. Bart has a payment screen just like Locky's, and encrypts documents without first connecting to a remote command-and-control server to receive its orders. Bart may therefore be able to encipher Windows …
John Leyden, 28 Jun 2016

Crooks abusing Facebook to offer credit card samples

Crooks are using social networks like Facebook to offer free samples of stolen credit cards. Facebook is “not proactive enough” in dealing with the threat, according to Daniel Cohen, head of anti-fraud service for RSA in Israel. A simple search of “cvv2” inside Facebook turns up several stolen credit card freebie sample …
John Leyden, 27 Jun 2016
sale

Intel mulls sale of Intel Security – reports

Opinion Intel is reportedly looking to offload its Intel Security arm. The IT giant is investigating options for Intel Security cyber security business, the FT reports. These options include selling off the security software business formerly known as McAfee that the chip-maker bought for $7.7bn back in August 2010. Intel is yet to …
John Leyden, 27 Jun 2016
letters stuffed in a mailbox. Photo by SHutterstock

Botnet-powered ballot stuffing suspected in 2nd referendum petition

Brexit A petition for a second EU referendum in the UK has been hit by suspicions of computer automated ballot stuffing, possibly by politically motivated hackers. 77K fraudulent signatures have been removed from a petition calling for a second vote on the UK’s relationship with the European Union. The so-far identified fraudulent …
John Leyden, 27 Jun 2016

EU GDPR compliance still a thing for UK firms even after Brexit

BREXIT Many UK businesses will still face the burden of complying with recently introduced EU data protection rules even after Thursday's historic Brexit vote. UK businesses will be subject to the upcoming GDPR (General Data Protection Regulation), which comes into effect in April 2018, regardless of the EU Referendum result, …
John Leyden, 24 Jun 2016
shutterstock_225964027-pizz

'2nd referendum' topples site

The UK government’s parliament.uk website has crashed under the traffic of Remain voters demanding a second referendum. The result of Thursday’s vote defied expectations. Even so, security experts reckon that there are steps that public-facing websites can take in avoiding falling offline in the face of overwhelming demand. …
John Leyden, 24 Jun 2016
Magic act, image via Shutterstock

Look into our network, not around our network... you're under

Tactics successfully deployed by Field Marshal Bernard Law Montgomery against German Army officer Erwin Rommel in the battle of El Alamein have been applied in a cyber-technology that aims to outfox hackers. During the important WWII battle, allied forces deployed dummy tanks consisting of plywood frames placed over jeeps as a …
John Leyden, 24 Jun 2016
Happy man holds flag of Israel. Pic: Shutterstock

Israeli cybersecurity boom 'sustainable', argues industry’s father

Israel cyber week The "father" of Israel's cybersecurity industry reckons the unprecedented growth in its security startup industry can be sustained. Isaac Ben Israel, who heads the Interdisciplinary Cyber Research Center (ICRC) at Tel Aviv University, estimates there are 400 cybersecurity firms in Israel. Together with more established …
John Leyden, 22 Jun 2016

Stuxnet was the opening shot of decades of non-stop cyber warfare

The famous Stuxnet attack against Iran is credited by some as forestalling the alternative: a bombing raid by Israel against Iran’s nuclear facility. The use of such cyber-weapons in the future, however, may mean more countries end up in low-level conflicts more or less continuously. Military strategists are still grappling …
John Leyden, 22 Jun 2016
Screenshot from the movie Airplane!

'Plane Hacker' Roberts hacks cows

"Plane Hacker" Chris Roberts managed to make it to Israel before delivering a barnstorming presentation at the nation's Cyber Week security conference. The larger-than-life Highland Games participant told delegates how he discovered it was possible to hack milking machines in the wake of 2014's Scottish referendum result. …
John Leyden, 21 Jun 2016
Robot touches screen with finger. Photo via Shutterstock

Israel and US forge human-free cyber info-sharing pact

The US and Israel and due to announce a bilateral threat sharing programme involving co-operation between the two allies' Computer Emergency Response Teams. The agreement, due to be signed on Tuesday, was trailed in respective conference speeches by Alejandro Mayorkas, deputy secretary of US Homeland Security and Dr Eviatar …
John Leyden, 20 Jun 2016
Cheban's blingy watch

Sirin Labs' Solarin isn't for pro-privacy bankers. It's for rich execs who want bling

El Reg got hands-on with the Solarin $14,000 ultra-high-end Android smartphone during a trip to Tel Aviv this week. As previously reported, the Solarin handset is an Android-based smartphone pitched at privacy-conscious executives and the ultra-wealthy. The smartphone comes with a 24 megapixel camera and integrated 3D audio …
John Leyden, 20 Jun 2016
Enter your password by https://www.flickr.com/photos/49889874@N05/ cc 2.0 attribution generic https://creativecommons.org/licenses/by/2.0/

GitHub presses big red password reset button after third-party breach

GitHub has reset the passwords of users targeted in an attack this week that relied on using stolen credentials from a breach at a third party site. The software repository itself has not suffered a breach. Hackers behind the assault were trying to break into the accounts of users who had inadvisedly used the same login …
John Leyden, 16 Jun 2016

Smut shaming: Anonymous fights Islamic State... with porn

Elements of the Anonymous hacking collective have switched tactics in a campaign against supporters of the self-style Islamic State by attempting to shame and humiliate jihadists by adding pornographic images to their social media profiles. The smut-smearing follows months of attempting to report jihadist profiles on social …
John Leyden, 16 Jun 2016
Lady eating a sandwich checking her mobile phone

Biz networks' DNS troubles

More than four in five (83 per cent) of enterprise networks show evidence of malicious DNS activity. Malware such as botnets, the ZeuS banking malware, distributed denial of service (DDoS) traffic and the CryptoLocker ransomware generated malicious lookup queries picked up in a new study by DNS security specialists Infoblox …
John Leyden, 16 Jun 2016