John Leyden

Contact Mail Follow Twitter RSS feed
Gmail icon photo by I AM NIKOM via Shutterstock

Mysterious Gmail account lockouts prompt hack fears

Updated A substantial number of Gmail users have been affected by a potential but unconfirmed hack of unknown origin or purpose. El Reg learnt of the issue following a tip from a self-described "very security conscious" IT professional who got locked out of his Gmail account. This happened after one of his security phone numbers was …
John Leyden, 24 Feb 2017

South Korea targeted by cyberspies (again). Kim, got something to say?

The South Korean public sector is once again in the firing line of a sophisticated – and likely government-backed – cyberattack. The campaign was active between November 2016 and January 2017 and relied on exploiting vulnerabilities in a Korean language word processing program and a spoofed document from the Korean Ministry of …
John Leyden, 24 Feb 2017

'First ever' SHA-1 hash collision calculated. All it took were five clever brains... and 6,610 years of processor time

Google researchers and academics have today demonstrated it is possible – following years of number crunching – to produce two different documents that have the same SHA-1 hash signature. This proves what we've long suspected: that SHA-1 is weak and can't be trusted. This is bad news because the SHA-1 hashing algorithm is used …
Image by IfH http://www.shutterstock.com/gallery-1288723p1.html

Deutsche Telekom hack suspect arrested at London airport

UK police have arrested a suspect in connection with an attack that infected nearly 1 million Deutsche Telekom routers last November. The as-yet-unnamed 29-year-old British suspect was arrested at a London airport by officers from the UK's National Crime Agency (NCA) on Wednesday, Reuters reports. The attack on Germany's …
John Leyden, 23 Feb 2017

Privacy concerns over gaps in eBay crypto

eBay uses HTTPS on its most critical pages, such as those where payment or address information is entered, but a lack of encryption on several sensitive pages still poses a concern for the privacy conscious. Many pages on the site, which require user input or contain their personal info, are not HTTPS encrypted, according to …
John Leyden, 22 Feb 2017
Falling profits

Infosec firm NCC Group launches review over crap financials

Cybersecurity firm NCC Group has launched a strategic review after issuing a profit warning. The company announced on Tuesday that the performance of its assurance division will be significantly lower than anticipated. This will hit its overall financial results for the full year ending 31 May, 2017. NCC now expects that the …
John Leyden, 22 Feb 2017
Ben Mezrich, Once Upon a Time in Russia: The Rise of the Oligarchs and the Greatest Wealth in History

Hacking group RTM able to divert bulk financial transfers with malware

Cybercrime group RTM is deploying complex malware based in the Delphi programming language to target Remote Banking Systems (RBS), a type of business software used to make bulk financial transfers. The problem was severe enough to warrant an advisory from FinCERT, a Russian CERT responsible for fighting cybercrime targeting …
John Leyden, 21 Feb 2017

TeamSpy hackers get the crew back together after four-year hiatus

Updated Cybercrooks have once again begun slinging malware that subverts elements of the legitimate TeamViewer remote control app to snoop on victims. The tactic was previously seen in 2013. Attacks typically begin with booby-trapped emails harbouring malicious attachments that pose as eFax messages. If installed, the malicious code …
John Leyden, 21 Feb 2017
Sad Android

Beeps, roots and leaves: Car-controlling Android apps create theft risk

Insecure car-controlling Android apps create a heightened car theft risk, security researchers at Kaspersky Lab warn. Boffins at the security software maker made the warning after putting Android apps from seven (unnamed) car makers through their paces, uncovering a raft of basic security flaws in the process. During recent …
John Leyden, 20 Feb 2017
US Flag and money

US account holders more likely to switch banks following fraud

Account holders in the US are more likely to switch banks in the aftermath of fraud, according to a new study. Researchers at Carnegie Mellon University found that people who had their information compromised were more likely to terminate their relationship with the bank within six months of a fraudulent event, even if they …
John Leyden, 17 Feb 2017

Mystery deepens over Android spyware targeting Israeli soldiers

Hackers are continuing to target Israeli Defence Force (IDF) personnel with Android spyware but doubts have emerged that Hamas is behind the cyber-spying operation. ViperRAT has been specifically designed to exfiltrate information of high value from compromised devices. "Many of these samples are still active and are …
John Leyden, 17 Feb 2017
Cookie Monster

Haven't deleted your Yahoo account yet? Reminder: Hackers forged login cookies

Yahoo! is reminding folks that hackers broke into its systems, and learned how to forge its website's session cookies. That allowed the miscreants to log into user accounts without ever typing a password. In warnings emailed out this week, the troubled web biz said accounts were infiltrated in 2015 and 2016 using forged …
John Leyden, 16 Feb 2017
Conveyor belt production of jam-topped biscuits. Photo by Shutterstock

F-Secure buys industrial control security firm

F-Secure has acquired hardware and embedded system security firm Inverse Path. Financial terms of the deal, announced on Thursday, were undisclosed. Inverse Path provides focus hardware security technology to specialist sectors including automotive, avionics and industrial control, as well as traditional software applications …
John Leyden, 16 Feb 2017

Rasputin whips out large intimidating tool, penetrates uni, city, govt databases – new claim

A Russian-speaking miscreant dubbed "Rasputin," who potentially hacked into the US Election Assistance Commission and sold access to its systems, has struck again, it is claimed. Rasputin has allegedly infiltrated database servers within 60 organizations, US government agencies, and international universities. These victims …
John Leyden, 15 Feb 2017

UK credit broker fined £120k for spamming folk with five million texts

Updated A UK credit broker has been fined £120,000 for sending more than five million unlawful text messages. Digitonomy besieged customers with unsolicited loan offers, prompting 1,464 complaints from privacy-conscious consumers between April 2015 and February 2016. An investigation by data privacy watchdogs at the Information …
John Leyden, 15 Feb 2017
Confidential on white screen in boardroom. Photo by Shutterstock

Pwnd Android conference phone exposes risk of spies in the boardroom

Security researchers have uncovered a flaw in conference phone systems from Mitel that create a means for hackers to listen in on board meetings. Boffins at Context Information Security managed to gain root access and take full control of a Mitel MiVoice Conference and Video Phone, potentially enabling them to listen to …
John Leyden, 15 Feb 2017

Kremlin-linked hackers believed to be behind Mac spyware Xagent

Kremlin-linked spies have been blamed for cooking up malware called Xagent, which targets victims running macOS to steal passwords, grab screenshots and exfiltrate iPhone backups stored on the Mac. Preliminary analysis by security software firm Bitdefender has uncovered links to the APT28 cyber-espionage group, elsewhere …
John Leyden, 15 Feb 2017
Robots, image via Shutterstock

Battle of the botnets: My zombie horde's bigger than yours

DDoS attacks more than doubled in the last quarter of 2016 compared to the same period the year before. Although the infamous Mirai IoT botnets accounted for many of the most severe attacks, the biggest single assault came from a different zombie network, according to a new study by Akamai out Tuesday. Attacks greater than …
John Leyden, 14 Feb 2017
Heart falls into crack. Photo by Shutterstock

UK website data insecurity worries: Users in bits over car break-up emails

Updated Popular car parts website PartsGateway.co.uk is dangerously insecure, a veteran UK security consultant warns. The warning from Paul Moore comes in the midst of ongoing social media complaints (example here) by customers who say they have received phishing mails containing personal addresses and phone numbers. One of the users …
John Leyden, 14 Feb 2017

Roses are red, you're over the moon, 'cos you work in infosec, and you're retiring soon

The UK's aging cybersecurity workforce is approaching a "retirement cliff edge," according to a new survey. Only six per cent of UK companies are recruiting graduates, while 66 per cent already have a cybersecurity skills shortage due to being unable to find qualified personnel, according to a poll by cybersecurity …
John Leyden, 14 Feb 2017
bomb

Brave VMs to destroy themselves, any malware they find on HP's new laptop

HP has announced plans to integrate Bromium's virtualization technology into a laptop as a defence against malware. The soon-to-be-launched EliteBook x360 1030 G2 will feature virtualization-based security built in to the hardware in the form of a feature called Sure Click, which will go on general availability in Spring. The …
John Leyden, 13 Feb 2017
spies_648

Russia and China bombard Blighty with 188 cyberattacks in 3 months

Britain has been hit by 188 "high-level attacks" in the last three months. Some of these attempts include Russian state-sponsored hackers trying to steal defence and foreign policy secrets, according to the UK's newly appointed National Cyber Security Centre chief Ciaran Martin. Russian and Chinese attacks on defence and …
John Leyden, 13 Feb 2017
James Franco clutches puppy alongside Seth Rogen in a still from The Interview

Worldwide bank attack blitz linked to Sony Pictures hacking crew

Evidence has surfaced that hackers blamed for the infamous Sony Pictures hack and the notorious Bangladesh Central Bank account heist have launched a fresh wave of assaults. The so-called Lazarus hackers are currently targeting scores of banks and other organisations across 31 countries, Symantec warns. The attacks appeared …
John Leyden, 13 Feb 2017
AI

Despite the spiel, we're still some decades from true anti-malware AI

Opinion The cybersecurity industry is investing heavily in "machine learning" technologies in the hope of providing a more dynamic defence against malware. The practical upshot of this is that the delegates to the RSA Conference next week are likely to hear a lot about artificial intelligence in next-generation antivirus (NGAV) even …
John Leyden, 13 Feb 2017

Lovely. Now someone's ported IoT-menacing Mirai to Windows boxes

The Mirai malware that hijacked hundreds of thousands of IoT gadgets, routers and other devices is now capable of infecting Windows systems. The software nasty, discovered in August 2016, broke into heaps of insecure Linux-powered gizmos worldwide before running distributed denial of service attacks, most notably against DNS …
John Leyden, 10 Feb 2017

Biting the hand that feeds IT © 1998–2017