John Leyden

Contact Mail Follow Twitter RSS feed
Abbott and Costello dressed as policemen

Welsh police force fined £160,000 after losing sensitive video interview

South Wales Police has been hit with a £160,000 fine for losing a video recording which formed part of the evidence in a sex abuse case. The lost DVDs contained film of an interview with a victim, who had been sexually abused as a child. Despite the DVDs containing a graphic and disturbing account of events, the discs were …
John Leyden, 18 May 2015

High-level, state-sponsored Naikon hackers exposed

The activities of yet another long-running apparently state-sponsored hacking crew have finally been exposed. The Naikon cyber-espionage group has been targeting government, military and civil organisations around the South China Sea for at least five years, according to researchers at Kaspersky Lab. The Naikon attackers appear …
John Leyden, 18 May 2015
spy_eye_648

Mobile spyware firm mSpy hacked, clients doxxed on dark web

Mobile spyware firm mSpy's database has appeared on the dark web, following an apparent hack on its systems last week. Emails, text messages, payment details, Apple IDs, passwords, photos and location data for mSpy users have all been exposed, according to investigative reporter Brian Krebs, who broke the story about the …
John Leyden, 15 May 2015

Starbucks denies mobile app hack, blames careless customers

Starbucks has rebuffed claims that its mobile app has been hacked, in the wake of reports that scores of its US customers have suffered from credit card fraud. The coffee chain’s US customers have been reporting the theft of hundreds of dollars from their credit cards, in a series of scams seemingly linked to auto top-ups on the …
John Leyden, 15 May 2015
Venomous snake

VENOM virtual vuln proves less poisonous than first feared

Analysis A newly discovered vulnerability in many popular virtual machine platforms is serious, but nowhere near as bad as last year’s Heartbleed vulnerability, according to security experts. Dubbed VENOM (Virtualized Environment Neglected Operations Manipulation), the zero-day flaw takes advantage of the “virtual floppy disk controller …
John Leyden, 14 May 2015
botnet

Chinese cyber-spies hid botnet controls in MS TechNet comments

Cyber-spies are increasingly attempting to hide their command and control operations in plain sight by burying their command infrastructure in the forums of internet heavyweights, including Microsoft. FireEye and Microsoft have successfully shut down the Chinese threat actor APT17’s use of the MSFT TechNet blog to hide their …
John Leyden, 14 May 2015

Home routers co-opted into self-sustaining DDoS botnet

Hackers have established "self-sustaining" botnets of poorly secured routers, according to DDoS mitigation firm Incapsula. The hijacked routers – located mostly in Thailand and Brazil – were easy pickings for hackers because of the use of factory-default usernames and passwords. Knowledge of these login credentials allowed …
John Leyden, 13 May 2015

Infosec bods demo GPU keylogger. Don't tell the NS... oh, wait

Security researchers have demonstrated how malicious code can be run on graphics processors (GPUs) rather than the central processing unit (CPUs) at the heart of a computer. Team Jellyfish's Demon keylogger proof-of-concept code operates in a blind spot that conventional security software is simply not designed to inspect. The …
John Leyden, 13 May 2015
Angela Merkel. Pic: Christliches Medienmagazin

WikiLeaks, er, leaks the Bundestag Inquiry into NSA naughtiness

Transcripts of a German parliamentary inquiry into the NSA have been leaked by WikiLeaks. The searchable files cover 10 months of hearings, which have not been as open as authorities would have us believe, according to WikiLeaks. "Despite many sessions being technically public, in practice public understanding has been …
John Leyden, 13 May 2015
GCHQ as seen on Google Earth

GCHQ puts out open recruitment call for 'white hat' hackers

GCHQ is openly recruiting computer network operations specialists for the first time. The signals intelligence agency is looking to hire an unspecified number of staff to work in both cyber-security and cyber-intelligence roles. Roles include working in teams "detecting and preventing attempts to attack the critical national …
John Leyden, 12 May 2015
US cashpoint. Pic: Tax Credits

Are you an infosec bod? You must be STINKING RICH, says study

Jobs in the lucrative cyber-security sector can command salaries of $200,000 or more, according to a new salary survey. Lead software security engineer pull in an average of $233,333 while Chief Security Officer ($225,000) and Global Information Security Director ($200,000) also receive serious salaries. A new study of 2015 …
John Leyden, 12 May 2015
"MauthausenCrematorium" by ‏Harel‏ • שיחה. Original uploader was Harel at he.wikipedia - Transferred from he.wikipedia; transferred to Commons by User:Faigl.ladislav using CommonsHelper.(Original text : אני צילמתי). Licensed under Public Domain via Wikimedia Commons - http://commons.wikimedia.org/wiki/File:MauthausenCrematorium.JPG#/media/File:MauthausenCrematorium.JPG

Cyber-scum deface Nazi concentration camp memorial website

Sicko cyber-crooks defaced the Mauthausen-Gusen concentration camp memorial website with images of child abuse late last week. The attack on the site coincided with the run up to the 70th anniversary of the liberation of the Nazi death camp by US troops in May 1945 as well as wider VE-Day commemorations. The site (en.mauthausen …
John Leyden, 11 May 2015
Glorious future of China

Russia and China seal cyber non-hack pact

Russia and China have promised to play nicely and not hack each other. The two countries also agreed to jointly counteract technology that may "destabilise the internal political and socio-economic atmosphere", "disturb public order" or "interfere with the internal affairs of the state", the Wall Street Journal reports. The …
John Leyden, 11 May 2015
The Beatles’ original mono studio albums remastered for vinyl release

You say you want a musical revolution. Actually, have three

‪Pop music history has been marked by three distinct revolutions over the last 50 years, according to data-crunching boffins.‬ Three epochal years – 1964, 1983 and 1991 – marke, the greatest upheavals in musical tastes, according to Queen Mary University of London and Imperial College London, based on an analysis of more than 17 …
John Leyden, 11 May 2015
A person measuring her waistline

FTC slaps orders on alleged diet pill spamvertising scam scum

Watchdogs at the US FTC (Federal Trade Commission) have obtained a restraining order against alleged diet pill scammers. The “Com Spammers”, nick-named over their use of domain names in the form of com-XXX.net, where XXX are three or four random characters, have been pushing out huge volumes of email and SMS spam for years. The …
John Leyden, 08 May 2015

Get ready: 'Critical' Adobe Reader patches coming on Tuesday 12 May

Adobe has pre-announced plans to release cross-platform security updates for Adobe Reader and Acrobat next Tuesday (12 May). Windows and Mac versions of Adobe Reader XI (11.0.10, 10.1.13) as well as Adobe Acrobat XI (11.0.10, 10.1.13) will all need patching against (unspecified) critical vulnerabilities in the software. Adobe …
John Leyden, 08 May 2015

NSA domestic dragnet NOT authorised by Patriot Act, rules US Appeals Court

The NSA's bulk collection of Americans' phone call records may be illegal, a US federal appeals court has ruled. The US Second Circuit Court of Appeal unanimously ruled that the NSA's bulk telephone metadata1 program was not authorised by section 215 of the Patriot Act, voiding an earlier ruling by a lower court. The US District …
John Leyden, 07 May 2015
Angela Merkel. Pic: Christliches Medienmagazin

Red-faced Germans halt NSA cooperation after Euro spying revealed

Germany has reportedly pulled the plug on cooperation with the NSA following controversy over the role of its BND secret service assisting with US spying ops targeted at European politicians and firms, including Airbus.‬ BND's listening station in Bad Aibling has reportedly stopped passing on intelligence harvested from local …
John Leyden, 07 May 2015
apple mac malware vxer

Ex-NSA security bod fanboi: Apple Macs are wide open to malware

A former NSA staffer turned security researcher is warning that bypassing typical OS X security tools is trivial. Patrick Wardle, a former NSA staffer and NASA intern who now heads up research at crowd-sourced security intelligence firm Synack, found that Apple's defensive Gatekeeper technology can be bypassed allowing unsigned …
John Leyden, 07 May 2015

F*cking DLL! Avast false positive trashes Windows code libraries

A misfiring signature update from anti-virus developer Avast triggered all sorts of problems on Wednesday. Avast acted promptly by withdrawing the definition update but not before numerous users had fallen foul of the problem. The withdrawn update incorrectly labelled various libraries (dlls) on Windows PCs as potentially malign …
John Leyden, 07 May 2015
Infosec

Lenovo system update flaws plugged, security world not impressed

Lenovo faces renewed accusations of lax security practices - just three months after the Superfish debacle - after it was obliged to fix flaws in its software update system. Security researchers at IOActive uncovered a mechanism that would have allowed hackers to create a fake certificate authority in order to sign executables. …
John Leyden, 06 May 2015
Woman puts hand in camera lens. Pic: Steve Purkiss

Security bods gagged using DMCA on eve of wireless key vuln reveal

Updated Researchers at IOActive have been slapped with a DMCA (Digital Millennium Copyright Act) gagging order a day before they planned to release information about security vulnerabilities in the kit of an as-yet unidentified vendor*. A redacted version of the legal notice – posted on Google+ – has reignited the long standing debate …
John Leyden, 05 May 2015

Metasploit maker Rapid7 gobbles web app security testing firm

Metasploit firm Rapid7 has snapped up web and mobile application security testing company NT OBJECTives (NTO). Financial terms of the deal, announced Monday, were undisclosed. Rapid7 has folded NTO’s application security testing product, renamed as Rapid7 AppSpider, into its security data and analytics platform to give customers …
John Leyden, 05 May 2015
Wall of Spam. Pic: freezelight

Wordpress munching contagion turns Linux servers into spam bots

The Mumblehard malware is turning Linux and BSD server into spam-spewing zombies. Security researchers at ESET have logged over 8,500 unique IP addresses during a seven-month research period looking into the junk-mail-linked malware menace. Mumblehard is made up of two different components. The first component is a generic …
John Leyden, 01 May 2015

Google Password Alert could be foiled with just 7 lines of JavaScript

Google has been obliged to revise its Password Alert anti-phishing protection just hours after releasing it when security researchers showed how the technology was easily circumvented. Security consultant Paul Moore (@Paul_Reviews) has published a proof-of-concept JavaScript exploit that skirted the defensive technology with …
John Leyden, 01 May 2015
Derailed train wagon. Pic: New York MTA

Major London rail station reveals system passwords during TV documentary

Updated What looks like system passwords at one of London's busiest railway stations – printed and attached to the top of a station controller's monitor – were exposed to viewers during a BBC documentary on Wednesday night. The login credentials were visible just before the 44 minute minute mark in the documentary Nick and Margaret: The …
John Leyden, 01 May 2015
michael_oleary_ryanair_650

Ryanair stung after $5m Shanghai'd from online fuel account

Budget airline Ryanair has fallen victim to a $5m hacking scam. Crooks siphoned off money from an account earmarked for the payment of fuel bills via an electronic transfer to a bank in China last week. The transfer was subsequently blocked, but the funds – earmarked to pay for aviation fuel for Ryanair's 400-plus Boeing 737-800 …
John Leyden, 30 Apr 2015
Siemens GSM-R train cab radio. Pic: Joshua Brown

UK rail comms are safer than mobes – for now – say infosec bods

Analysis Last week's warning that Britain's railway systems could be susceptible to hacking has triggered a debate among security experts. Prof David Stupples of City University London made headlines last week with a warning that plans to replace the existing (aging) signalling system with the new European Rail Traffic Management System …
John Leyden, 30 Apr 2015
Printed key

SHA-1 crypto hash retirement fraught with problems

The road towards phasing out the ageing SHA-1 crypto hash function is likely to be littered with potholes, security experts warn. SHA-1 is a hashing (one-way) function that converts information into a shortened "message digest", from which it is impossible to recover the original information. This hashing technique is used in …
John Leyden, 30 Apr 2015

DDoSsers use reflection amplification to crank up the volume to 100Gbps+

DDoS attacks have grown in volume yet again with 25 attacks larger than 100Gbps globally in Q1 2015, according to the latest stats from DDoS mitigation firm Arbor Networks. The majority of recent super-sized attacks leverage a reflection amplification technique using Network Time Protocol (NTP), Simple Service Discovery Protocol …
John Leyden, 28 Apr 2015
No junk mail. Pic: gajman, Flickr

SendGrid infosec chief eats humble pie, admits email service hacked

Marketing email distribution service SendGrid is asking customers to switch passwords after admitting it got hacked. The move follows the realisation that a previously reported hack is a bigger deal than previously imagined. The initial alert was triggered after the SendGrid account of Bitcoin exchange Coinbase was compromised …
John Leyden, 28 Apr 2015
Archer cracks the ISIS mainframe's password

'Use 1 capital' password prompts make them too predictable – study

A new study has found that password structure is a key flaw in making login IDs hard to guess. Security firm Praetorian analyzed 34 million stolen passwords from the LinkedIn, eHarmony and Rockyou breaches and found that 50 per cent of all passwords followed 13 basic structures. This lack of entropy makes it possible to use …
John Leyden, 27 Apr 2015
Manneken pis wears football kit. Source: James Cridland, Flickr

Tesla Twitter account and website hijacked, Elon Musk pwned

The website and Twitter account of carmaker Tesla were hacked over the weekend, as part of what looks like a prank between rival hackers. Elon Musk’s personal Twitter account was also hijacked on Saturday night (US time) by miscreants who at one point claimed to be from the infamous Lizard Squad hacking crew. The name …
John Leyden, 27 Apr 2015

Here's why the Pentagon is publishing its cyber-warfare rulebook – if China hasn't already hacked in and read it

The Pentagon has published an outline of its cyber-warfare strategy for the first time, revealing the conditions under which it will hack enemy nations. And Defense Secretary Ashton Carter, speaking at Stanford University, has named China, Russia, Iran, and North Korea as the US's greatest adversaries in computer security. …
John Leyden, 24 Apr 2015
The NSA Unchained

The big boys made us do it: US used German spooks to snoop on EU defence industry

Germany's BND spy agency spied on European politicians and enterprises at the behest of the NSA for over a decade. Der Spiegel reports (in German) that for years the NSA sent its counterparts at the BND (Bundesnachrichtendienst – Germany's Federal Intelligence Service) thousands of so-called selectors – IP addresses, emails, and …
John Leyden, 24 Apr 2015
Derailed train wagon. Pic: New York MTA

UK rail signals could be hacked to cause crashes, claims prof

The rollout of a next generation train signalling system across the UK could leave the network at greater risk of hack attacks, a university professor has claimed. Prof David Stupples warns that plans to replace the existing (aging) signalling system with the new European Rail Traffic Management System (ERTMS) could open up the …
John Leyden, 24 Apr 2015
Samsung Galaxy S5

Got a Samsung Galaxy S5? Crooks can steal your fingerprint – claim

RSA 2015 Malware can snaffle fingerprints used to unlock Samsung Galaxy S5 smartphones thanks to a security blunder, researchers claim. The vulnerabilities, due to be discussed at the RSA security conference in San Francisco this week, may be present in non-Samsung Android mobiles, too. Today's smartphones recognize their owners' …
John Leyden, 23 Apr 2015

Infosec bods can now sniff out the NSA's Quantum Insert hacks

Security researchers have developed a method for detecting NSA Quantum Insert-style hacks. Fox-IT has published free open-source tools to detect duplicate sequence numbers of HTTP packets, with different data sizes, that are the hallmarks of Quantum Insert. The utilities developed by Fox-IT are capable of exposing fiddling with …
John Leyden, 23 Apr 2015
Headshot of Trojan horse

Banking trojan scourge gallops on, despite more fences

RSA 2015 Banking botnets persist as a threat despite recent high-profile takedowns which only achieve a temporary calming effect, according to a new study from Dell SecureWorks. Between mid-2014 and early 2015, coordinated efforts involving law enforcement and private-sector industry disrupted three of the most active banking botnets ( …
John Leyden, 23 Apr 2015
The US White House. Pic: Roman Boed

CozyDuke hackers targeting prominent US targets

A newly discovered group of cyber-spies are closely targeting high profile US targets, possibly including both the White House and the State Department. The so-called CozyDuke hackers make extensive use of spear-phishing, sometimes using emails containing a link to a hacked (otherwise legitimate) websites such as "diplomacy.pl …
John Leyden, 22 Apr 2015
Meme of a dog "typing" at a computer, with the large font phrase "I have no idea what I'm doing' above him.

It's official: David Brents are the weakest link in phishing attacks

Middle management are increasingly becoming the focus of phishing attacks, according to a new study. Managers received more malicious emails and doubled their click rates year-on-year, according to a study by security company ProofPoint. Senior staff seemed more clued up about dodgy emails, meaning managers and staff clicked on …
John Leyden, 22 Apr 2015

ID yourself or get NOTHING (except Framework), snarls Metasploit

Metasploit Pro and Community users outside North America now need to prove who they are, thanks to changes introduced this week and a tightening of encryption export rules. The open source Metasploit Framework (a computer security project) is not affected by the new rules. "[This] is yet another reminder that governments have …
John Leyden, 21 Apr 2015

Nork hackers no pantomime villains, but a hugely unpredictable menace

RSA 2015 North Korea's cyber attack on Sony Pictures revealed two uncomfortable truths about cybersecurity: businesses don't have to be an obvious target to get hacked, and their aggressors don't have to be superpowers. Welcome, ladies and gentleman, to the world of asymmetric warfare on the interwebs, a themes that's likely to feature …
John Leyden, 21 Apr 2015
Hacked US CENTCOM Twitter account

IT'S WAR: Hacktivists throw in their lot with spies and the military

Feature Hacktivism has lost its innocence. Once characterised in the early days of Anonymous back in 2008 by assaults against the Church of Scientology, it has now become part and parcel of far darker plans, such as the spread of terrorist propaganda by Islamic militants. Meanwhile, over in the Ukraine, cyber militias of patriot hackers …
John Leyden, 20 Apr 2015
Raytheon Patriot

Raytheon borgs Websense to create cybersecurity behemoth

Defence giant Raytheon has agreed a deal with Vista Equity Partners to form a new company combining Websense with Raytheon Cyber Products. The new joint venture (Raysense? Webtheon?) will combine Raytheon Cyber Products with Websense's TRITON line of web filtering and other enterprise security products. Raytheon – known for the …
John Leyden, 20 Apr 2015
The Kremlin in Moscow. Pic: Pavel Kazachkov

Kremlin hackers exploited TWO 0-day Flash, Windows vulns

A hacking group probably backed by Russia has been making use of two zero-day exploits to target foreign governments. The so-called "Operation RussianDoll" attackers used zero-day exploits in Adobe Flash and Windows to target a specific foreign government organisation. Security firm FireEye says the pattern of the attacks fits …
John Leyden, 20 Apr 2015

Anonymous unleashes online petition against US info-sharing bills

Activist and hacktivist collective Anonymous has launched an online awareness-raising operation opposing pending controversial US information-sharing bills. Critics from across the political spectrum, including libertarian-minded technologist Robert Graham, argue that the Cybersecurity Information Sharing Act sacrifices privacy …
John Leyden, 20 Apr 2015

Colombian hacker who spied on gov-rebel peace talks jailed for 10 years

A Colombian hacker has been incarcerated for 10 years for spying on the local government’s peace talks with Marxist rebels, among other offences, Fox News Latino reports. Andrés Sepúlveda received the harsh sentence even after he admitted snooping on both sides during government negotiations with the Revolutionary Armed Forces …
John Leyden, 17 Apr 2015
Two upended shopping trolleys in an alleyway. Photo by Cyron, licensecd under CC 2.0

Bank-card-sniffing shop menace Punkey pinned down in US Secret Service investigation

Security researchers have identified a new strain of point-of-sale (POS) malware during an investigation led by the US Secret Service. Stolen payment card information and the IP addresses of more than 75 infected sales tills were found by security researchers at Trustwave during the probe. It's unclear how many victims the so- …
John Leyden, 16 Apr 2015

Miscreants rummage in lawyers' silky drawers at will, despite warnings

UK data privacy watchdogs at the ICO investigated 173 UK law firms for reported breaches of the Data Protection Act (DPA) last year. A total of 187 incidents were recorded last year, with 173 firms investigated for a variety of DPA-related incidents, of which 29 per cent related to "security" and a similar 26 per cent related to …
John Leyden, 16 Apr 2015