John Leyden

Contact Mail Follow Twitter RSS feed

36 firms at risk from that unpatched 2010 SAP vuln? Try 500+

Analysis A vulnerability in SAP systems that some enterprises have failed to patch for six years is more difficult to fix than previously reported and estimates of enterprise exposure are way too low, according to the security consultancy that originally found it. US-CERT took the unprecedented move on Wednesday of enumerating in an …
John Leyden, 13 May 2016
2001: A Space Odyssey

Lie back and think of cybersecurity: IBM lets students loose on Watson

IBM is teaming up with eight North American universities to further tune its cognitive system to tackle cybersecurity problems. Watson for Cyber Security, a platform already in pre-beta, will be further trained in “learning the nuances of security research findings and discovering patterns and evidence of hidden cyber attacks …
John Leyden, 12 May 2016
shutterstock_184661174

There's a hole in your website

USA Networks hacking TV show Mr Robot’s promo site aped reality by running with a security hole earlier this week. White Hat hacker Zemnmez unearthed a Cross-Site Scripting (XSS) vulnerability in the official Mr Robot website on Tuesday, just after NBC Universal launched a promo for the second series of the hit TV show. The …
John Leyden, 12 May 2016
Giant burger

Burger-slinger Wendy’s admits: Cash-till data breach hit 1 in 20 outlets

Wendy’s confirmed on Wednesday that malicious software affected PoS (point-of-sale) devices in around 300 of the burger chain’s 5,500 franchised stores, or about five per cent of all its restaurants in North America. The update on Wednesday quantifies the extent of a previously announced breach and came as Wendy’s announced …
John Leyden, 12 May 2016

Free tool aims to make it easier to find vulns in open source code

DevOps outfit SourceClear has released a free tool for finding vulnerabilities in open-source code. SourceClear Open is touted as a means for developers to identify known and emerging security threats beyond those in public and government databases. “Developers are being held more accountable for security and demanding tools …
John Leyden, 11 May 2016
Man in a suit drinking tea out doors reading from his tablet

ImageMagick hexed again

A security researcher has found yet more security problems on ImageMagick. Hanno Böck discovered a heap overflow and an out-of-bounds read bug on the site, which is used by many web firms to process images submitted by users. Both flaws have been fixed, allowing Böck to go public with his find, which he uncovered using fuzzing …
John Leyden, 11 May 2016

Malware on Google Play

More apps with malware have been found in Google's app store. Several applications are infected with the "Viking Horde" malware, including Viking Jump, Wi-Fi Plus, Memory Booster, Parrot Copter, and Simple 2048, security firm Check Point warns. The Viking Horde malware creates a mobile botnet for ad-click fraud and scamming …
John Leyden, 11 May 2016

Brexit campaign group fined £50k for sending half a million spam texts

Pro-Brexit group Leave.EU has been fined £50,000 for sending up to 500,000 unsolicited text messages urging people to support its campaign, the Information Commissioner’s Office (ICO) said today. The group, registered as Better for the Country Ltd and funded by millionaire UKIP donor Arron Banks, broke the law by not having …

Huge embarrassment over fisting site data breach

A data breach at a forum for "anal fisting" has resulted in the exposure of 107,000 accounts. More than a third (37 per cent) of those affected by the Rosebutt Board were already included in the Have I Been Pwned? site, according to security researcher Troy Hunt. Victims will be able to use Have I Been Pwned? to check whether …
John Leyden, 11 May 2016

UAE InvestBank 'hack' looks like stale, recycled data from last year

Hackers linked to the Qatar National Bank (QNB) breach have leaked data siphoned from the UAE’s InvestBank. A database containing credit card details and passport scans has leaked online by the same Turkish hacker crew – Bozkurt Hackers – who were also blamed for the QNB breach. However, early reports suggest that the latest …
John Leyden, 10 May 2016

Hackers' paradise: Outdated Internet Explorer, Flash installs in enterprises

A quarter of all Windows devices are running outdated and unsupported versions of Internet Explorer, exposing users to more than 700 known vulnerabilities in process. A study by mobile two-factor authentication firm Duo Security released today further reports that three in five (60 per cent) Flash users are running an out-of- …
John Leyden, 10 May 2016
Bank vault

Transfer techies at SWIFT tell Bangladesh Bank: Don't shift blame for $81m cyberheist

SWIFT has firmly rejected Bangladeshi claims that mistakes on its part are to blame after $81m was looted from Bangladesh’s central bank. Bangladeshi officials claimed earlier this week that technicians from SWIFT had introduced vulnerabilities into the bank's network when connecting a Real-Time Gross Settlement (RTGS) system …
John Leyden, 10 May 2016
Silhouette of spy discerning password from code uses a command on graphic user interface

SS7 spookery on the cheap allows hackers to impersonate mobile chat subscribers

Flaws in the mobile signalling protocols can be abused to read messaging apps such as WhatsApp and Telegram. Security researchers at Positive Technologies found they can intercept messages and respond as if they were the intended recipient in services such as WhatsApp or Telegram. This is not a man in the middle attack: …
John Leyden, 10 May 2016

Babycare e-tailer Kiddicare admits customer data breach

Babycare retailer Kiddicare has warned customers that personal data shared with the store has been stolen by hackers. The compromised data is restricted to name, delivery address, telephone number and email address, according to Kiddicare, which is keen to stress that customer payment details or credit/debit card information …
John Leyden, 09 May 2016

UK.biz is still clueless at fending off malware attacks, says survey

Two-thirds of large UK businesses were hit by a cyber breach or attack in the past year, according to a UK government-sponsored survey. Nearly seven out of 10 attacks on all firms involved viruses, spyware or malware according to a poll of UK enterprises carried out as part of the Cyber Security Breaches Survey. Following the …
John Leyden, 09 May 2016
Russia

Anons 'hack, leak Russian Facebook' boss's personal email

Hacktivists have leaked what could be the email inbox of Boris Dobrodeev – the boss of Russian social network VK, previously known as VKontakte. The personal account dumped online contains letters from 2014 discussing budget negotiations for VK – the Russian language equivalent of Facebook – as well as the proposed agenda for …
John Leyden, 06 May 2016

Apple needs silver bullet to slay App Store's escaped undead – study

Online software bazaars – such as Apple's App Store and Google Play – need to claim responsibility for "dead applications" and notify people when their programs have been revoked or removed, a study by security firm Appthority recommends. “Dead apps” are those that have been removed from an app store, but remain on devices – …
John Leyden, 06 May 2016
Blackmail

Ransomware grifters offer to donate proceeds of crime to charity

Ransomware crooks are offering to donate ransom fees to a children's charity. Security experts dismiss the promise as “psychological manipulation” from unscrupulous crooks. The offer comes from the “kind hearted” slingers of "CryptMix", one of a growing number of crypto-ransomware strains menacing Windows users worldwide. …
John Leyden, 06 May 2016

New Firefox versions will make you activate all new add-ons – except one hacker favourite

Mozilla is excluding Flash from a more general clamp-down on the enablement of browser add-ons with the latest edition of Firefox. Firefox’s click-to-activate plugin whitelist, introduced in September 2013, has been removed. This means that users will have to proactively enable add-ons while surfing using Firefox 47.0 beta …
John Leyden, 06 May 2016
Piranha fish pattern illustration

Adobe Reader update

Adobe is preparing a patch for Acrobat and Reader. The cross-platform update - applicable to both Windows and Macs - earns a security rating of less than critical (priority 2 in Adobe’s lexicon). Updated software is due to land on Tuesday (10 May). ® Piranha fish pattern illustration
John Leyden, 05 May 2016

Miscreants tripled output of proof of concept exploits in 2015

Hackers collectively tripled the production of Proof-of-Concept exploits last year, according to a new study out on Thursday. Researchers and black hats develop proof-of-concept (PoC) exploits for research or demonstration purposes. These PoCs are developed for a various reasons – to demonstrate that software is vulnerable, …
John Leyden, 05 May 2016
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Suck on this: White hats replace Locky malware payload with dummy

Pranksters have infiltrated the control system behind the infamous Locky ransomware and replaced the malware’s main payload with a dummy file. Locky normally spreads using malicious and disguised JavaScript inside email attachments supposedly containing an invoice or similar. Malicious messages are sent to prospective marks in …
John Leyden, 05 May 2016

Jaku botnet runs targeted attack behind sandstorm of routine malfeasance

Security researchers have spotted an on-going global botnet campaign seemingly linked to North Korea. The Jaku botnet has an unusual split personality. On the surface it’s spreading en masse through pirated software (warez) or poisoned BitTorrent trackers to notch up around 17,000 victims at any one time. However, a six month …
John Leyden, 05 May 2016

US telly stations fling malware-tipped web ads at unsuspecting surfers

A rogue advertiser abused the Taggify self-serve ad platform to inject malware-installing code into browsers visiting the websites of two US TV stations. It was a textbook malvertising attack: to infect victims' PCs, the dodgy ads used the Angler Exploit Kit, which is a grab bag of code that exploits weaknesses in Adobe Flash …
John Leyden, 04 May 2016
Type arms of an old typewriter

Mega mail breach fears

Webmail passwords of millions of users are allegedly for sale. Hundreds of millions of usernames and passwords - purportedly for Mail.ru, GMail, Yahoo Mail and Microsoft email accounts - are on sale through Russian cybercrime bazaars, according to security expert Alex Holden. Most of the stolen data refers to mail.ru accounts …
John Leyden, 04 May 2016