Darren Pauli

Contact Mail Follow Twitter RSS feed
Privacy image

Snoopy Fujitsu tech KNOWS you'll click that link – before YOU do

The next time you hover over a suspicious link a little too long, or download from a questionable site, you might get a nudge from Fujitsu. The Japanese tech giant has, from the back of a 2000-head study, developed a tool capable of determining if a user was likely to be scammed and delivering a custom warning. Together with a …
Darren Pauli, 23 Jan 2015

Symantec data centre security software has security holes

Security bod Stefan Viehböck has detailed holes in Symantec's data centre security platforms that the company plugged this week because they allowed hackers to gain privilege access to management servers. The patches fix holes in the management server for Symantec Critical System Protection (SCSP) 5.2.9 and its predecessor Data …
Darren Pauli, 23 Jan 2015

Adobe finds, patches ANOTHER exploited Flash 0day

Another exploited zero-day vulnerability has been uncovered and patched in Adobe Flash, 24 hours after a second flaw in the popular web trinket was found being used in attack kits. Adobe is examining yesterday's zero day, picked up by French researcher Kafeine who spotted it after analysing a version of the popular Angler …
Darren Pauli, 23 Jan 2015
Rickmote

Google splashes $80k on Chrome 40 bug splatting

Google has patched 62 security vulnerabilities in Chrome 40 and handed out US$88,500 to bug hunters who spotted the problems. Of those fixes, 17 swatted dangerous memory corruption and use-after-free vulnerabilities in Chrome elements including FFmpeg, ICU and DOM. The Chocolate Factory's digital guardians pushed the flagship …
Darren Pauli, 23 Jan 2015

Netadmin wanted for 'terrible, terrible, awful job nobody wants'

Calling network administrators: do you want more stress? A fuller inbox? More demanding and ever-moving objectives?Then apply to be the next network administrator at the Children's Specialty Center of Nevada! The position offers generous benefit packages --and you'll need it for the extra cost of counselling and tissues to wipe …
Darren Pauli, 22 Jan 2015

Flash zero day under attack

A zero day Flash vulnerability is being actively exploited by criminals using the popular Angler exploit kit. Adobe is investigating the report by respected French malware researcher Kafeine, who found the exploit kit circulating on cybercrime forums. The vulnerabilities affected Flash Player versions up to 15.0.0.223 and the …
Darren Pauli, 22 Jan 2015

Remote code execution vulns hit Atlassian kit

Software development software house Atlassian has patched critical vulnerabilities found in all versions of its Confluence, Bamboo, FishEye, and Crucible products. The company sent an email to its customers alerting them of the flaw that affected versions of Confluenceup to 5.6.5, Bambooup to 5.7, and FishEye and Crucible up to …
Darren Pauli, 22 Jan 2015

It's 2015 and default creds can brick SOHO routers

A hacker has detailed a series of tricks that can silently reboot or brick routers or activate admins functions. Many routers including Netgear and Surfboard models look to be affected, with most attacks requiring just victims' default universal credentials to be applied. Applications security bod Joseph Giron detailed how …
Darren Pauli, 21 Jan 2015

SoShabby GoDaddy flings patch at domain hijack hole

Domain goliaths GoDaddy has rushed to plug a vulnerability that allowed attackers to hijack registered sites. Pen tester Dylan Saccomanni dropped the Cross-Site Request Forgery (CSRF) bug on his blog after the company said there was no timeline for a fix. GoDaddy applied a fix less than 24 hours after the blog was published. " …
Darren Pauli, 21 Jan 2015

Google reveals bug Microsoft says is mere gnat

Google has reported a local file flaw affecting Windows 7 and 8.1 32 and 64 -bit systems in the third vulnerability dropped since a spat with Microsoft erupted last week. The vulnerability that allowed a malicious Server Message Block version 2 server to force a client to open arbitrary local files was marked high severity by …
Darren Pauli, 20 Jan 2015
Traffic cones by Squire Morley. licensed under creative commons 2.0 https://creativecommons.org/licenses/by/2.0/

Video nasty: Two big bugs in VLC media player's core library

A Turkish hacker has revealed two zero-day vulnerabilities in library code used by the popular VLC media player and others. The data execution prevention (CVE-2014-9597) and write access (CVE-2014-9598) violation vulnerabilities could lead to arbitrary code execution, researcher Veysel Hatas said in a post. "VLC Media Player …
Darren Pauli, 20 Jan 2015

Possible Lizard Squad members claim hack of Oz travel insurer

Nearly 900,000 client records including names, addresses, and phone numbers have been stolen from travel insurer Aussie Travel Cover by a suspected member of the Lizard Squad hacking crew. The hacker released databases including those detailing customer policies and travel dates along with a list of partial credit card …
Darren Pauli, 20 Jan 2015

NSA: We're in YOUR BOTNET

The NSA quietly commandeered a botnet targeting US Defence agencies to attack other victims including Chinese and Vietnamese dissidents, Snowden documents reveal. The allegation is among the latest in a cache of revelations dropped by Der Spiegel that revealed more about the spy agency. The "Boxingrumble" botnet was detected …
Darren Pauli, 19 Jan 2015
Mozilla Firefox Fox sitting down

Firefox 35 stamps out critical bugs

Mozilla has crushed nine bugs, some rather dangerous, in the latest version of its flagship browser. The fixes include a patch for a critical sandbox escape (CVE-2014-8643) in the Gecko Media Plugin used for h.264 video playback affecting Windows machines (but not OS X or Linux). Another critical hole addressed a read-after- …
Darren Pauli, 19 Jan 2015

AT LAST: Australia gets its very own malware

Australians are being targeted by a new variant of the Carberp malware under what appears to be renewed criminal interest in the antipodes. The modified trojan, Carberp.C, was spread through a spam operation masquerading as a payment invoice. Virus writers pushed the malware out a day after coding it, Symantec researcher …
Darren Pauli, 19 Jan 2015

Dongle bingle makes two MEELLION cars open to exploit

A bluetooth dongle used to track driver habits for insurance purposes has been hacked potentially allowing cars to be remotely hijacked, researcher Corey Thuen says. The attack targeted the SnapShot dongle offered by US company Progressive Insurance and used by two million American drivers which collected vehicle location and …
Darren Pauli, 19 Jan 2015

Verizon sprints to crush FiOS account exposure hole

Up to five million user accounts, including email inboxes and private messages of Verizon's FiOS application, were exposed thanks to a flaw reported today. XDA senior software developer Randy Westergren said the FiOS API flaw since fixed allowed any account to be accessed by manipulating user identification numbers in web …
Darren Pauli, 19 Jan 2015

Please use TWO HANDS to access AdultFriendFinder

Four hosts are behind one in two typosquatting attacks against the top 500 websites, research has found. The hosts and their fellow fraudsters had registered domain names mimicking three-quarters of the internet's 500 most popular websites, say University of Leuven researchers Pieter Agten, Wouter Joosen, and Frank Piessens, who …
Darren Pauli, 16 Jan 2015

GRENADE! Project Zero pops pin on ANOTHER WINDOWS 0-DAY

Google has once again decided Microsoft's moving too slowly on the security front – by dropping yet another proof-of-concept attack against a Windows 7 and 8.1 bug that Redmond tried and failed to fix this week. The flaw is present in Windows on 32- and 64-bit architectures, and can accidentally disclose sensitive information or …
Darren Pauli, 16 Jan 2015

Apple wants your fingerprints in the cloud

Apple wants to collect and store your fingerprints to spread its payment service and simplify download authorisation. Cupertino aspires to upgrade its TouchID with the capability to collect, encrypt and upload fingerprints to Apple servers so that users can verify their identities with a single print matched to those stored …
Darren Pauli, 16 Jan 2015

Microsoft cracks personalisation without prying

A Microsoft research trio has developed an algorithm capable of eliminating user tracking in web search without the overheads of existing technology. The idea, to be presented next month and titled Bloom Cookies: Web Search Personalisation without User Tracking, uses a new type of flowery cookies that can tightly-encode user …
Darren Pauli, 15 Jan 2015

Got a GE industrial Ethernet switch? Get patching

GE is the latest industrial kit vendor to send users patching to protect against hard-coded credentials in Ethernet switches. IOActive disclosed the vulnerability to ICS-CERT, which issued this advisory (details here CVE-2014-5418 and here CVE-2014-5419). The vulnerability occurs in various GE Multilink managed Ethernet …

Cryptolocker 3.0 scum bounce victims over Invisible net

Cryptowall 3.0 uses Tor and its little sister I2P to carry chatter between victims and controllers keeping it away from researchers and law enforcement, French anti-malware crusaders say. Researchers Kafeine (@Kafeine) and Horgh (@Horgh_RCE) have released a technical analysis on the malware identified by Microsoft late last year …
Darren Pauli, 15 Jan 2015

Change the plan for Sat night, hackers. No more biz meetup eavesdrop LOLs

Cisco has patched four holes in WebEx that allowed attackers to gain access to video conferences and gain other administrative functions. The popular platform contained a cross site request forgery in versions 1.5 and below. Cisco slapped a moderate severity rating on the bug (CVE-2014-8031). "A vulnerability in the web …
Darren Pauli, 14 Jan 2015

Euro security agency says MORE crypto needed in gov policy

Governments need to build more privacy into legislation,technology vendors need to step up and compliance cops should crack down to push privacy-enhancing technologies out of the labs, says the European Union Agency for Network and Information Security (ENISA). The agency has issued a report, Privacy and Data Protection by …
Darren Pauli, 14 Jan 2015

AMD plugs firmware holes that allowed command injection

VID Chip maker AMD has patched holes across its firmware lines that could allow hackers to inject malware. Czech programmer Rudolf Marek reported the holes in the Trinity, Richland, Kaveri, and Kabini silicon series ahead of a disclosure at the Chaos Communications Congress. AMD's System Management Unit (SMU) firmware code within …
Darren Pauli, 14 Jan 2015
Instagram logo

Instagram FLASHED YOUR PRIVATES to picture pervs

Instagram has plugged a flaw that allowed private pictures to be seen by anyone, under certain conditions. The flaw, reported by Quartz and since closed, meant all photos from formerly public accounts later marked private remained open. Photos on other social networks shared through Instagram could also be accessed, as the flaw …
Darren Pauli, 14 Jan 2015

Remember Corel? It's just entered .DLL hell

Local zero day vulnerabilities have been disclosed in Corel applications, potentially affecting more than 100 million users. The holes were dropped by Marcos Accossatto of Core Security after the doodleware company did not respond to his private disclosure. Corel has been contacted for comment. "Given that this is a client- …
Darren Pauli, 13 Jan 2015

This $10 phone charger will wirelessly keylog your boss

MySpace mischief-maker Samy Kamkar has released schematics for a dirt-cheap wireless sniffer capable of plundering keystrokes from office cubicles. The "Keysweeper" looks and functions like a generic USB phone charger, but conceals Arduino-powered sniffing gear within. The device targets Microsoft wireless keyboards and …
Darren Pauli, 13 Jan 2015

Router creds admin/admin? Lizard Squad thanks you

Console DDoSers Lizard Squad are using insecure home routers for a paid service that floods target networks, researchers say. The service crawls the web looking for home and commercial routers secured using lousy default credentials that could easily be brute-forced and then added to its growing botnet. Researchers close to a …
Darren Pauli, 13 Jan 2015

Security's revamped index of pain readies for release

The great unwashed has been afforded an opportunity to comment on a new scheme for classifying the severity of infosec vulnerabilities issued by the National Institute of Standards and Technology. The Common Vulnerability Scoring System (CVSS) is a pain-assessment index that offers a one-to-ten scale to describe vulnerabilities …
Darren Pauli, 12 Jan 2015

Google crashes supposedly secure Aviator browser

A spat between Google and Whitehat Security has erupted after engineers at the search giant revealed dangerous vulnerabilities found in the latter's anti-Google privacy-centric Chrome spin-off browser. The holes in the Aviator browser reported by Google security bods Justin Schuh and Tavis Ormandy described include a remote code …
Darren Pauli, 12 Jan 2015

Malware coders adopt DevOps to target smut sites

Linux-served porn sites may offer devs more than they bargained for after villains behind one of 2014's nastiest malware campaigns changed tactics to hit adult sites with stealthier wares. The Windigo campaign was revealed in March 2014 to have over the previous two years infected 25,000 Unix and Linux servers, with some 10,000 …
Darren Pauli, 12 Jan 2015
Cloud security image

ASUS router-popping exploit on the loose

ASUS routers contain a vulnerability that turns users into admins, researcher Joshua Drake says. The boxes could be exploited by malicious local users, but not those on the wider internet, re-rerouting all users on the network to malicious sites, among other attacks. Drake wrote in an advisory that several popular models were …
Darren Pauli, 09 Jan 2015
Opportunity's View from Atop 'Cape Tribulation': Image Credit: NASA/JPL-Caltech

NASA closing on fix for Opportunity rover's 'amnesia'

NASA says it's close to a fix for the flash memory problems plaguing the plucky Opportunity rover, which is now nearing its eleventh year of Martian trundling. The problems surfaced last year and created a form of amnesia that NASA boffins decided was caused by one of seven memory banks aboard the rover. The good news is that …
Darren Pauli, 09 Jan 2015

Post-POODLE, OpenSSL shakes off some fleas

OpenSSL has squashed eight low severity vulnerabilities bugs that could result in denial of service or the removal of forward secrecy. The holes, two graded "moderate", were addressed in OpenSSL updates 1.0.0p, 0.98zd, and 1.0.1k. Maintainers wrote in an advisory that Cisco warned last October that a crafted Datagram Transport …
Darren Pauli, 09 Jan 2015

Latest NORKS Linux and Android distros leak

The latest copy of North Korea's in-house Red Star Linux has leaked to the internet and it looks a lot like OS X, computer science graduate Will Scott says. An unnamed source contacted Scott ahead of his talk on Red Star and North Korea computing at the Chaos Communications Congress last month and shortly after published the …
Darren Pauli, 09 Jan 2015
close up of glowing green binary in the symbol of contaminent. By Robert van der Steeg

Pastebin: The remote backdoor server for the cheap and lazy

Malware writers are using the Pastebin web clipboard to host backdoor code, researcher Denis Sinegubko suggests. The code-sharing site was used to store code that was later tapped in attacks against websites running a vulnerable instance of the popular RevSlider plugin. Sinegubko, a Sucuri staffer known for his whitehat malware …
Darren Pauli, 08 Jan 2015

Cryptowall's ransomware's tough layers peeled

Cryptowall's 2.0 incarnation is hidden in a tough shell crafted by developers paranoid about the security research community, technical analysis reveals. The ransomware has matured much since it emerged last year, encrypting victims' files and demanding money for the supply of a decryption key. It's superior design lead to …
Darren Pauli, 08 Jan 2015

Thunderstrike shocks OS X with firmware bootkit

Reverse engineer Trammell Hudson has created an attack dubbed Thunderstrike which can quietly, persistently and virally compromise Apple Macs from boot. The Thunderstruck attack uses 35 year-old legacy option ROMs to replace the RSA keys in a Mac's extensible firmware interface (EFI) to allow malicious firmware to be installed …
Darren Pauli, 08 Jan 2015

It's 2015 and ATMs don't know when a daughterboard is breaking them

Carders have jackpotted an ATM by inserting a circuit board into the USB ports of an ATM, tricking it into spitting out cash. The technique was thought to have emulated the cash dispenser of the ATM so the brains of the machine thought everything was normal, buying additional time for the brazen crooks to make off with the cash …
Darren Pauli, 07 Jan 2015
Bitcoin bloodbath

Hackers pilfer $5 MEELLION in BTC from Bitstamp

Criminals have made off with a whopping US$5 million after raiding bitcoin exchange Bitstamp. The attack, in the early hours of Monday, pilfered the site's online operation wallets used for rapid currency exchange. Administrators called police and moved to assure customers their bitcoins would be refunded provided they did not …
Darren Pauli, 07 Jan 2015

Buffer overflow reported in UEFI EDK1

A pair of security researchers have found a buffer overflow vulnerability within the implementation of the unified extensible firmware interface (UEFI) within the EDK1 project used in firmware development. Bromium researcher Rafal Wojtczuk and MITRE Corp's Corey Kallenberg said the bug in the FSVariable.c source file was linked …
Darren Pauli, 07 Jan 2015

Dev put AWS keys on Github. Then BAD THINGS happened

Bots are crawling all over GitHub seeking secret keys, a developer served with a $2,375 Bitcoin mining bill found. DevFactor founder Andrew Hoffman said he used Figaro to secure Rails apps which published his Amazon S3 keys to his GitHub account. He noticed the blunder and pulled the keys within five minutes, but that was …
Darren Pauli, 06 Jan 2015
Virgin America plane in flight

GoGo in-flight WiFi creates man-in-the-middle diddle

In-flight wifi service GoGo, once accused of facilitating excessive interception access for US law enforcement, has now been spotted using fake Google SSL certificates to spy on net traffic and prevent passengers from accessing video streaming services. Google engineer Adrienne Porter Felt (@__apf__) noticed the fake SSL …
Darren Pauli, 06 Jan 2015
Miss Piggy

THREE MILLION Moonpig accounts exposed by flaw

Custom mugs and tat outfit Moonpig has a signficant flaw that exposes personal records and partial credit card details for some three million customers, almost 18 months after it was reported. The failure, discovered and privately reported by developer Paul Price, meant every account and the names, birth dates, and email and …
Darren Pauli, 06 Jan 2015

Snooker WPA secrets with this Wi-Fi tool

Crypto geek George Chatzisofroniou has published a WiFi social engineering tool used to steal credentials and credit cards from users of secure wireless networks. The administrator at the University of Greece developed the WiFiPhisher tool which sought out and then replicated WPA-protected networks, sans password. The tool, …
Darren Pauli, 05 Jan 2015

Saudi Arabia hires 'ethical hackers' to silence smut slingers

Saudi Arabia's prude police have hired ethical hackers to pop hedonistic Twitter accounts identified for spruiking smut leading to arrests. The crackdown reported by Emirates24 was led by the religious police which hired the hackers to obtain personal details of Twitter users. The Commission for the Promotion of Virtue and …
Darren Pauli, 05 Jan 2015

By the power of Xbox, WE HAVE THE POWER! - Leakers publish One's SDK

An online group has released what it claims is the software development kit (SDK) for Microsoft's Xbox One console and, according to reports, may have access to games from Halo developers 343 Industries. The leakers released the kit over the festive break to encourage researchers to develop exploits required to gain full control …
Darren Pauli, 05 Jan 2015

POS malware crooks hack IP cams to validate targets

Carders operating the BackOff point of sales malware are hacking IP cameras to make sure their targets are worth attacking, says researcher Rotem Kerner says. The research plugs a "critical" gap in a July disclosure by the US CERT, which warned the popular carder malware was being flung at businesses using remote desktop …
Darren Pauli, 24 Dec 2014