Darren Pauli

Contact Mail Follow Twitter RSS feed

MITRE fighter says CVE delays are no laughing matter, names bug ROFL in branding protest

AusCERT Security man David Jorm has started giving important bugs names, logos and even websites, because MITRE won't assign them Common Vulnerabilities and Exposures (CVE) numbers. CVE numbers are the tags assigned to bugs and are designed to help the security industry ensure that they're all fixing the same problem. Jorm, of Console …
Darren Pauli, 25 May 2016

VXer group ramps up malware to attack Indian embassies

Attackers have revamped their malware to better target embassy staff, says a Palo Alto Networks security team. The "Operation Ke3chang" campaign is slinging the TidePool malware which it has quietly upgraded over recent years. Researchers Micah Yates, Mike Scott, Brandon Levene, Jen Miller-Osborn and Tom Keigher say the group …
Darren Pauli, 25 May 2016

Password reuse bot steals creds from weak sites, logs in to banks

The perils of password re-use have been laid bare with the discovery of a botnet dedicated to finding account credentials on websites and testing the logins it finds on banks. The work is clever since it avoids tripping botnet detection and brute force rate limiters in place at most security-savvy banks, but absent across the …
Darren Pauli, 24 May 2016

Google security man reveals Allo will encrypt chats - sometimes.

Security industry types and leaker Edward Snowden have rubbished new Google instant messenger app Allo after its lead product engineer revealed it would not run end-to-end encryption by default. The text-based messaging service launched at Google's I/O 2016 gabfest last week is linked to phone numbers and sports Chrome's porn …
Darren Pauli, 24 May 2016
Image by gyn9037 http://www.shutterstock.com/gallery-691846p1.html

DMA Locker: One time joke, now next big ransomware threat

A new complex and dangerous ransomware strain has been detected. A Malwarebytes researcher known as "Hasherezade" says the "DMA Locker" ransomware is already being slung by the popular Neutrino exploit kit. "The recently observed changes suggest that the product is preparing to be distributed on a massive scale," Hasherezade …
Darren Pauli, 24 May 2016
Image by Dr Flash http://www.shutterstock.com/gallery-182053p1.html

Malaysians using South African cards pinch US$12.7m in Japan

Carders have made off with US$12.7 million (£8.7 million, A$17.5 million) ripping through 1400 ATMs in a mere two hours last week. The attackers netted ¥1.4 billion in cash from ATMs located in convenience stores across the country using counterfeit credit cards. Sources told local media the 1600 credit cards used in the …
Darren Pauli, 23 May 2016
Edward Snowden and Julian Morrow at Think. Image Darren Pauli / The Register

Snowden: NBN leaker raids a 'misuse' of Australian Federal Police

National Security Agency (NSA) leaker Edward Snowden has opined that last week's National Broadband Network (NBN) raids in Australia last week are a misuse of the Australian Federal Police (AFP) power. Snowden appeared via satellite link in the Australian city of Melbourne last night, live from Russia where he resides under …
Darren Pauli, 23 May 2016

60 per cent of Androids exposed by new attack on mediaserver

Duo Security researcher Kyle Lady says attackers can compromise more than half of enterprise Android phones by chaining two operating system and chip vulnerabilities. The flaws affect scores of phones on the market from the most popular Lollipop version 5 Android system, second-placed KitKat version 4.4, and the barely-used …
Darren Pauli, 20 May 2016
Image by Dr Flash http://www.shutterstock.com/gallery-182053p1.html

Japan on Olympic hacking mission to test utilities, trains, telcos

Japan will from next year conduct mock hacking exercises with governments including the United States and private sector organisations ahead of the 2020 Olympic games. The effort will be run out of a new penetration testing arm to be created in 2017 charged with identifying vulnerabilities in physical control systems that …
Darren Pauli, 20 May 2016
AFP Commissioner Andrew Colvin

Australian Federal Police say government ignorant of NBN raids

Australian Federal Police (AFP) has confirmed it raided the office of Labor senator Stephen Conroy and the home of a staffer of opposition communications minister Jason Claire over leaked documents pertaining to Australia's National Broadband Network (NBN). Sensitive documents have been repeatedly leaked since late last year …
Darren Pauli, 20 May 2016
MagMac83 http://www.shutterstock.com/gallery-2897194p1.html

Hacker finds flaw in teleconference tool used by US Army, NASA and CERN

Sydney security tester Jamieson O'Reilly has reported a since-patched vulnerability in video platform Vidyo – used by the likes of the US Army, NASA and CERN – that could see videos leaked and systems compromised. O'Reilly, director of intelligence for consultancy Content Protection, says he picked up the bug during a client …
Darren Pauli, 19 May 2016

White hats bake TeslaCrypt master key into universal decryptor

The authors of the TeslaCrypt ransomware have handed over their master keys in what appears to be a decision to kill off the net menace. An Eset researcher noticed the gradual decline of TeslaCrypt and, posing as a victim, asked the malware authors for a key. The authors surprisingly offered a free master key and the security …
Darren Pauli, 19 May 2016

Hacker rescues Hollywood house from URL scam squatters

WhiteHat Security founder Jeremiah Grossman has published details that could help victims of domain hijacking. The penetration tester writes how he helped an unnamed video production house to fight a scammer who had opened a mimic website to defraud customers. He says the company had more than a dozen published TV shows under …
Darren Pauli, 19 May 2016
Image by: TijanaM http://www.shutterstock.com/gallery-501730p1.html

Android Lollipop sucks at security, says researcher

Skycure security researcher Yair Amit has revealed a chained Android attack path that will greatly enhance attackers' ability to compromise 1.34 billion devices, or 95 percent of those in use. The Accessibility Clickjacking attack exploits flaws in protections for Android's accessibility and draw-over-apps features to allow …
Darren Pauli, 19 May 2016

Magento attacks uncanny hacks-men with shopper-popper patch

Independent security researcher Nethanel Rubin has reported a since-patched vulnerability in eBay's Magento e-commerce platform that could have allowed hackers to compromise retailers. The vulnerability (CVE-2016-4010) is fixed in version 2.0.6 issued overnight. Magento handed the flaw a 9.8 out of 10 severity score explaining …
Darren Pauli, 18 May 2016

Cryptxxx shipwrecked: Laughing white hats shred latest ransomware

Kaspersky white hats have again ruined the Cryptxxx malware by offering victims a free decryption tool that will unwind all variants of the menace. The infuriating researchers have followed their first decryption effort that busted up the earlier Cryptxxx variant causing VXers to re-write and reissue a patched ransomware …
Darren Pauli, 18 May 2016

Kids these days can't even write a decent virus

The crusty headless Conficker worm is the web's most prolific web threat, says security Check Point. The net menace was the one-time world's biggest bot worming its way since 2008 through millions of machines across every country in the world, smashing through social networks including Facebook, Skype, and popular email …
Darren Pauli, 18 May 2016

Apple's iOS updates brick iPads

Apple's latest iOS 9.3.2 update appears to be bricking iPads. Reports of borked iPads emerged on Twitter thanks reportedly to a hardware issue requiring users to possibly restore their devices or contact support. And people have. Users have Tweeted to Apple Support (@AppleSupport) with complaints their iPads cannot be …
Darren Pauli, 17 May 2016

Destroying ransomware business models is not your job, so just pay up

COMMENT It's not your job to defend the world against criminals, so the decision to pay a ransomware demand is all about business. The likes of FBI Cyber Division deputy chief James C. Trainor disagree. The Bureau recently advised organisations not to pay lest they "embolden" criminals and encourage others to take start using …
Darren Pauli, 17 May 2016
Vikings. Credit: History Channel.

Malicious Android apps slip into Google Play, top third party charts

Malicious Android applications have bypassed Google's Play store security checks to enslave infected devices into distributed denial of service attack, advertising fraud, and spam botnets. The apps are legitimate games that in some stores outside of Google Play have made it to highly-contested top free games charts. …
Darren Pauli, 17 May 2016
Image by 9 George http://www.shutterstock.com/gallery-607441p1.html

A million machines enslaved by MitM Google ad fraud botnet

About a million computers have been enslaved into a newly-identified botnet that is plundering Google advertising revenues, a security trio says. The redirector.paco botnet steals advertising revenue by replacing a website's Google AdSense for search results on infected machines with their own. Bitdefender security …
Darren Pauli, 17 May 2016
Arcady http://www.shutterstock.com/gallery-450076p1.html

Flash zero day phished phoolish Microsoft Office users

FireEye has detailed an attack on a recent zero-day vulnerability Adobe patched last week. The flaw (CVE-2916-4117) affects the previous latest version of Adobe Flash and copped a rushed patch after FireEye reported attacks in the wild. Genwei Jiang, a Singaporean senior security engineer, has revealed the details of the …
Darren Pauli, 16 May 2016
St Petersburg Russia

Work begins on Russian rival to Android

A Russian company called Open Mobile Platform (Открытая Мобильная Платформа) is developing its own mobile operating system to rival Android. Communications Minister Nikolai Nikiforov tweeted a link to job ads seeking developers, infrastructure architects, testers and security types. Российский центр разработки новой мобильной …
Darren Pauli, 16 May 2016

YouTube skiddie busted for hacking Country Liberal Party

A man from the Australian state of Victoria has been charged after stealing, using, and publishing credit cards of political party members using basic tricks he learned from YouTube. Aaron Warren Camm, 20, of Kangaroo Flat, learnt how to use the skiddie tool Havij to launch SQL injection attacks and applied the lessons in …
Darren Pauli, 16 May 2016
Gil C http://www.shutterstock.com/gallery-762415p1.html

Hacker sells Pornhub shell

A hacker is selling claimed command injection and shell access to adult mega site Pornhub. The hacker (@1x0123) is asking for US$1000 for the unverified access which, if used, could compromise portions of the site's 60 million daily visitors. They say PornHub has a vulnerability in its user profile script responsible for …
Darren Pauli, 16 May 2016