Feeds
The Register Columnists

Darren Pauli

Contact Mail Follow Twitter RSS feed
australian credit cards fraud contactless

PCI Council wants YOU to give it things to DO

Crusaders at the Payment Card Industry Security Standards Council have called for submissions into projects for 2015. The council is responsible for PCI Data Security Standards (PCI DSS), a - to date - largely failed initiative to impose better credit card processing security by retailers. A Special Interest Group is accepting …
Darren Pauli, 27 Aug 2014

Goog says patch⁵⁰ your Chrome

Google has dropped 50 patches for its flagship Chrome browser plugging holes and handed $30,000 to a lone bug hunter who reported a dangerous sandbox-busting attack. A clever chained combo of multiple flaws, reported to Google and patched, allowed attackers to crawl out of Chrome's security sandbox and execute code remotely. It …
Darren Pauli, 27 Aug 2014

Google ghostly graphics haunt Image search

A slam dunking NBA star and a fatal car crash isn't normally what you'd expect to find when Googling for puppies, but it is exactly what users have received overnight due to some unknown perversion of Google Images. The bug affected a scattering of users from dozens of countries. Australia, the US, the UK and many others noticed …
Darren Pauli, 27 Aug 2014
Toy Story

Researcher details how malware gives AV the slip

Researcher James Wyke has discovered throw-off tactics used by malware to frustrate investigators. These tactics were part of a suite of impressive methods VXers used to find technical artifacts that could help them distinguish between computers belonging to victims and those used by malware researchers. While malware writers …
Darren Pauli, 26 Aug 2014
Social media buttons

Attack flogged through shiny-clicky social media buttons

Web admins beware: social media buttons that load scripts from unknown external sites could see your sites foisting the FlashPack exploit kit to visitors. Several sources warn that popular JavaScript social media panels are being modified to load external resources that pulled down FlashPack, formerly known as SafePack, which …
Darren Pauli, 26 Aug 2014
south korea

Three quarters of South Korea popped in online gaming raids

Three quarters of South Korea's population have been compromised in a massive data breach affecting 27 million people. The nearly incomprehensible breach was revealed when 16 individual were arrested after selling the records relating to victims aged between 15 and 65 years-old. The records included names account logins …
Darren Pauli, 26 Aug 2014
Moments of perspiration

Hack skirmish grounded Sony exec's flight after FAKE bomb scare

As Distributed Denial of Service (DDoS) attacks hosed not only Playstation Network but also XBox and Battle.net networks, it has emerged that a fake bomb threat grounded US flight 362, while Sony Entertainment Online chief John Smedley was aboard the aircraft. A group (@LizardSquad was tweeting threats and invective in the …
Darren Pauli, 25 Aug 2014
Ross Ulbricht

Three new charges laid against alleged Silk Road kingpin

Three additional charges have been laid against alleged Silk Road kingpin Ross Ulbricht including narcotics trafficking and identity fraud, according to an indictment filed Thursday. Ulbricht faces life in prison for his alleged running of internet drug den Silk Road through which buyers and sellers sent hard and soft drugs to …
Darren Pauli, 25 Aug 2014
Precog Minority Report

Security precogs divine web vulnerabilities BEFORE THEY EXIST

Three million webpages are set to become hacker fodder according to research that could predict what websites will become vulnerable ahead of time. The research by Kyle Soska and Nicolas Christin of Carnegie Mellon University used an engine which divined the future by looking at the past - more specifically, by trawling the Way …
Darren Pauli, 22 Aug 2014
Facebook security

Facebook slings $50k Internet Defense Prize™ at bug hunter duo

Facebook and Usenix have together created the Internet Defense Prize™ – and awarded its first gong to security bods Johannes Dahse and Thorsten Holz. The pair, of Ruhr University Bochum in Germany, received $50,000 from Facebook's prize-giving committee for their paper, Static Detection of Second-Order Vulnerabilities in Web …
Darren Pauli, 21 Aug 2014
Flytrap

New twist as rogue antivirus enters death throes

A rogue anti-virus program called Defru has taken to the browser to find a smarter way of infecting users, Microsoft researchers say. The Defru malware blocks users from visiting certain websites and instead displays warnings about fake perceived threats while the correct intended web address was still displayed. Most victims …
Darren Pauli, 21 Aug 2014
Stuxnet

Oi! Rip Van Winkle: PATCH, already

Nearly 20 million computers remain infected with malware targeting a vulnerability first targeted four years ago by the Stuxnet worm. The flaw (CVE-2010-2568) was a Windows operating system bug in the way shortcuts worked allowing quiet download of the random dynamic library on Win Server 2003 and XP through to version 7. Since …
Darren Pauli, 20 Aug 2014
Mozilla Firefox

Lazy sysadmins rooted in looming Mozilla cert wipeout

Mozilla is about to revoke some weak X.509 PKI certs, and has warned sysadmins that it will affect the Firefox browser and they'll need to assess their infrastructure. The four affected root certificates from Entrust and ValiCert are marked for removal because they contained weak keys. A further seven from CyberTrust, Thawte …
Darren Pauli, 20 Aug 2014

Cryptolocker flogged on YouTube

Cryptolocker is being flogged over YouTube by vxers who have bought advertising space, researchers Vadim Kotov and Rahul Kashyap have found. The researchers made the discovery while monitoring YouTube and website banners for instances where malware writers had actually purchased space to foist their wares on unpatched web users …
Darren Pauli, 20 Aug 2014
Melbourne Central

Aussie telcos to sell user location data to marketers

Two Australian telecommunications providers are seeking to identify and sell the location of their users to advertising companies. One telco was already in early adoption of a big data Hadoop system while a second was considering the platform. The telcos, unnamed due to non-disclosure agreements, were seeking a project similar …
Darren Pauli, 19 Aug 2014
usb nuclear button hub

Nuke regulator hacked three times in three years

The US Nuclear Regulator Commission (NRC) has been hacked three times in as many years, according to documents obtained under freedom of information requests. Unnamed foreign hackers sent hundreds of phishing emails - targeting 215 staff in one incident alone - in what was dubbed a 'credential harvesting campaign', according to …
Darren Pauli, 19 Aug 2014
Malware

VXer fighters get new stealth weapon in war of the (mal)wares

A bare-metal analysis tool developed by University of California researchers promises to help tip the battle between virus writers and black hats by cloaking malware investigation efforts. The tool is the latest weapon in the war between the diaspora of independent and vendor malware researchers and their VXer foes. Their …
Darren Pauli, 18 Aug 2014
Hacked sarcasm

Boffins find hundreds of thousands of woefully insecure IoT devices

More than 140,000 internet-of-things devices, from routers to CCTV systems contain zero-day vulnerabilities, backdoors, hard coded crackable passwords and blurted private keys, according to the first large scale analysis of firmware in embedded devices. Four researchers from EURECOM France found the flaws when conducting a …
Darren Pauli, 17 Aug 2014
blue screen of death

Microsoft cries UNINSTALL in the wake of Blue Screens of Death™

Microsoft has urged users to remove a buggy update as it yanked download links to the offending patch, after reports emerged it caused the dreaded blue screen of death. The fixes issued on Patch Update Tuesday addressed privilege escalation bugs but an apparent font cache clearing issue lead to Windows boxes turning the colour …
Darren Pauli, 17 Aug 2014
GameOver

Insert coin to continue: GameOver ZeuS zombie MUTATES, shuffles back to its feet

The resurfaced GameOver bot is back with a vengeance, having infected 12,000 computers after the network was taken down in June, according to Arbor Networks. The bot was taken out in June in a coordinated and high-profile crackdown by security companies and the FBI and Europol. Servers and domains were seized, disrupting both …
Darren Pauli, 15 Aug 2014
Infosec

Who needs hackers? 'Password1' opens a third of all biz doors

Hundreds of thousands of hashed corporate passwords have been cracked within minutes by penetration testers using graphics processing units. The 626,718 passwords were harvested during penetration tests over the last two years conducted across corporate America by Trustwave infosec geeks. The firm's threat intelligence manager …
Darren Pauli, 15 Aug 2014
ActiveX

Redmond stall means IE Java axe won't swing till September

Microsoft has handed sysadmins a reprieve by delaying the blockage of vulnerable old versions of Java in its flagship Internet Explorer web browser until September. The postponement was made on the back of complaints to Redmond, which only provided a guide to managing the issue on Tuesday. "Based on customer feedback, we have …
Darren Pauli, 14 Aug 2014
Don Draper is sad

We told you jailbreaking your iThing was dangerous

Chinese malware has infected more than 75,000 iPhones and hijacked some 22 million advertisements and stealing revenue from developers on the iOS jailbreak community, virus prober Axelle Apvrille says. The AdThief malware relied on the Cydia Substrate extension present only on jailbroken Apple devices to hijack advertising bucks …
Darren Pauli, 13 Aug 2014
Routers

Fifteen zero days found in hacker router comp romp

Researchers have unveiled 15 zero day vulnerabilities in four home and small business routers as part of the SOHOpelessly Broken hacker competition in DEF CON this week. Four of the 10 routers offered for attack including the ASUS RT-AC66U; Netgear Centria WNDR4700; Belkin N900, and TRENDnet TEW-812DRU were fully compromised. …
Darren Pauli, 13 Aug 2014
Adobe security

You've got three days to patch Adobe Flash, Air, Reader

Adobe has patched seven vulnerabilities in its Flash and Air platforms and one in Reader and Acrobat that is being exploited by attackers. The vulnerabilities could allow attacker to "take control of affected systems" dubbed critical by the company. Administrators were urged to apply the updates within three days on Windows, …
Darren Pauli, 13 Aug 2014
Bitcoin system would kill mammoth mining pools

Fifteen countries KO'd in malware one-two punch

Someone suspected to be backed by a nation state is attacking embassies of former soviet states with a malware tool that has infiltrated networks across more than 15 countries. Hacked embassies of unnamed former soviet states include those located in: France; Belgium; Ukraine; China; Jordan; Greece; Kazakhstan; Armenia; Poland, …
Darren Pauli, 12 Aug 2014
Bitcoins

Chinese Bitcoin farms: From scuzzy to sci-fi

Somewhere in very rural northeast China lies a dusty and dirty factory where the deafening roar of machinery leaks from an armada of Bitcoin mining rigs. Inside a secret north china bitcoin mine. Copyright Jacob Smith (Bitsmith) @ The Coinsman - used with permission Inside the secret north China Bitcoin mine. Copyright Jacob …
Darren Pauli, 12 Aug 2014
Breach

2,285,295 Aussie logins nabbed in Russian password haul

More than two million unique login credentials for Australian internet users were stolen as part of the massive haul of 1.2 billion passwords by a Russian hacker outfit. Earlier this month Hold Security reported that Russian hackers under the group dubbed CyberVors amassed the largest ever cache of stolen website passwords …
Darren Pauli, 11 Aug 2014
DIME

DIME for your TOP SECRET thoughts? Son of Snowden's crypto-chatter client here soon

Lavabit founder Ladar Levison will within six months carve out a military-grade email service from the ashes of Ed Snowden's favourite email client. As many of you will remember, Levison killed the service to prevent his clients' information from getting into the clutches of the Federal Bureau of Investigations. The popular …
Darren Pauli, 11 Aug 2014
Sad Anonymous

Anonymous wifi the latest casualty of Russia net neurosis

Russians will be required to hand over their passport-validated phone numbers to access public wireless networks under new laws. The laws ban the use of public wireless networks, creating confusion around precisely which networks would be affected and what form of identification would need to be provided. Leonid Levin, deputy …
Darren Pauli, 11 Aug 2014
High risk

Data retention means telcos risk Privacy Act breach, Pilgrim warns

Australia's privacy watchdog Timothy Pilgrim has warned that indiscriminate metadata collection would place personal information at risk of privacy breaches. Under the presently broad and opaque proposal, telcos could be required to at least hold data on Australians that would link them to their internet protocol addresses in a …
Darren Pauli, 11 Aug 2014
Twitter

Twitter can trigger psychosis in users

Twitter can trigger psychosis in predisposed users, according to a team of doctors from the Universitätsmedizin hospital in Berlin. A study Twitter Psychosis A Rare Variation or a Distinct Syndrome? concluded that Twitter may have "a high potential to induce psychosis in predisposed users" based on the case of a 31 year-old …
Darren Pauli, 08 Aug 2014

Yahoo! will! deploy! end-to-end! email! crypto! by! 2015!

Yahoo will fire up end-to-end (E2E) encryption for its email users by 2015, chief security officer Alex Stamos announced at Black Hat overnight. The Purple Palace has also created a PGP plugin forked from Google's new offering that will be native in mobile apps allowing Gmail and Yahoo mail to easily exchange encrypted email. …
Darren Pauli, 08 Aug 2014
Fraud image

Researcher snaps a Zeus hacker's photo through his webcam

Security researcher Raashid Bhatt has detailed how to bust the security protections of the Zeus banking trojan allowing him to take a webcam photo of the scammer. Bhatt (@raashidbhatt) wrote in a technical blog how he reverse-engineered the malware after a scammer attempted to foist the malware on him through a phishing scam …
Darren Pauli, 07 Aug 2014
Car hacking

Watch this Aussie infosec bod open car doors from afar

Silvio Cesare Silvio Cesare has probably spent enough on home alarm systems at hardware stores to buy a small pacific island. The Canberra hacker has over the last three years embarrassed manufacturers by buying remote alarms, baby monitors and locks from eBay and hardware stores and later developing replay attacks that allow …
Darren Pauli, 06 Aug 2014
Telephone

One in 2900 phone calls is an IDENTITY THIEF

One in every 2900 phone calls to contact centres was made by fraudsters attempting to gain customer account details to steal funds or buy merchandise, according to Pindrop Security's Vijay Balasubramaniyan. Researchers canvassed 105 million phone calls and studied the way fraudsters pulled off identity theft by conning phone …
Darren Pauli, 06 Aug 2014
Crime in Russia

Hacker crew nicks '1.2 billion passwords' – but WHERE did they all come from?

Russian hackers have amassed the largest ever cache of stolen website passwords – 1.2 billion, it's claimed – by swiping, one way or another, sensitive data from poorly secured databases. A network of computers quietly hijacked by malware, and controlled from afar by the gang, identified more than 420,000 websites vulnerable to …
Darren Pauli, 05 Aug 2014
Office Space

Multifunction printer p0wnage just getting worse, researcher finds

It is now easier than ever to hack corporate networks through multifunction printers, which can even offer up access to Active Directory accounts according to security consultant Deral Heiland. The moustachioed Rapid 7 tech veteran said his team now gains access to corporate active directory credentials through credentials …
Darren Pauli, 05 Aug 2014
Flytrap

Leaked docs reveal power of malware-for-government product 'FinFisher'

A string of documents detailing the operations and effectiveness of the FinFisher suite of surveillance platforms appears to have been leaked. The documents, some dated 4 April this year, detail the anti-virus detection rates of the FinFisher spyware which German based Gamma Group sold to governments and law enforcement agencies …
Darren Pauli, 05 Aug 2014
Thomas Drake

NSA leaker Thomas Drake says Oz security reforms are 'scary'

Thomas Drake and Jesselyn Radack Thomas Drake and Jesselyn Radack National Security Agency whistleblower Thomas Drake says Australia's looming national security reforms makes him 'shudder', labelling them ambiguous and a plot to stamp out legitimate public-interest whistleblowing. Drake, who Edward Snowden said was his …
Darren Pauli, 04 Aug 2014

Windows Registry-infecting malware has no files, survives reboots

Researchers have detailed a rare form of Windows malware that maintains infection on machines and steals data without installing files. The malware resides in the computer registry only and is therefore not easy to detect. It code reaches machines through a malicious Microsoft Word document before creating a hidden encoded …
Darren Pauli, 04 Aug 2014
Data breach image

Mozilla gaffe exposed 76,000 email addresses, 4000 passwords

Mozilla has 'fessed up to accidentally exposing the email addresses for 76,000 members of its Developer Network, along with 4000 encrypted passwords. The breach was caused by a bad script that on July 23 was found to have inadvertently published the records online over the previous month. The offending data sanitisation process …
Darren Pauli, 03 Aug 2014
Flytrap

Security chap writes recipe for Raspberry Pi honeypot network

Honeypots are the perfect bait for corporate IT shops to detect hackers targeting and already within their networks and now one security bod has devised a means to build a battalion of the devices from Raspberry Pis. University of Arizona student Nathan Yee (@nathanmyee) has published instructions for building cheap hardware …
Darren Pauli, 01 Aug 2014
Brute Force

Retailers shot up by PoS scraping brute force cannon

The US Computer Emergency Response Team has warned of a new point of sale malware that is targeting retailers. The malware is a RAM-scraper of the kind made infamous by the Target breach that saw attackers plant wares on terminals to nab credit cards while they were temporarily unencrypted. This attack uses a new tool delivered …
Darren Pauli, 01 Aug 2014
Spying image

Securobods claim Middle East govts' fingerprints all over malware flung at journos

Researchers at Toronto-based Citizen Lab have shot down denials by Syria, Bahrain and the United Arab Emirates regarding attacks against activists, journalists and dissidents, labelling some of the assaults as incompetent. The team gathered tens of thousands of documents and files detailing the malware and social engineering …
Darren Pauli, 31 Jul 2014
megaphone loudhailer

BitTorrent launches decentralised crypto-fied chat app

BitTorrent has joined the increasingly crowded post-Snowden market for anonymous online chat services with "Bleep", a decentralised voice and text communications platform. The platform uses the BitTorrent network to spread users' voice and text through nodes rather than a centralised server. Project head Farid Fadaie (@ffadaie …
Darren Pauli, 31 Jul 2014
pipes

Multipath TCP speeds up the internet so much that security breaks

The burgeoning Multipath TCP (MPTCP) standard promises to speed up the internet but will also break security solutions including intrusion detection and data leak prevention, says security researcher Catherine Pearce. MPTCP technology is an update to the core communications backbone of the internet that will allow the …
Darren Pauli, 31 Jul 2014
Spin

Firm issues soft denial against Iron Dome hack

An Israeli defence firm linked to Israel's Iron Dome missile defence platform has denied reports it was hacked by Chinese attackers who made off with information on the military technology. Israel Aerospace Industries (IAI) spokeswoman Eliana Fishler said in statement emailed to outlets including The Register that reports it had …
Darren Pauli, 30 Jul 2014
Internet of Things

'Things' on the Internet-of-things have 25 vulnerabilities apiece

Ten of the most popular Internet of Things devices contain an average of 25 security vulnerabilities, many severe, HP researchers have found. HP's investigators found 250 vulnerabilities across the Internet of Things (IoT) devices each of which had some form of cloud and remote mobile application component and nine that …
Darren Pauli, 30 Jul 2014
Instasheep

Thwarted dev sets Instasheep to graze on Facebook accounts

London developer Stevie Graham has built an Instagram stealer dubbed Instasheep that can hijack accounts over public networks. Graham (@stevegraham) published Instasheep - a play on the 2010 Facebook stealer Firesheep - after claiming Facebook refused to pay a bug bounty for his reported flaws affecting the Instagram iOS app. …
Darren Pauli, 30 Jul 2014