Feeds
The Register Columnists

Darren Pauli

Contact Mail Follow Twitter RSS feed

Researchers bypass Redmond's EMET, again

Researchers have again disarmed Microsoft's lauded Enhanced Mitigation Experience Toolkit (EMET) defence tool, and criticised Redmond for not improving its security controls by much. Offensive Security researchers, the brains behind the Kali Linux security platform and the gents that popped Version 4, examined the advanced …
Darren Pauli, 02 Oct 2014

You dirty RAT! Hong Kong protesters infected by iOS, Android spyware

Hong Kong activists who have taken to the streets to demand electoral freedom are being targeted by mobile spyware – an Android and iOS remote-access Trojan to be precise. Israeli security firm Lacoon Mobile Security spotted the Xsser mRAT spyware being distributed under the guise of an app to help coordinate the Occupy Central …
Darren Pauli, 01 Oct 2014

Researcher details nasty XSS flaw in popular web editor

A tool that's popular with Microsoft's in-house developers, the RadEditor HTML editor, contains a dangerous cross-site scripting (XSS) vulnerability, researcher GS McNamara says. The editor was developed by Telerik and used in trusted in-house code in many big enterprises and across Redmond products including MSDN, CodePlex, …
Darren Pauli, 01 Oct 2014

Xbox hackers snared US ARMY APACHE GUNSHIP ware - Feds

Hackers from the US, Canada and Australia have been arrested over a sting that took in the US Army, gaming companies and Microsoft. The Department of Justice accuses the alleged perps of copying software worth more than US$100m. The thieves pinched data and source code relating to then unreleased titles Call of Duty Modern …
Darren Pauli, 01 Oct 2014

OpenVPN open to pre-auth Bash Shellshock bug – researcher

The Shellshock Bash bug, the gift that just keeps on taking, could also sting OpenVPN users, according to researcher Fredrick Stromberg. Pre-authentication vectors affect communication through the popular and formerly secure VPN platform, he says. Shellshock affected the crucial and ubiquitous *nix component Bash up to and …
Darren Pauli, 30 Sep 2014

FBI opens Malware Investigator portal to industry

The Federal Bureau of Investigations has released a formerly in-house malware-analysing portal to help speed up incident responses and help industry and law enforcement with investigations. The G-men hope the Malware Investigator portal can let businesses build responses to new malware without such heavy reverse-engineering …
Darren Pauli, 30 Sep 2014

Mine Bitcoins with PENCIL and PAPER

Google engineer Ken Shirriff has mined Bitcoins with nothing more than a paper and pencil. While he says the process is about a quintillion times slower give or take than than a Bitcoin mining rig, the algorithm was easy enough to crunch. Shirriff completed a round of SHA-256 in 16 minutes and 45 seconds at which rate a full …
Darren Pauli, 30 Sep 2014

Third patch brings more admin Shellshock for the battered and Bashed

A third patch, from Red Hat engineer Florian Weimer, has been released for the vulnerable Bash Unix command-line interpreter, closing off flaws found in two previous fixes. Weimer's unofficial fix was adopted upstream by Bash project maintainer Chet Ramey and released as Bash-4.3 Official Patch 27 (bash43-027) which addressed a …
Darren Pauli, 30 Sep 2014

Fraud shop OVERSTOCKED with stolen credit cards

Infamous carding store Rescator.cc is so chock-full of stolen credit cards from recent high-profile breaches that it's gutting its prices due to overstocking. The fire sale makes a mockery of the security in place at some of the world's biggest retailers, many of which have in recent months been invaded by hackers who have made …
Darren Pauli, 29 Sep 2014

Ruskies use commercial crimeware to mask 'patriotic' Ukraine hacks

Political hack-attacks are being made to look like bread-and-butter financial fleecing scams, according to researcher F-Secure, after watching Russian hacker collective Quedagh's use of the popular BlackEnergy exploit kit.. The group customised the off-the-shelf malware to attack Ukrainian agencies located in Dnipropetrovsk, in …
Darren Pauli, 29 Sep 2014

Pizza stores popped, sandwich stores sacked in PoS plunder

Some 324 restaurants across the United States, including 216 Jimmy John's outlets, have had payment terminals compromised by malware after a breach at vendor Signature Systems. The massive breach occurred when an intruder stole remote log-in credentials for Signature's point of sale (PoS) kit, according to cyber-crime reporter …
Darren Pauli, 29 Sep 2014

Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'

Security geeks have worked out a formula for determining which of a series of formerly blacklisted domains would be reused in malware attacks. The method combines the domain name with the generic Top Level Domain, IP address alterations and the cost of a domain transfer. Under the right conditions, the researchers sway, the …
Darren Pauli, 26 Sep 2014

Welcome the world's new Most Phished Country: Australia

Move over Brazil: Australia has become the most phished country on Earth, accounting for a quarter of all targeted malicious emails sent globally. Down Under has worked hard at the title, according to Kasperksy, more than doubling its share of phishing attacks received. This despite that a mere 23 million people inhabit the …
Darren Pauli, 26 Sep 2014

Bad boy builds beastly Bash bug botnet, boxen battered

Mere hours after its discovery, the Shell Shock Bash vulnerability was exploited by an attacker to build a botnet. The bot was discovered by researcher known as Yinette, who reported it on her Github account and said it appeared to be remotely controlled by miscreants. Rapid 7 researcher Jen Ellis noted in a blog the discovery …
Darren Pauli, 26 Sep 2014
Cloud security

Xen security bug, you say? Amazon readies GLORIOUS GLOBAL CLOUD REBOOT

Amazon will tomorrow begin a bloody global reboot of its Elastic Compute Cloud (EC2) compute instances after it found a security bug within the Xen virtualisation platform. The rolling minutes-long reboots would be completed by 30 September. Amazon did not name the reason for the upgrade, widely thought to be a security issue …
Darren Pauli, 25 Sep 2014

Bash bug: Shellshocked yet? You will be ... when this goes WORM

Much of the impact of the Shellshock vulnerability is unknown and will surface in the coming months as researchers, admins and attackers (natch) find new avenues of exploitation. The vulnerability, called Shellshock by researcher Robert Graham, existed in the Bash command interpreter up to version 4.3 and affected scores of …
Darren Pauli, 25 Sep 2014

Desperate VXers enslave FREEZERS in DDoS bot

Bad guys are launching denial of service attacks from Windows and Linux boxes and in a sign of desperation even fridges, freezers and Raspberry Pis. The attacks spotted by security company Akamai are based on an updated version of the Chinese language Spike malware that now targets insecure Internet-of-Things things. Akamai's …
Darren Pauli, 25 Sep 2014

Bracelet could protect user herds from lurking PREDATORS

Researchers have developed a fashionable bracelet that could continuously authenticate users preventing snoops from accessing unattended machines. It goes beyond existing continuous authentication mechanisms, the designers say, because it requires users to be active on their machines and not just nearby. The Zero-Effort …
Darren Pauli, 24 Sep 2014

Kali turns Nexus fondleslabs into hacking weapons

Every hacker's favourite operating system, Kali Linux, has been brought to Google Nexus in a move that brings portable popping to a new level. Nexus users running the NetHunter penetration testing platform can now launch their attacks including Teensy keyboard and BadUSB man-in-the-middle (MITM) networking attacks via USB human …
Darren Pauli, 24 Sep 2014

jQuery site popped to serve malware slop

The jQuery site served credential-stealing malware to scores of users who visited the website on September 18, researcher James Pleger says. The super-popular JavaScript library was used by 30 percent of websites including 70 percent of the 10,000 most popular sites which may have been compromised by the RIG exploit kit. jQuery …
Darren Pauli, 24 Sep 2014
Mind blown

80 PER CENT of app devs SUCK at securing your data, study finds

Developers are experts in spinning wonderfully-shiny, horribly-insecure apps, according to research from Aspect Security. Social media meeting buttons and go-live dates rate far higher with app developers than the need to ensure the security of private data. Worse, devs couldn't secure apps if they wanted to, according to the …
Darren Pauli, 23 Sep 2014

Game pirates 'donate' compute power to Bitcoin miners

Hundreds of video game pirates have generously, if inadvertently, donated their compute resources to virus writers by downloading Bitcoin miner-infected torrent listings. Dozens of game torrent files identified by Microsoft threat researchers as malicious have been downloaded thousands of times and were continuing to be seeded ( …
Darren Pauli, 23 Sep 2014

Dyslexic, dyspraxic? No probs, says GCHQ

The British Government Communications Headquarters (GCHQ) says it employs 120 dyslexic and dyspraxic staff for code breaking and counter-espionage. Chairman of the dyslexic and dyspraxic committee, known just as Matt, said the neuro-diverse staff had "spiky skills" where they may excel in analytical areas at expense of others …
Darren Pauli, 23 Sep 2014

Exercise-tracking app not QUITE fit for purpose

Popular fitness app MyFitnessPal, used by 65 million people, has fixed a vulnerability that exposed personal information including date of birth records. The profiles allowed users to fill out their private location data including country, state, and city but not street-level addresses for the purposes of linking neighbours. …
Darren Pauli, 22 Sep 2014

Who.is does the Harlem Shake

Websites across the internet are doing the Harlem Shake after online comedians began exploiting cross site scripting (XSS) flaws that make pages dance and speakers blare. The flaws exist in the DNS text record – not the protocol – due to a lack of sanitation, and allowed internet scamps to turn boring websites like Who.is into a …
Darren Pauli, 22 Sep 2014

Home Depot ignored staff warnings of security fail laundry list

Home Depot is facing claims it ignored security warnings from staff, who say prior to its loss of 56 million credit cards, it failed to update anti virus since 2007, did not consistently monitor its network for signs of attack, and failed to properly audit its eventually-hacked payment terminals. The fixer-upper retail giant …
Darren Pauli, 22 Sep 2014

Google Apple grapple brings crypto cop block to Android

Google is set to build default encryption into its new Android fondleslabs in a bid to foil police forensics (and maybe to copy or catch up with Apple). The security enhancement, reported by the Washington Post, follows Apple's release of iOS 8, which introduced broader encryption, and will ensure Google-powered devices will be …
Darren Pauli, 19 Sep 2014

Google bloke Beer buzzes iOS 8, OS X in bug-busting bonanza bash

Apple has crushed a tonne of bugs across its products including 53 vuln fixes in iOS 8 and a heap of others in OS X Mavericks, the majority reported by Google researcher Ian Beer. Cupertino shut down iOS code execution bugs with root or kernel privileges some of which could be executed through a web browser, and closed off the …
Darren Pauli, 19 Sep 2014
rockstar games bully/canis canem edit

Feds act to stop cyber-bullying, whatever it is, at some future point

Australia's Communications minister Malcolm Turnbull, and his parliamentary secretary Paul Fletcher, have jointly announced that it is working on legislation to allow the appointment of a Children’s e-Safety Commissioner. The Commissioner will oversee “an effective complaints system, backed by legislation, to get harmful …
Darren Pauli, 18 Sep 2014

China hacked US Army transport orgs TWENTY TIMES in ONE YEAR

Sophisticated Beijing-backed hackers raided civilian organisations responsible for the movements of US troops and equipment 20 times in one year of which only two were detected by the responsible agency, an audit report has found. Contractors underneath the US Transportation Command (TRANSCOM) agency were hacked a total of 50 …
Darren Pauli, 18 Sep 2014

Comprehensive guide to obliterating web apps published

The global security community has completed an 18-month effort to produce a guide it is hoped will boost the standard of web application testing and address new and dangerous technologies. Version 4 of the Open Web App Security Project's (OWASP's) Testing Guide [pdf] was produced by more than 60 security bods from around the …
Darren Pauli, 18 Sep 2014

Student pleads guilty to Frances Abbott 'secret' scholarship leak

Sydney student Freya Newman has pled guilty to illegally using a colleagues' login credentials to access and leak documents about a scholarship awarded to the daughter of Australian Prime Minister Tony Abbott. Newman was charged with unauthorised access to restricted data after she accessed a email system owned by the Whitehouse …
Darren Pauli, 18 Sep 2014

Citadel Trojan phishes its way into petrochem firm's webmail

Trusteer researchers are saying that the victims of the latest round of Citadel trojan infections includes one of the largest petrochemical companies in the world. The attacks, like so many others, targeted critical infrastructure organisations using phishing campaigns to steal network credentials. Researcher Dana Tamir said …
Darren Pauli, 17 Sep 2014
australian credit cards fraud contactless

Credit card cutting flaw could have killed EVERY AD on Twitter

Twitter has patched a flaw in its service that allowed unauthorised users to delete every credit card from all accounts, potentially relieving the company of its advertising revenue, security researcher Ahmed Aboul-Ela says. The attacks worked through a direct object reference vulnerability and involved the manipulation of …
Darren Pauli, 17 Sep 2014

Amazon REINTRODUCES Kindle swindle vulnerability

Amazon has reintroduced and again fixed a flaw into its Kindle management page that allows attackers to commandeer accounts by booby trapping pirated books, researcher Benjamin Mussler says. The flaw was first discovered and fixed last October, when Amazon closed off the ability for bad guys to inject nasty script into eBook …
Darren Pauli, 17 Sep 2014

Rejoice, Blighty! UK is the TOP of the WHOLE WORLD ... for PHISHING

British punters are being served three times as many phishing links to trojans and exploit kits than the US, and five times more than the Germans, according to a ProofPoint study. The security researchers say that while the English were being served more malicious links, Germans were hit with the greatest amount of unsolicited …
Darren Pauli, 16 Sep 2014

THREE QUARTERS of Android mobes open to web page spy bug

A Metasploit module has been developed to easily exploit a dangerous flaw in 75 percent of Android devices that allows attackers to hijack a users' open websites. The exploit targets vulnerability (CVE-2014-6041) in Android versions 4.2.1 and below and was disclosed without fanfare on 1 September, but had since gathered dust, …
Darren Pauli, 16 Sep 2014

Hackers-for-hire raided 300 banks, corporates for TWELVE YEARS

A band of hackers for hire have raided some 300 banks, corporations and governments undetected for 12 years, possibly the longest campaign of its kind. The German hackers registered 800 front businesses in the UK to target and fully compromise organisations in Germany, Switzerland, and Austria at the request of customers. Elite …
Darren Pauli, 16 Sep 2014
Arrow quiver

Hey, scammers. Google's FINE with your dodgy look-a-like apps

Attackers can easily craft third party scripts to imitate Google to trick users into granting authorisation to their email accounts, says infosec chap Andrew Cantino. The Mavenlink engineer said Mountain View did not make it sufficiently clear when users were approving third party access to their data, thus making social …
Darren Pauli, 15 Sep 2014
Brute Force

Hackers pop Brazil newspaper to root home routers

A popular Brazilian newspaper has been hacked by attackers who used code that attacked readers' home routers, says researcher Fioravante Souza of web security outfit Sucuri. Attackers implanted iFrames into the website of Politica Estadao, which, when loaded, began brute force password guessing attacks against users. Souza says …
Darren Pauli, 15 Sep 2014
Spam image

spɹɐʍʞɔɐB writing is spammers' new mail filter avoidance trick

Spammers are writing emails backwards in an attempt to sneak past spam filters, security researcher Brian Bebeau has found. The pests were using left-to-right override code intended to facilitate the use of bi-direction text, such as a document that included English and Hebrew. The Trustwave researcher said the tactic had a …
Darren Pauli, 12 Sep 2014

Hacker publishes tech support phone scammer slammer

Security pro Matthew Weeks has released a Metasploit module that can take over computers running the Ammyy Admin remote control software popular among "Hi this is Microsoft, there's a problem with your computer" tech support scammers. Weeks' day job is director at Root9b, but he's taken time to detail a zero-day flaw in Ammyy …
Darren Pauli, 12 Sep 2014

Satellite weather forecast: Cloudy with a chance of p0wnage

Weather predictions could be thrown into chaos if miscreants exploited a litany of dangerous and years-old holes reported in ground control for the Joint Polar Satellite System (JPSS). The flaws, of which 12,703 are considered high risk, have been detailed in a US Government audit report that examined the state of security of …
Darren Pauli, 11 Sep 2014

TorrentLocker unpicked: Crypto coding shocker defeats extortionists

Crooks have borked the encryption behind the TorrentLocker ransomware, meaning victims can avoid paying the extortionists and unlock their data for free. TorrentLocker was regarded as the demonic spawn of CryptoLocker and CryptoWall which made killings last year by encrypting valuable data owned by individuals and organisations …
Darren Pauli, 11 Sep 2014
Rubbish bin

Webmin hole allows attackers to wipe servers clean

Holes in the Webmin Unix management tool - thankfully since patched - could allow attackers to delete data on servers, says security researcher John Gordon of the University of Texas. The remote root access server tool contained vulnerabilities in newly-created cron module environment variables that could erase data through …
Darren Pauli, 11 Sep 2014

Troll or thief? User claims Bitcoin founder Satoshi Nakamoto dox sabotage

An internet user has claimed to have hacked the email account of the entity thought to be behind the Bitcoin - Satoshi Nakamoto -and has offered to release personal details for $12,000. Nothing is known about the identity of the claimed hacker and there is little evidence that they had details of Nakamoto to hand. Evidence for …
Darren Pauli, 10 Sep 2014

Australian whistleblower laws weaker than China's, report finds

Australia's private sector whistleblower laws are weaker than those in most G20 countries including Turkey, China, and Indonesia, according to researchers at Melbourne and Griffith universities. The report Whistleblower Protection Rules in G20 Countries: The Next Action Plan found while in roads had been made to improve whistle …
Darren Pauli, 10 Sep 2014

Ultimate hardware hack: Home Depot nailed by vice merchants

Do-it-yourself kingpin Home Depot has confirmed a report it was breached indicating the compromise occurred in April this year. The US retail chain was working with law enforcement over compromise of payment terminals across stores in the country. Chief executive of the hacked firm Frank Blake admitted the breach in a terse …
Darren Pauli, 09 Sep 2014

Enigmail PGP plugin forgets to encrypt mail sent as blind copies

Enigmail has patched a hole in the world's most popular PGP email platform that caused mail to be sent unencrypted when all security check boxes were ticked. The dangerous hole in the Mozilla Thunderbird extension affected email that was sent only to blind carbon copy recipients on all versions below 1.7.2 released last month. …
Darren Pauli, 09 Sep 2014

China is now 99.8% sure you're you, thanks to world's-best facial recognition wares

Chinese researchers have developed a facial recognition system that can pick faces from a crowd with 99.8 percent accuracy from 91 angles. The platform can distinguish between identical twins, unravel layers of makeup and still identify an individual if they've packed on or shed kilos. Researcher Zhou Xi of the Chinese Academy …
Darren Pauli, 09 Sep 2014