Darren Pauli

Contact Mail Follow Twitter RSS feed

A third of iThings open to VPN-hijacking, app-wrecking attacks

A trio of FireEye researchers have reported twin 'app-demolishing' iOS vulnerabilities Apple has partially fixed in its latest update that could wreck core apps such as the App Store and Settings. Researchers Zhaofeng Chen, Tao Wei, Hui Xue, and Yulong Zhang revealed the latest in five so-called Masque attacks that could wreck …
Darren Pauli, 01 Jul 2015

Script-blocker NoScript lets in ANYTHING from googleapis.com

Detectify security researcher Linus Särud has reported a weakness in popular Firefox security tool NoScript that allows attackers to have their malware whitelisted. The tool is used by some two million security-and-privacy-conscious folk who want to stop active content like JavaScript and Flash getting a foothold in their …
Darren Pauli, 01 Jul 2015
Padlocks by Simon Cocks Flickr CC2 license

Identity protection outfit LifeLock picked, popped

Security researchers Eric Taylor and Blake Welsh have disclosed a cross-site scripting vulnerability in US identity protection company LifeLock. The duo from US outfit Cinder say the vulnerability allows attackers to target the company's three million users with malware and phishing attacks, session jacking, among other acts. …
Darren Pauli, 01 Jul 2015

Intel infosec folk TEE off open source app dev framework

A trio of Intel boffins have broken a vendor lock-down on trusted execution environments (TEEs) with the release of an open source framework that could help developers to build more secure apps. Intel wonks Brian McGillion, Tanel Dettenborn, and Thomas Nyman (plus N. Asokan of Aalto University and University of Helsinki) …
Darren Pauli, 30 Jun 2015

VPNs are so insecure you might as well wear a KICK ME sign

A team of five researchers from universities in London and Rome have identified that 14 of the top commercial virtual private networks in the world leak IP data. Vasile C. Perta, Marco V. Barbera, and Alessandro Mei of Sapienza University of Rome, together with Gareth Tyson, and Hamed Haddadi of the Queen Mary University of …
Darren Pauli, 30 Jun 2015

Amazon douses Fire phone man-in-the-middle diddle

MWR Labs researcher Bernard Wagner has reported three flaws in Amazon's Fire phone that could allow apps to facilitate man-in-the-middle attacks. Wagner says two Certinstaller (the CertInstaller tool enables the installation of certificates via various file formats) flaws allow apps to install certificates such that the large …
Darren Pauli, 30 Jun 2015

Sophos' putrid patch snuffs Citrix kit, kills call centre

A Sophos Web Appliance update has crashed users' PC fleets including knocking offline the Australian call centre of a global company for two days after support was quietly revoked for SSL 3.0 ciphers used in Citrix Receiver. The British security firm pushed out update version 4.0.2.3 last week to correct four non-critical issues …
Darren Pauli, 29 Jun 2015

Ransomware slinging exploit kit targets Flash remote code execution

Attackers have added a recent dangerous Adobe vulnerability to the Magnitude exploit kit, according to respected independent malware researcher "Kafeine". The remote code execution vulnerability (CVE-2015-3113) revealed last week allows attackers to hijack un-patched machines targeting Internet Explorer on Windows 7 and XP. Web …
Darren Pauli, 29 Jun 2015

Blackhats using mystery Magento card stealers

Sucuri infosec researcher Peter Gramantik says carders are exploiting an unknown vulnerability to steal billing information from e-commerce sites that use eBay's Magento platform. Gramantik found an attack script that plunders POST data and identifies valuable payment data before storing it as an encrypted image file. He says …
Darren Pauli, 29 Jun 2015

Rivalry heats up as VXers bake Fobber crypto clobber

A malware development squad is so determined to thwart meddling white hat researchers that it has produced a trojan riddled with obfuscation techniques and neurotic encryption. The Fobber banking trojan is based off Tinba version two, regularly hops between programs, and is distributed through the elusive and dangerous HanJuan …
Darren Pauli, 26 Jun 2015

Vegan eats BeEf, gets hooked

Botnet slaughterer Brian Wallace has created a module to detect when attackers are using the popular browser-busting BeEF hacking framework. The Chrome extension codenamed Vegan allows victims to detect when attackers have hooked their web browser instances using the enormously powerful Browser Exploit Framework. Vegan could …
Darren Pauli, 26 Jun 2015

Facebook! exfiltrates! Yahoo! security! boss!

Facebook has poached NSA-clashing Yahoo! security man Alex Stamos to head up its infosec operations. The hire means Menlo Park has filled a three-month vacancy left when security boss Joe Sullivan who oversaw a crackdown on Facebook scammers and scum left for Uber. Stamos fittingly announced his migration on his Facebook …
Darren Pauli, 26 Jun 2015

Dyre banking VXers LOVE Mondays, Symantec says

Nobody can accuse trojan coders of being lazy; the masterminds behind the Dyre banking malware are putting in full five-day working weeks to maintain some 285 command and control servers handling stolen banking credentials. The malware is one of the worst in circulation using its fleet of command and control servers to handle …
Darren Pauli, 25 Jun 2015

BlackShades privacy raiding web rat gets five years in US cooler

Swedish BlackShades co-creator Alex Yucel has been sentenced to nearly five years in a US cooler for selling and distributing the remote access trojan (RAT). Yucel, 25, pled guilty February in a New York court to slinging the perverted mutation of a legitimate system administration tool and was forced to forfeit $US200,000 in …
Darren Pauli, 25 Jun 2015
Dragon

NOD32 AV remote root wormable hack turns corporate fleets to meat

Google Project Zero bod Tavis Ormandy has disclosed a "trivial" means of remotely hack the ESET NOD32 antivirus platform. Ormandy's finding prompted the Slovak company to rush a patch a day before his disclosure overnight. The remote-root exploit is potentially wormable and, he said, of practical value to criminals. "Any …
Darren Pauli, 25 Jun 2015

Killer ChAraCter HOSES almost all versions of Reader, Windows

Get patching: Google Project Zero hacker Mateusz Jurczyk has dropped 15 remote code execution vulnerabilities, including a single devastating hack against Adobe Reader and Windows he reckons beats all exploit defences. The accomplished offensive security researcher (@j00ru) presented findings at the Recon security conference …
Darren Pauli, 24 Jun 2015
Herdwick sheep walk towards the camera

Triple glitch grounds ALL aircraft in New Zealand

A trinity of network failures led to the grounding of all aircraft in New Zealand yesterday. Just four minutes of outage ended up keeping planes on the ground for two hours, affecting 200 flights on 23 June. It cut off radar systems and forced traffic controllers to revert to manual systems to land some of the fifty aircraft …
Darren Pauli, 24 Jun 2015

RubyGems slings patch at nasty redirect trojan holes

Get patching: new vulns in the RubyGems developer distribution platform could expose millions of users to malicious redirects. The hole (CVE-2015-3900) since patched means clients could be pushed to Gem severs hosting malicious content even if HTTPS is employed. Attackers further benefited since RubyGems Gems Server Discovery …
Darren Pauli, 24 Jun 2015

Feds count Cryptowall cost: $18 million says FBI

Cryptowall authors have wrought some US$18 million in damages on US users and businesses alone, according to the FBI. The Cryptolocker-imitation ransomware family has etched itself as one of the most prolific and capable since it was first detected in April 2014. Global damage reported to the US agency are likely considerably …
Darren Pauli, 24 Jun 2015
Stacks of bitcoin CC2.0 attribution by FD Comite https://www.flickr.com/photos/fdecomite/

Slippery Silk Road spook will plead guilty to duping dealers

A US Secret Service information security bod is going to enter a guilty plea to pilfering US$820,000 in Bitcoins from scuttled drug souk the Silk Road. Shaun W. Bridges admitted to harvesting the anonymous currency before cashing out at the then Mx Gox Bitcoin exchange and going into hiding. “Mr. Bridges has regretted his …
Darren Pauli, 23 Jun 2015
spy_eye_648

Pirate captain blasts Google for its 'mystery' Chrome blob

Pirate Party captain Rick Falkvinge has weighed into the Google Chrome 'listening blob' debate, saying Mountain View silently downloaded an 'eavesdropper' to Chrome users' machines. The row arose last week, when Debian users first noticed that The Chocolate Factory was dropping the blob on their machines. Falkvinge rejects …
Darren Pauli, 23 Jun 2015

Redmond: IE Win 8.1 defence destroying hack ain't worth patch, natch

HP security research bod Dustin Childs says the company couldn't get Microsoft to patch an IE exploit, so it's gone public. Childs says the Address Space Layout Randomisation (ASLR) hole affects millions of 32bit systems and should have been patched. He says his former paymasters at Redmond did not consider the bug 'worth it' …
Darren Pauli, 23 Jun 2015

Phishing gone: eBay patches to block session-jacking Magento holes

Vulnerability Lab researcher Hadji Samir says eBay has squashed three vulnerabilities in its Magento shopping platform that could permit session hijacking and man-in-the-middle attacks. The penetration tester disclosed this month the vulnerabilities along with proof-of-concept videos showing how attackers could steal session …
Darren Pauli, 22 Jun 2015

Dev probes bad proxies, writes white hat checker, black hat DIY guide

Developer Christian Haschek is building an online tool to allow users to check whethre their free proxy is potentially harvesting their details, or is one of the few to be relatively secure. The ProxyChecker service allows users to enter the IP address and port of their favourite free proxy service, to see if it is messing with …
Darren Pauli, 22 Jun 2015
FJ cruiser by https://www.flickr.com/photos/paperstainer/ Cc 2.0 attribution  https://creativecommons.org/licenses/by/2.0/

Two foreigners, a desert and a jeep full of bank statements

On-Call Welcome again to On-Call, our weekend regular in which we share readers' tales of odd things that happen at odd times in odd places. This week, reader Alex tells us he once worked in the Saudi Arabian capital of Riyadh, for a major bank. “There had been a bunch of problems, which meant the customer account statements were …
Darren Pauli, 21 Jun 2015

BIG RED BUTTON exploits Redis flaw to fix Redis flaw

Reckless sys admins rejoice: entrepreneurial security bod Ben Murphy has created a daring quick patch for the popular Redis data structure server. Murphy (@benmmurphy) created an alluring red Hot Patcher™ button that when pushed will exploit a flaw in Redis in order to patch a Lua sandbox bypass vulnerability he disclosed this …
Darren Pauli, 19 Jun 2015

Drupal flicks fix to nix OpenID admin account hijack hole

Drupal has shuttered a flaw in its implementation of OpenID that allows attackers to log in as web site administrators. The flaw (CVE-2015-3234) is the most critical of four and affects versions six and seven of the content management system. Drupal's security team say attackers can target unpatched systems if they hold an …
Darren Pauli, 19 Jun 2015

LinkedIn reveals invitation-only bourgeois bug bounty

LinkedIn has revealed the closed-door bug bounty program it has run for the last eight months, paying out $65,000 in vulnerability rewards along the way. But the company is keeping the door to the scheme firmly closed. The if-you-need-to-ask-you'll-never-know bounty is designed to cut you the noise from the signal so that only …
Darren Pauli, 19 Jun 2015
sap security vulnerabilities

Most SAP HANA installs poppable with default keys, hacker says

ERPScan technology boss Alexander Polyakov says default security settings are exposing passwords and root keys in SAP HANA to external attackers. Attackers can use universal default keys to decrypt encrypted passwords used by the in-memory, column-oriented, relational database management system. Polyakov says administrators are …
Darren Pauli, 19 Jun 2015

Reddit joins the HTTPS-only stampede

Reddit will soon be served over HTTPS only as part of wider moves to secure the web. The Front Page of the Internet™ began serving its user-curated pages over secure sockets layer last September, in an effort that took some nine months to complete. The site has now decided that as of 29 June it will begin pushing all traffic to …
Darren Pauli, 18 Jun 2015
Lightning

Firefox preps processor revamp under Project Electrolysis

Mozilla looks ready to revamp its Firefox web browser so tabs and user interfaces can run in separate processes. The feature has appeared in a nightly testing version of the browser and has been in lengthy development under Project Electrolysis. Developer Dan Mircea says the feature is activated by default in nightly builds and …
Darren Pauli, 18 Jun 2015

DuckDuckGrow: Privacy search soars 600% after Snowden dumps

Privacy-first search aggregator DuckDuckDuckGo has grown a whopping 600 percent since NSA whistleblower Edward Snowden began revealing the extent of the US spying apparatus. The search engine uses sites including Wikipedia, Yandex, Yahoo!, Bing and Yummly and offers users bare-bones search results without the personalisation …
Darren Pauli, 18 Jun 2015

Phone scamming up 30 percent last year: Report

Retail and finance call centre phone scamming in the US is up 30 percent according to research. The 2014 findings are based on some 86 million scam calls a month picked up by Pindrop Security in which attackers aimed to obtain personal information on potential victims. The phone security company says one in 2200 calls are …
Darren Pauli, 18 Jun 2015

Apple CORED: Boffins reveal password-killer 0-days for iOS and OS X

Six university researchers have revealed deadly zero-day flaws in Apple's iOS and OS X, claiming it is possible to crack Apple's password-storing keychain, break app sandboxes, and bypass its App Store security checks. Attackers can exploit these bugs to steal passwords from installed apps, including the native email client, …
Darren Pauli, 17 Jun 2015

Three exposed Brit's privates with sloppy survey code

Hacker Joseph Redfern has reported a privacy flaw at UK telco Three, which exposed names and email addresses in online surveys. The telco shuttered the offending survey site and the exposed API which returned the private information in JSON forms when a user entered data. Refern says the flaw meant any phone number could be …
Darren Pauli, 17 Jun 2015

AdBlock aims to send filthy malverts on one-way LSD trip

Enterprises will be able to stem the remaining revenue stream for online news outlets using a new wide network feature launched today for popular browser extension AdBlock Plus. The extension modified under the ongoing AdBlock Plus for Administrators project will make it easier to deploy across technology device fleets by …
Darren Pauli, 17 Jun 2015

Google to shell out up to $58k for new Nexus epic pwnage

Researchers can score up to US$58,000 for bypassing core Nexus security mechanisms with a remote exploit under an expansion of Google's bug bounty program launched today. The top payments under the Security Rewards program are for bypasses of controls that Google uses to minimise exploitation risks. Hackers can land the most …
Darren Pauli, 17 Jun 2015

Blackhats exploiting MacKeeper hole to foist dangerous trojan

Last month's MacKeeper vulnerability is now being exploited in the wild to hijack Apple machines, according to BAE security researcher Sergei Shevchenko. The hacker says criminals are using social engineering to trick users into installing malware capable of exfiltrating data using a then zero-day vulnerability in the notorious …
Darren Pauli, 16 Jun 2015

British banks consider emoji as password replacement

British outfit Intelligent Environments says it in discussions with online banks to sell what it says is the first authentication scheme to replace passwords with emojis. The company claims emojis have 480 times more permutations than four digit passcode equivalents, a statistic we've struggled to verify independently. …
Darren Pauli, 16 Jun 2015

Bing to encrypt search traffic by default

Microsoft product manager Duane Forrester says it will encrypt all Bing search traffic later this year. Forrester says the move follows Cupertino's 2014 decision to allow users to opt-in to HTTPS for web searches. "Beginning this (Northern hemisphere) summer, we will begin the process of encrypting search traffic by default," …
Darren Pauli, 16 Jun 2015
Crypto fingers

Westpac buys stake in Canberra crypto king QuintessenceLabs

Australian banking goliath Westpac will become a substantial stakeholder in Canberra based QuintessenceLabs (QLabs) and use outfit's quantum key distribution technology for its internal infrastructure. QLabs commercialises research from the Australian National University to produce quantum key distribution (QKD) and random key …
Darren Pauli, 16 Jun 2015

Uber petitions page p0wned, thanks to textbook code

Uber has pulled its petition sites offline after a hacker exploited web vulnerabilities lodging 100,000 fake votes and redirecting visitors to rival Lyft. The hacker known only as "Austin" could not be reached at the time of writing. Uber has been contacted for comment. Austin says the petition site Uber hoped to use to lobby …
Darren Pauli, 15 Jun 2015

Snapchat slings SMS two-factor authentication

Snapchat has deployed two factor authentication as part of its push to increase security across the popular selfie slinging app. The sexting swap shop allows users to set up SMS log-in verification that makes en-masse account hijacking more difficult, and better protects Snapchat's Snapcash money transfer system. The additional …
Darren Pauli, 15 Jun 2015
Patching celebration

Cisco issues 16 patches to pop pesky peccant packets

Cisco has issued a string of patches for 16 faults including a fix for a possible remote code execution in its IOS and IOS XE routing software. The patches address a generous dollop of security conditions caused by faulty queued packets. One flaw, rated severity 8.3, allows attackers to gain remote code execution in IOS XE by …
Darren Pauli, 15 Jun 2015

Poison résumé attack gives ransomware a gig on the desktop

Security researchers are focussing their crosshairs on what appears to be high-volume spam and exploit campaigns to deliver the latest iteration of the Cryptowall ransomware. Boffins from the SANS Institute, Cisco, and MalwareBytes have identified a dangerous if goofy spam campaign slinging the nasty ransomware masquerading as …
Darren Pauli, 12 Jun 2015

Europol operation crushes phiendish global phishing ring

Police have arrested 49 men from Spain, Nigeria, and Cameroon in connection with electronic bank account raids that plundered some €6 million across Europe. The men were arrested as part of Operation Triangle, an effort involving police from Spain, Italy, and Poland together with authorities in Belgium, the UK, and Georgia. …
Darren Pauli, 12 Jun 2015

OpenSSL releases seven patches for seven vulns

Users are being urged to upgrade OpenSSL to prevent eavesdroppers listening to otherwise encrypted connections undermined through the LogJam vulnerability thought to be the NSA's crypto-cracking tool of choice. OpenSSL maintainers have patched seven vulnerabilities including the LogJam vulnerability (CVE-2015-4000) which allows …
Darren Pauli, 12 Jun 2015

Mozilla doubles bug bounties to $10k

Mozilla has more than doubled the cash rewards under its dusty bug bounty to beyond $10,000. The browser baron has increased the reward for high-severity bugs such as those leading to remote code execution without requiring other vulnerabilities. Engineer Raymond Forbes says the bounty had not been updated in five years and had …
Darren Pauli, 11 Jun 2015

Super Stuxnet's SCADA slaves: security is atrocious

Botnet boffin Peter Kleissner says at least 153 computers are still slaves to Stuxnet. Of those, six are tied to supervisory control and data acquisition (SCADA) systems which the malware is designed to exploit to destroy the attached machinery. Kleissner told a presentation at an information security conference in Vienna last …
Darren Pauli, 11 Jun 2015
Don Draper is Sad

But ... but iOS 9 could BLOCK my Ad-Block, dev squeals

Apple appears to have added an ad-blocking capability to iOS 9, stoking hopes and fears in different quarters. The beta version of the operating system sports a Content Blocking Safari Extensions feature which Apple says will give extensions "a fast and efficient way to block cookies, images, resources, pop-ups, and other …
Darren Pauli, 11 Jun 2015