Darren Pauli

Contact Mail Follow Twitter RSS feed
HP Enterprise Consulting Services managing principal Stephen Kho. Image: Darren Puali / The Register

Got Ancient exploit but nowhere to use it? Try the horrid GRX network

Ruxcon They've been warned for years, but scores of telcos are still making bone-headed configuration mistakes in their GPRS Global Roaming Exchange (GRX) networks, leaving mail and FTP servers vulnerable. The international phone routing system is used for passing and billing calls between providers, using encryption to funnel data …
Darren Pauli, 26 Oct 2016

VXer turns to ancient freemium model to flog keylogger, malware tools

Malware has been spotted using the freemium model more than 30 years after it was introduced. PhishMe malware researcher Paul Burbage (@hexlax) spotted the revitalised model in a keylogger sold as a freemium public download and as a US$55 full version purchase. The Viotto Keylogger is the offensive security tool designed by a …
Darren Pauli, 26 Oct 2016
I AM NIKOM / Shutterstock.com

This is not a drill: Hackers pop stock Nexus 6P in five minutes

The Nexus 6P appears to have been hacked with attackers at the Mobile Pwn2Own contest installing malware without user interaction in less than five minutes. The hack by China's Keen Team happened minutes ago at the Tokyo event and does not require users to do anything. It is as of the time of writing yet to be confirmed but …
Darren Pauli, 26 Oct 2016

'Outpaced' ASIO was infiltrated by Soviets

The Australian Security Intelligence Organisation (ASIO) has publicly admitted for the first time it was infiltrated by Soviet spies during the Cold War. The admission in a new historical volume is 27 years in the making since the end of the Cold War spanning 1975 to 1989. Australian National University senior fellow Doctor …
Darren Pauli, 26 Oct 2016
Millennials snap pics of their food with smartphones for Facebook/Twitter/instagram. Photo by shutterstock

Microsoft: Watch out millennials for evil Security Essentials

Microsoft is warning of fake copies of its Security Essentials that if executed will throw a fake blue screen of death, pwn machines, and lead users to technical support scams. Redmond regards the threat dubbed Hicurdismos as a severe threat which compromises PCs typically through bundled software installers and drive-by- …
Darren Pauli, 25 Oct 2016
Batman. Credit: DC Comics.

Graduate recruitment site exposed 50,000 CVs sent to Virgin Media UK

Virgin Media has shuttered a kindergarten-grade bug in a third party website that exposed up to 50,000 résumés it's received over the years, complete with names, street and email addresses of applicants. The vulnerability was due to entirely absent access controls on a public server to which applicants were directed to upload …
Darren Pauli, 25 Oct 2016

Joomla! readies patch for core vulnerability so critical it isn't talking

The world's second-favourite content management system, Joomla!, is warning of a critical security hole so bad its developers aren't saying what it fixes. The Register understands a patch for the mystery hole will take the name of version 3.6.4 and will be published around 1400 UTC today, October 25th. Joomla! has been …
Darren Pauli, 25 Oct 2016
Gerhard Klostermeier. Image: Darren Pauli, The Register.

Hackers pop top 'secure' wireless keyboard and mouse kits, gain RCE

Ruxcon Wireless keyboard and mouse manufacturers including Microsoft, Fujitsu, and Logitech have been forced to fix borked encryption in peripherals that allow physical attackers to hijack computers. Researchers and phDs Gerhard Klostermeier and Matthias Deeg with Germany-based security firm SySS tested five devices badged as secure …
Darren Pauli, 24 Oct 2016

Brute force cred crunchers gifted Username Anarchy

Ruxcon Melbourne security bod Andrew Horton has created a tool to automate the generation of usernames in a bid to round-out brute force account attacks. The HackLabs penetration tester says he created Username Anarchy to fill a feature gap left by basic username generation tools. Horton (@urbanadventur3r) says it will help hackers …
Darren Pauli, 24 Oct 2016
Wanqiao Zhang. Image: Darren Pauli, The Register.

Every LTE call, text, can be intercepted, blacked out, hacker finds

Ruxcon Hacker Wanqiao Zhang of Chinese security house Qihoo 360 has blown holes in 4G LTE networks by detailing how to intercept and make calls, send text messages and even force phones offline. The still-live vulnerabilities were documented and discussed at the Ruxcon hacking confab in Melbourne, Australia, this weekend, including a …
Darren Pauli, 23 Oct 2016

Slack whacks global account hijack holes

Hipster collaboration platform Slack has shuttered an access control bypass that allowed users to hijack any account. The flaws reported by security researcher David Viera-Kurz lay in twin path traversal and access control bypasses. Slack paid Viera-Kurz US$9000 for privately reporting two flaws under its bug bounty program …
Darren Pauli, 21 Oct 2016

Fruity hacking group juiced by Microsoft's October patch parade

Kaspersky Labs researcher Anton Ivanov says an advanced threat group was exploiting a Windows zero day vulnerability before Microsoft patched it last week. Microsoft says the graphics device interface vulnerability (CVE-2016-3393) allowed attackers to gain remote code execution and elevation of privilege powers. Ivanov's …
Darren Pauli, 21 Oct 2016

Spam scum ping global blacklists to wreck rep

Malware authors are consulting IP blacklists designed to help fight spam in a bid to avoid detection and increase inbox hit rates. The novel abuse allows malware authors to determine if they have infected clean and benign machines. "This malware is interesting because it contains a hardcoded list of commonly known blacklist …
Darren Pauli, 21 Oct 2016
Image by 9 George http://www.shutterstock.com/gallery-607441p1.html

Google pays $100k to anti-malware crusader Giovanni Vigna

Anti-malware machine and head of the Shellphish DARPA Grand Challenge bronze-medallist team has won US$100,000 from Google for security research efforts. University of California Santa Barbara doctor Giovanni Vigna landed Google's Security, Privacy and Anti-Abuse award for his long line of research into malware detection. …
Darren Pauli, 21 Oct 2016
Riven Media http://www.shutterstock.com/gallery-1141187p1.html

Security research tool had security problem

Security researchers and the networks they rely on were at risk of breach by the hackers they investigate, thanks to now mitigated man-in-the-middle holes in a popular plugin for analysing debugger OllyDbg. The debugger disassembles binaries, making it a handy way to understand an application's workings without having access …
Darren Pauli, 20 Oct 2016
Snake oil salesman

Kids today are so stupid they fall for security scams more often than greybeards

Millennials are more likely to fall for tech support scams than baby boomers, Microsoft says. The findings are revealed in a recent Microsoft study that saw it poll peeps in the United Kingdom, the United States, Australia and nine other countries. Redmond's not revealed the number of respondents. Tech support scams take on …
Darren Pauli, 20 Oct 2016

Reading this? Then you can pop root shells on Markvision enterprises

Lexmark has patched two dangerous vulnerability in its Markvision enterprise IT analysis platform that grants remote attackers god-mode system access over the internet. The platform is used by tech shops to manage thousands of devices. Researchers with San Antonio based securtity consultancy Digital Defence reported the twin …
Darren Pauli, 20 Oct 2016
image by JoeBakal http://www.shutterstock.com/gallery-832894p1.html

Crims cram credit card details into product shots on e-shops

Hackers are going to considerable lengths to hide credit cards stolen from websites victimised in a wave of recent attacks, weaving the data into working images of products sold online. The tricks are part of a wave of attacks targeting some 6000 Magento e-commerce sites The Register reported last week. Sucuri remediation …
Darren Pauli, 19 Oct 2016

Audit sees VeraCrypt kill critical password recovery, cipher flaws

Security researchers have found eight critical, three medium, and 15 low -severity vulnerabilities in a one month audit of popular encryption platform VeraCrypt. The audit is the latest in a series prompted by the shock abandoning of TrueCrypt in May 2014 due to unspecified security concerns claimed by the hitherto trusted …
Darren Pauli, 18 Oct 2016
Riven Media http://www.shutterstock.com/gallery-1141187p1.html

'Dyre' malware re-surfaces as 'TrickBot', targets Australian banks

Malware now targeting Australian users could be based on one of the world's worst banking trojans. Fidelis malware mangler Jason Reaves says the TrickBot malware has strong code similarities to the Dyre trojan, a menace that ripped through Western banks and businesses in the US, the UK, and Australia, inflicting tens of …
Darren Pauli, 18 Oct 2016

ShadowBrokers put US$6m price tag on new hoard of NSA hacks

A group thought linked to a Russian hacking outfit has moved to cash in on its cache of likely NSA exploit tooling, by offering it in exchange for 10,000 Bitcoins. The group known as "ShadowBrokers" wrote that they will release a password to a public encrypted cache of alleged NSA tools and exploits. It is the second cache …
Darren Pauli, 17 Oct 2016

Mozilla users >50% HTTPS

More than half of Mozilla users are now using HTTPs. Mozilla developer Josh Aas says the browser baron's telemetry reveals more than 50 percent of page requests were made via HTTPS, an effort helped along by the Let's Encrypt initiative which hands out free HTTPS certificates. Aas says it was the first time the benchmark had …
Darren Pauli, 17 Oct 2016

Outlook-on-Android alternative 'Nine' leaked Exchange Server creds

Staff logging into Exchange Server through a popular app could have placed their enterprise credentials at risk through a since-closed vulnerability. The Nine app which has clocked up to a million downloads on the Google Play store would shout Microsoft Outlook login credentials over insecure connections thanks to a bug that …
Darren Pauli, 17 Oct 2016

More than half of Androids susceptible to ancient malware

One of the world's most prolific Android malware instances is still the most prevalent piece of malware more than two years after it first emerged. The capable trojan known as Ghost Push infects Android up to version five, aka Lollipop, still employed by about 57 per cent of all users. Ghost Push won't run on Android version …
Darren Pauli, 17 Oct 2016
Facebook Lite app

Facebook's un-Liked ~900 security flaws in five years

Facebook has paid security researchers US$5million in five years, after they found vulnerabilities in its platforms and quietly disclosed them under its bug bounty program. The Social Network™ runs a well oiled bounty program and pays generously when it receives notice of flaws and working proof-of-concepts, provided they are …
Darren Pauli, 14 Oct 2016