Darren Pauli

Contact Mail Follow Twitter RSS feed

Security bod watches heart data flow from her pacemaker to doctor via ... er, SMS? 3G? Email?

A computer security researcher has probed the communication protocols used by her pacemaker – and hopes her findings will raise awareness of just how much info medical devices are emitting. Marie Moe received her pacemaker four years ago after she experienced a form of arrhythmia, and her heart began to slow. Soon after, she …
Darren Pauli, 05 Jan 2016
Onions

Tor launches invite-only exploit bug bounty

Tor will this year investigate an exploit bug bounty paying researchers cash for flaws, lead developer Mike Perry says. The HackerOne invite-only scheme is expected to be opened to the public after Tor finds its feet handling disclosures. Bug bounties are a booming initiative under which tens of thousands of dollars are being …
Darren Pauli, 05 Jan 2016
London Overground and a Southeastern train near Bermondsey. Pic: Matt Buck

Irked train hackers talk derailment flaws, drop SCADA password list

32c3 A trio of Russian hackers say core flaws in rail networks are opening trains to hijacking and derailment and have published dozens of hardcoded industrial control system credentials to kick vendors into action. description Sergey Gordeychik (right), Gleb Gritsai, and Aleksandr Timorin (rear). Industrial control specialist …
Darren Pauli, 04 Jan 2016

BlackEnergy drains files from Ukraine media, energy organisations

Malware writers are wiping hard drives of Ukraine media outlets and energy companies using a cocktail of backdoors. Eset threat bod Anton Cherepanov says VXers are attacking the unnamed organisations with the BlackEnergy trojan's new KillDisk component, capable of destroying some 4000 different file types and rendering …
Darren Pauli, 04 Jan 2016
Credit: Robert O'Neill Licence: https://creativecommons.org/licenses/by-sa/4.0/deed.en

Kiwi judge rules Kim Dotcom can be extradited to USA

A prima facie case can be made for the extradition of Kim Dotcom and others associated with the download site Mega, according to a New Zealand district court judge. We're indebted to the Twitter stream of Radio New Zealand reporter Kate Newton for the news, as she attended today's hearing in Auckland. Newton reported that the …
Darren Pauli, 23 Dec 2015

Mozilla looses Firefox 43, including Windows 64-bit variant

Mozilla has released version 43 of its Firefox web browser, introducing a 64-bit version for Windows and crushing four critical and seven serious vulnerabilities. The browser should now enjoy the security and performance boosts of 64-bit systems with fatter heap sizes to help fire up things like browser games and better …
Darren Pauli, 16 Dec 2015

FireEye flamed: A single email will grant total network access

Researchers at the Google's Project Zero security research team have found a brutal hole in FireEye kit that allows attackers to lay waste to corporate networks with a single email. The flaw, dubbed "666" from its Project Zero vulnerability number, is a passive monitoring hole that respected hacker Tavis Ormandy describes as a …
Darren Pauli, 16 Dec 2015

Ho ho hosed: Asian biz malware pwns air-gaps, thousands of Androids

CloudSek security bod Rahul Sasi says an Asian software development company is stealing sensitive defence software source code from air-gapped computers while also using a malicious Christmas app to hose thousands of Android handsets. The penetration tester found the onslaught from an unnamed software company that was actively …
Darren Pauli, 16 Dec 2015

Who needs CCTV? Get a terrifying slowpoke hoverdrone cam

A slow- and low-flying drone has been developed for security guard personnel that will follow visitors and snap their pictures. Japan's largest security outfit Secom says the drone will attempt to identify and photograph any potential intruder's face as well as the licence plate of their car, Kyodo News reports. The 10kmph …
Darren Pauli, 15 Dec 2015

Cisco forgot to install two LEDs in routers

Cisco has forgotten to install all the light emitting diodes (LEDs) in some routers. The Register understands that the LTE-enabled C800 integrated service routers. models C896, C897, and C898, lack LEDs that indicate traffic is passing over the WAN. Cisco has 'fessed up to the mess in a field notice that says "... two LEDs and …
Darren Pauli, 15 Dec 2015

Cisco starts spewing vuln info everywhere, in a good way

Security folk will be able to suck down Cisco vulnerabilities notices in more ways than ever thanks to a new application programming interface launched today. The Cisco security team's (PSIRT) openvuln plug is a RESTful API supporting standards like Common Vulnerability Reporting Framework (CVRF), Open Vulnerability and …
Darren Pauli, 15 Dec 2015

Patch now! Joomla attacked in remote code execution blitzkrieg

Joomla has slung a patch to crush a critical eight-year-old remote code execution vulnerability under active exploitation by attackers. Sucuri threat man Daniel Cid says hundreds of attacks are now taking place having ramped up from a mere handful Saturday. "This is a serious vulnerability that can be easily exploited and is …
Darren Pauli, 15 Dec 2015
Bookshelf in the British Library basement

Oxford Uni opens infosec ivory tower in Melbourne

The State of Victoria is cementing its place as Australia's security hub with the launch of an Oxford University national infosec risk centre in Melbourne. The Global Cyber Security Capacity Centre will perform "audits of national cyber security risks and capabilities" to help Australia plan investments and strategies. It …
Darren Pauli, 15 Dec 2015

American cyber crims operate popup hack 'n crack sites in plain sight

North American cyber criminals are so blatantly thumbing their noses at law enforcement that their forums have been nicknamed "glass tanks". The selling of malware, stolen credentials, and other crime services are so open they can be found using Google, Trend Micro researchers Kyle Wilhoit and Stephen Hilt say. Moreover, the …
Darren Pauli, 14 Dec 2015

Gamer ransomware grows up, now infecting UK, Euro businesses

Companies across Northern Europe are being smashed by the TeslaCrypt ransomware as net scum switch from extorting individuals to targeting deeper--pocketed organisations. Those worst affected are located in the United Kingdom, France, Italy, and Spain, where a highly capable phishing campaign regularly tosses out juicy baits …
Darren Pauli, 14 Dec 2015

Russian friends make German web scum the 'best' in European Union

The German cyber crime market is an overlooked but unique beast that works in lockstep with Russian veterans to serve fraud-flinging newcomers and hardened carders alike, researchers say. In one of the few examinations into German crime forums a team of Trend Micro threat bods say the scene is the most developed in the …
Darren Pauli, 14 Dec 2015

'Fairly bad core bug' crushed in Linux 4.4-rc5

Linux Lord Linus Torvalds says the fourth release candidate of Linux 4.4 contained “a fairly bad core bug” that's since been squashed, but may not have rung many alarm bells anyway. “Another week, another rc,” Torvalds writes on the Linux Kernel mailing list, before going on to say that development work is progressing as usual …
Darren Pauli, 14 Dec 2015

Hackers add exploit kit to article asking 'Is cyber crime out of control?'

Hackers have hosed an article published by The Guardian using the world's nastiest exploit kit Angler to pop the machines of exposed readers. The attack firmly answers the article's headline positing the question 'is cybercrime out of control', based on arguments in a book by one Misha Glenny. Angler is the most capable and …
Darren Pauli, 11 Dec 2015
Homer Simpson driving

Hundreds of thousands of engine immobilisers hackable over the net

Kiwicon Kiwi hacker Lachlan Temple has found holes in a popular cheap car tracking and immobilisation gadget that can allow remote attackers to locate, eavesdrop, and in some cases cut the fuel intake to hundreds of thousands of vehicles, some while in motion. The gadgets are rebranded white box units from Chinese concern ThinkRace …
Darren Pauli, 11 Dec 2015

Google cloaks Android in Red Screen of malware Dearth

Google has extended its anti-social engineering Chrome tool to Android, making big efforts to reduce blacklists bandwidth costs along the way. The Red Screen of malware Dearth officially branded Safe Browsing has long been a feature of Chrome desktop platforms where bandwidth and processing requirements are much less …
Darren Pauli, 11 Dec 2015

Overhaul Wassenaar or ruin next Heartbleed fix, top policy boffin says

Kiwicon Additional exemptions to the much-feared Wassenaar Arrangement will do nothing to protect far-flung security professionals critical to crushing dangerous Heartbleed-esque bugs, according to infosec policy-buff Katie Moussouris. The Hacker One chief policy officer is spearheading the security industry's global response to the …
Darren Pauli, 11 Dec 2015

Brit-American hacker duo throws pwns on IoT BBQs, grills open admin

Kiwicon American hardware hackers have ruined Christmas cooks ups across Australia, revealing gaping and pwnable vulnerabilities in Internet-connected barbecues. Hardware hackers Matthew Garrett and Paul McMillan revealed how the Internet-of-things CyberQ exposed its remote administration facilities and could be owned over the …
Darren Pauli, 10 Dec 2015

Aussie hacker flips Coin into fraudster fob

Kiwicon Criminals can empty stolen credit cards with new-found stealth using payment gadget Coin, thanks to the device's weak and pwnable authentication checks. Hacker Peter Fillmore (@typhoonfilsy) of Melbourne, Australia, found Coin's weak authentication scheme can be manipulated using man-in-the-middle attacks that allow fraudsters …
Darren Pauli, 09 Dec 2015

Google proffers plugs in Android MMS pwnfest

Google has slung a new set of patches at the vulnerability hub that is Android media processing, fixing four critical flaws and 10 high-severity bugs. The vulnerabilities could allow user phones to be compromised through a variety of means including MMS, email, and following web links. Nexus users get the fixes first along …
Darren Pauli, 08 Dec 2015

Sydney quantum computing wonks get $36M to build god box

Aussie physicists have scored AU$36 million to advance their work on the world's first silicon-based quantum computer. The University of New South Wales wonks scored $26 million over five years from the nation's Federal Government and an in-principle commitment of anotehr $10 million from the Commonwealth Bank to push ahead …
Darren Pauli, 08 Dec 2015

University of New South Wales to offer free online infosec courses

The University of New South Wales (UNSW), often ranked as Australia's top university for information security studies, will next year run free massive open online courses (MOOCS) under creative commons online licences. The University of NSW sec.edu.au courses to launch 28 February will vary in required skill level with some …
Darren Pauli, 08 Dec 2015

Hacker reveals lifestyles of the rich and famous in UAE bank pop

A hacker who appears to have cut and run has reportedly dumped bank information relating to thousands of a cashed-up United Arab Emirates bank customers. The hacker using the handle "Hacker Buba" claimed to local media to have popped Invest Bank before demanding US$3 million in ransom in order to withhold releasing the files …
Darren Pauli, 07 Dec 2015

Russian "Pawn Storm" expands, rains hell on NATO, air-gapped PCs

One of the most prolific and capable Russian malware groups is using a rare module to infect USB sticks and hose air-gapped machines in defence industry organisations. The group, known as "Sofacy" or "Pawn Storm" has been ripping into air gap defence organisations since at least August, demonstrating its skills using zero day …
Darren Pauli, 07 Dec 2015

NBN opens 400 tech jobs in looming second Melbourne security shop

nbn, the company building Australia's national broadband network (NBN), will hire 400 tech bods over the next two years to staff its upcoming Cyber Security Operations Centre in Melbourne's south. The will operate around the clock with infosec bods policing the network. It will operate in addition to the Network and Services …
Darren Pauli, 07 Dec 2015

Infosec bods rate app languages; find Java 'king', put PHP in bin

Java applications have been found to have many fewer common vulnerabilities than those coded using web scripting language. Less than a quarter of Java apps sport sporting SQL injection vulnerabilities, compared to more than three quarters of those written in PHP. So says Veracode's new State of Software Security report (PDF …
Darren Pauli, 04 Dec 2015

Domination: Crims steal admin logins, infect sites, drop Cryptowall 4

Virus slingers who find themselves unsatisfied by merely ruining computers with ransomware are now first stealing a victim's admin passwords to enslave their websites into attack campaigns. The battery starts with the installation of the Pony malware, which in 2013 stole some two million passwords through its global botnet. …
Darren Pauli, 04 Dec 2015

Ponmocup is the '15 million' machine botnet you've never heard of

Botconf One of the world's most successful, oldest, and largest botnets is an underestimated and largely-unknown threat that has over time infected 15 million machines and made millions plundering bank accounts. The findings from a team of eight Fox IT researchers say the 'Ponmocup' botnet controlled 2.4 million infections at its peak …
Darren Pauli, 03 Dec 2015

Darkode 3.0 is so lame it's not worth your time reading this story

The FBI-scuppered Darkode crime forum appears truly dead after a promised resurgent site failed to surface and a recent spin-off has proven horribly insecure. Darkode was the white-hat-infested crime den for English-speaking carders and VXers who bought and sold software and services that plundered the pockets of corporations …
Darren Pauli, 03 Dec 2015

Brit hardware hacker turns Raspberry Pi Zeros into selfie slayers

Kiwicon Hipsters and selfie addicts beware: infosec man Steve Lord has crafted a tool designed to sever your line of addiction to Instagram by quietly blocking it over public Wi-Fi. The British security bod built the Raspberry Pi Zero-powered "hipster slayer" out of nothing more than off-the-shelf components and "questionable life …
Darren Pauli, 02 Dec 2015

50c buys you someone else's password for Netflix, Spotify or ...

Criminals are selling 'lifetime' Netflix, HBO, and cable sports streaming accounts for less than US$10 on sites hidden within Tor. Premium sports accounts sell for about $10 while streaming TV can be bought for as low as 50 cents, far less than the $10 monthly subscription. Comic fans can buy a stolen Marvel Unlimited …
Darren Pauli, 02 Dec 2015

Hong Kong hacks hacked in democracy protest yap flap

Chinese hackers who previously popped Western financial firms are now using Dropbox to target Hong Kong based journalists, FireEye says. The group, suspected to be an outfit known as "admin@338", is using the cloud service to host command and control for its infection operations. Its attacks drop the backdoor payload dubbed …
Darren Pauli, 02 Dec 2015

British woman loses £1.6 million to romance scam love rats

A love-struck British woman has been fleeced of £1.6 million by two men posing as romantic interests she met through an online dating site. The businesswoman handed over increasingly large sums of cash over 10 months last year to the men totalling US$2.4 million (A$3.3 million). Nigerian Ife Ojo, 31, and Olusegun Agbaje, 43, …
Darren Pauli, 01 Dec 2015

Can't get a break: Pwned Linux ransomware pwned again, infects 3000

Pwned ransomware Linux Encoder has infected 3000 machines in a month, Russian security firm Dr Web says, despite the fact both versions of the software have been neutered. The first version of the ransomware was decrypted by security boffins at BitDefender days after it was first revealed by Dr Web. Linux.Encoder.1 encrypts …
Darren Pauli, 01 Dec 2015
'Broken Copyright' StockMonkeys.com

Team America, world police, take down 37,479 counterfeit sites

A band of merry world police lead by the United States Customs and Border Protection service shut down 37,479 copyright-infringing websites hawking counterfeit goods in the lead up to the Cyber Monday buying blitz. The takedown involved varying forms of collaboration between 27 countries including the Britain, France, Denmark …
Darren Pauli, 01 Dec 2015

VPN users menaced by port forwarding blunder

Virtual Private Network (VPN) protocols have a design flaw that can be potentially exploited by snoops to identify some users' real IP addresses. VPN provider Perfect Privacy, which discovered the security weakness, has dubbed it "port fail", and says it affects VPNs based on the IPSec (Internet Protocol security) or PPTP ( …
Darren Pauli, 30 Nov 2015

Microsoft takes PUPs behind the shed with gun in hand

Remond has updated its paid System Center Endpoint Protection and Forefront Endpoint Protection services with a feature to kill spammy and advertising injecting programs operating from within enterprise networks. The upgrades will help system admins to eliminate potentially unwanted programs (PUPs) from networks that are not …
Darren Pauli, 30 Nov 2015
Keep Calm and reset VM-created time

Hyper-V sets VM created date to 1601, in the reign of Good Queen Bess

Virtualisation mavens have been reminded that Microsoft’s Hyper-V has a bug that occasionally resets the “created” date of virtual machines to the year 1601. That's 1601 as in during the reign of Queen Elizabeth the first. Which we feel compelled to point out was quite a few years before the server was invented. The bug's …
Darren Pauli, 29 Nov 2015

Mr Grey, the Russian hacker who helped haul in 1.2 billion logins

The FBI has linked a hacker said to be in part behind the plundering of 1.2 billion credentials from some 420,000 websites to the handle "Mr Grey". The hack as reported by The Registercould be one of the biggest data theft hauls in history. The US agency linked the hacker to the handle using open source data including email …
Darren Pauli, 27 Nov 2015

Oz Govt calls for more talk on telco network security laws

Australia's Attorney-General's Department has again called for industry consultation on its sweeping security overhaul of the telecommunications sector that would force telcos provide the Federal Government with confidential networks plans. A draft for the Telecommunications and Other Legislation Amendment Bill was released 26 …
Darren Pauli, 27 Nov 2015

Hackers spray Reader's Digest stinky feet with exploit kit

Malwarebytes threat analysis man Jerome Segura says compromised Reader's Digest pages are being used to serve the Angler Exploit kit and trojan backdoors. Segura says the site was still serving the highly capable threat today as the publisher had not yet responded to his disclosure. "The attack consists of a malicious script …
Darren Pauli, 27 Nov 2015

HTTPSohopeless: 26,000 Telstra Cisco boxen open to device hijacking

More than 26,000 Cisco devices sold by Australia's dominant telco Telstra are open to hijacking via hardcoded SSH login keys and SSL certificates. The baked-in HTTPS server-side certificates and SSH host keys were found by Sec Consult during a study of thousands of router and Internet of Things gizmos. Cisco warns that …
Darren Pauli, 27 Nov 2015

Microsoft rides to Dell's rescue, wrecks rogue root certificate

Microsoft has killed Dell's user-pwning root certificate and its self-reinstalling .dll with its antivirus Defender tool. The certificate is a big blunder because it opens a universal means for attackers on public networks to hose new Dell laptops. That's because bright minds planted a self-signed root CA certificate and …
Darren Pauli, 26 Nov 2015

Researcher reveals Chinese e-crime shopping list

Dodgy developers can have their data-stealing iOS applications boosted to the top ranks of Apple's App Store for as little as US$4000 thanks to services on offer by Chinese hackers. The price will get an application capable of evading Apple's security checks onto the top five paid application list through boosting services. A …
Darren Pauli, 26 Nov 2015

Hacker predicts AMEX card numbers, bypasses chip and PIN

Brainiac hacker Samy Kamkar has developed a US$10 gadget that can predict and store hundreds of American Express credit cards and use them for wireless transactions, even at non-wireless payment terminals. The mind-blowing feat is the result of Kamkar cracking how the card issuer picks replacement numbers, and in dissecting …
Darren Pauli, 25 Nov 2015

Second Dell backdoor root cert found

A second root certificate has been found in new Dell laptops days after the first backdoor was revealed. The DSDTestProvider certificate was first discovered by Laptopmag. It is installed through Dell System Detect into the Trusted Root Certificate Store on new Windows laptops along with the private key. Dell has been …
Darren Pauli, 25 Nov 2015