Darren Pauli

Contact Mail Follow Twitter RSS feed

Netflix airs its developers' Dirty Laundry

Netflix has developed a platform, using soon-to-be open source tools, that probes for vulnerabilities and monitor data leakage. One initiative dubbed the "Dirty Laundry Project" monitors for Netflix assets unintentionally exposed by its staff. Engineers Scott Behrens and Andy Hoernecke (pictured above) told the Shmoocon …
Darren Pauli, 09 Feb 2015

Fraudsters make bank as exec wires $17 MEELLION to China

Scammers have swindled commodities trader Scoular out of US$17.2 million (A$22.1 million, £11.3 million) in a targeted phishing exercise. Local news outlet Omaha.com reported the company controller at Scoular with the 800-seat company had followed instructions to wire a series of massive payments to a Chinese bank from emails …
Darren Pauli, 09 Feb 2015

Fancybox WordPress plugin reveals zero day affecting thousands

A WordPress plugin downloaded half a million times has been used in zero day attacks that served up malware. The plugin in question is called FancyBox and creates a lightbox-like interface with which to look at images. It's been used by unknown actors to deliver a malicious iframe through a persistent cross-site scripting …
Darren Pauli, 06 Feb 2015

Assange's cop chaperones have cost £10 MEEELLION to date

Blighty has haemorrhaged A$19.6 million (£10 million, US$15.3 million) on the security detail guarding platinum-topped Wikileaks boss Julian Assange during his stay at the Ecuador embassy in London. The figures cover the cost of keeping 343 bobbies on the beat from the time of Assange's self-imposed exile to October 2014 and …
Darren Pauli, 06 Feb 2015

WHERE'S WALLY? He's in this algorithm, says developer

The location of stripe-shirt-wearing picture book character Wally has been nailed down by cold hard algorithms. Where's Wally (or Where's Waldo in the US and Canada) books have inflicted eye-strain and brought tears and screams to kiddies since their 1987 debut, when the series first asked readers to spot the titular character …
Darren Pauli, 06 Feb 2015

APT devs are LOUSY coders, says Sophos

The most infamous advanced persistent threat groups write exploits that fail more often than they work, malware bod Gabor Szappanos says. The malware prober with SophosLabs Hungary office examined 15 exploit writing groups and rated six as having only basic skills. Szappanos found one popular exploit (CVE-2014-1761) used as a …
Darren Pauli, 05 Feb 2015

'Ruskie' malware pwns iOS 7

Attackers, perhaps of Russian origin are infecting the iPhones linked to government, defence and media sectors with dangerous spy malware capable of breaching non-jailbroken devices, researchers say. The XAgent malware part of attacks unveiled last year against Windows devices has moved to iOS targeting iOS 7 and to much lesser …
Darren Pauli, 05 Feb 2015

NSA raided hackers' troves of stolen data: report

The NSA and its allies have raided the pockets of independent and nation-state hackers and monitored some of the security industry's foremost researchers in its bid to hoover information on targets and find better ways to break systems, Snowden documents reveal. Spooks would monitor the work of 'freelance' and rival state …
Darren Pauli, 05 Feb 2015
Banksy-style graffiti image of Alan Turing

Turing notes found warming Bletchley Park's leaky ceilings

Top secret documents devised by Alan Turing, which should have been destroyed under wartime rules, have been found during renovations of Bletchley Park where they were used in roof cavities to stop draughts. The documents have been identified as 'Banbury sheets', papers punched with holes to allow manual comparison of enciphered …
Darren Pauli, 04 Feb 2015
Lock security

Microsoft blunts hooks of nasty Internet Explorer phishing flaw

Microsoft is investigating an alleged vulnerability in its flagship Internet Explorer browser. The cross-site scripting hole disclosed Saturday by hacker David Leo includes functional proof of concept code, according to confirmed reports. Vulture South reported the flaw to Microsoft Friday and has been told it is working to …
Darren Pauli, 04 Feb 2015
Flash Gordon

Attackers sling recent Flash 0day through 1800 domains

Some 1800 subdomains have been found slinging the Angler exploit kit using Adobe's most recent Flash zero day exploit, Cisco researcher Nick Biasini says. The lion's share of nasty subdomains were set up on 28 and 29 January and tied to about 50 GoDaddy registrant accounts. Biasini said the malvertising attacks used several …
Darren Pauli, 04 Feb 2015

Dating site PAYS cracker for stealing creds

A blackhat hacker who stole 20 million credentials and attempted to sell some online has been handed a bug bounty by one of his victims, Russian dating site Topface. The mix 'n' meet site was hacked last month by blackhat 'Mastermind' who published millions of email addresses online and was found attempting to hawk the …
Darren Pauli, 03 Feb 2015

Ransomware 2.0 'crypts website databases – until victims pay up

Criminals are holding companies' web databases to ransom by compromising web applications and encrypting all the data until money is handed over. As detailed by security consultancy High-Tech Bridge, the attacks start with an assault on a website that yields access to a database server. Once in, miscreants install hidden …
Darren Pauli, 03 Feb 2015
Broken car window: Credit: Brian Drew

Target carders turn their attention to parking lots

The hackers behind the flaying of retail chain Target have turned their attention to parking lots, popping three since December, according to reports. Online airports parking reservation mob Book2Park.com was investigating what appeared to be a breach of possibly thousands of credit cards being sold on infamous carder site …
Darren Pauli, 03 Feb 2015

Atlassian HipChat service popped

Attackers have popped the HipChat service run by software house Atlassian, accessing names, encrypted passwords and email addresses for two per cent of users. The company has warned users – who have to date sent some four billion messages using HipChat – to reset passwords. Sydney-based security director Craig Davies said his …
Darren Pauli, 02 Feb 2015

Can't afford a BMW or Roller? Just HACK its doors open!

BMW has plugged a hole that could allow remote attackers to open windows and doors for 2.2 million cars. The flaws were found by the German motoring association ADAC in the ConnectedDrive technology that allows BMW, Mini and Rolls Royce drivers to access their wheels with a smartphone. BMW patched the flaw remotely, thereby …
Darren Pauli, 02 Feb 2015

Pirate Bay data now tugged by IP-address-tracking current

The new version of The Pirate Bay appears to be using the CloudFlare content delivery network, which logs IP addresses to filter out attacks. The use of CloudFlare worries some who feel it increases the likelihood of Pirate Bay users being surveilled. Which obviously won't be a problem for the overwhelming majority of users who …
Darren Pauli, 02 Feb 2015

Google PRECOGS to pay researchers before they find software flaws

Google will pay you for bugs you haven't even found yet under a new program to help soothe frustrated researchers struggling to find flaws in ever harder software and services. The Vulnerability Research Grants described as cash with "no strings attached" will allow security bods to apply for US$3133.70 to begin bug hunting …
Darren Pauli, 01 Feb 2015

Privacy alert: Outlook for iOS does security STUPIDLY, says dev

Big Blue boffin Rene Winkelmeyer has taken aim at Microsoft's iOS Outlook app, launched overnight, claiming it stores credentials in the cloud potentially even after delete requests, and does not observe known good security practices. The spray against the House That Bill Built followed an examination into the way the app …
Darren Pauli, 30 Jan 2015
Spying image

A docket, tweet and selfie can reveal your identity, boffins find

Scientists have revealed it is possible to determine the identity of shoppers using credit card purchase and location metadata, in research that throws a spanner into national privacy laws. The research published in the journal Science found shopping receipts could be matched with four sources of external location data acquired …
Darren Pauli, 30 Jan 2015

iTunes Connect does developer shuffle

Apple has kicked off an impromptu game of musical chairs on iTunes Connect dropping developers into random accounts including one lucky punter who was allegedly handed Blackberry's portal. The glitch, which surfaced a few hours ago at the time of writing, has since been resolved after developers were randomly logged into …
Darren Pauli, 30 Jan 2015
iPad Psycho image

Top smut site Flashes visitors, leaves behind nasty virus

A massive malvertising campaign leveraging the recent Adobe Flash zero day vulnerability has surfaced on popular* adult site xHamster, analysts say. The attack served the Bedep Trojan to the site's 500 million viewers a month through a surreptitious exploit on the landing page. It did not take advantage of the Angler exploit …
Darren Pauli, 29 Jan 2015

Mozilla dusts off old servers, lights up Tor relays

Mozilla has given the Tor network a capacity kick with the launch of 14 relays that will help distribute user traffic. Engineers working under the Foundation's Polaris Project inked in November pulled Mozilla's spare and decommissioned hardware out of the cupboard for dedicated use in the Tor network. It included a pair of …
Darren Pauli, 29 Jan 2015

Researcher says Aussie spooks help code Five Eyes mega malware

The Australian Signals Directorate (ASD) has refused to comment on allegations it had a hand in the creation of a keylogging module used by global spookhauses and considered almost identical to parts of the complex Regin malware. Security bods fingered its involvement due to a file path in the malware's code that referenced the …
Darren Pauli, 29 Jan 2015

Regin super-malware has Five Eyes fingerprints all over it says Kaspersky

The Regin malware, often described as the devil spawn of Stuxnet and Duqu, is the handiwork of the Five Eyes nation state spy apparatus, analysis reveals. The malware was named in November by researchers impressed with the smarts that helped it hide in plain sight for up to six years. Analysis overnight by Kaspersky malware …
Darren Pauli, 28 Jan 2015

Oz spooks hack, try to fry Middle East servers – report

Oz spies have reached across the Indian Ocean and meddled with the cooling controls of an unnamed Middle Eastern nation's servers hostile to Australia, according to reports. The Australian Financial Review offered scant detail on the attack that was based on multiple intelligence sources. The report claims the Australian …
Darren Pauli, 28 Jan 2015

'Super-secure' BlackPhone pwned by super-silly txt msg bug

Exclusive The maker of BlackPhone – a mobile marketed as offering unusually high levels of security – has patched a critical vulnerability that allows hackers to run malicious code on the handsets. Attackers need little more than a phone number to send a message that can compromise the devices via the Silent Text application. The impact …
Darren Pauli, 27 Jan 2015

Apple patch shields Macs from Thunderstrike

Apple will mute the Thunderstrike attack in an upcoming OS X patch, according to a report. Beta developers told iMore the OSX 10.10.2 release stops the attack and prevents firmware downgrades which could re-enable the vulnerability on patched machines. The Thunderstrike attack was revealed earlier this month by reverse engineer …
Darren Pauli, 27 Jan 2015

Jellybean upgrade too hard for Choc Factory, but not for YOU

Google says it won't patch Android Jellybean because it's too hard. The company revealed earlier this month that it would not fix vulnerabilities found in WebView, the core component used to render web pages on older Android devices. Android engineer lead Adrian Ludwig said it was too hard to squeeze a patch into Webview's …
Darren Pauli, 27 Jan 2015

P0wning for the fjords: Malware turns drones into DEAD PARROT

Hacker Rahul Sasi has found and exploited a backdoor in Parrot AR Drones that allows the flying machines to be remotely hijacked. The Citrix engineer developed what he said was the first malware dubbed Maldrone which exploited a new backdoor in the drones. Sasi (@fb1h2s) said the backdoor could be exploited for Parrot drones …
Darren Pauli, 27 Jan 2015
Privacy image

Snoopy Fujitsu tech KNOWS you'll click that link – before YOU do

The next time you hover over a suspicious link a little too long, or download from a questionable site, you might get a nudge from Fujitsu. The Japanese tech giant has, from the back of a 2000-head study, developed a tool capable of determining if a user was likely to be scammed and delivering a custom warning. Together with a …
Darren Pauli, 23 Jan 2015

Symantec data centre security software has security holes

Security bod Stefan Viehböck has detailed holes in Symantec's data centre security platforms that the company plugged this week because they allowed hackers to gain privilege access to management servers. The patches fix holes in the management server for Symantec Critical System Protection (SCSP) 5.2.9 and its predecessor Data …
Darren Pauli, 23 Jan 2015

Adobe finds, patches ANOTHER exploited Flash 0day

Another exploited zero-day vulnerability has been uncovered and patched in Adobe Flash, 24 hours after a second flaw in the popular web trinket was found being used in attack kits. Adobe is examining yesterday's zero day, picked up by French researcher Kafeine who spotted it after analysing a version of the popular Angler …
Darren Pauli, 23 Jan 2015
Rickmote

Google splashes $80k on Chrome 40 bug splatting

Google has patched 62 security vulnerabilities in Chrome 40 and handed out US$88,500 to bug hunters who spotted the problems. Of those fixes, 17 swatted dangerous memory corruption and use-after-free vulnerabilities in Chrome elements including FFmpeg, ICU and DOM. The Chocolate Factory's digital guardians pushed the flagship …
Darren Pauli, 23 Jan 2015

Netadmin wanted for 'terrible, terrible, awful job nobody wants'

Calling network administrators: do you want more stress? A fuller inbox? More demanding and ever-moving objectives?Then apply to be the next network administrator at the Children's Specialty Center of Nevada! The position offers generous benefit packages --and you'll need it for the extra cost of counselling and tissues to wipe …
Darren Pauli, 22 Jan 2015

Flash zero day under attack

A zero day Flash vulnerability is being actively exploited by criminals using the popular Angler exploit kit. Adobe is investigating the report by respected French malware researcher Kafeine, who found the exploit kit circulating on cybercrime forums. The vulnerabilities affected Flash Player versions up to 15.0.0.223 and the …
Darren Pauli, 22 Jan 2015

Remote code execution vulns hit Atlassian kit

Software development software house Atlassian has patched critical vulnerabilities found in all versions of its Confluence, Bamboo, FishEye, and Crucible products. The company sent an email to its customers alerting them of the flaw that affected versions of Confluenceup to 5.6.5, Bambooup to 5.7, and FishEye and Crucible up to …
Darren Pauli, 22 Jan 2015

It's 2015 and default creds can brick SOHO routers

A hacker has detailed a series of tricks that can silently reboot or brick routers or activate admins functions. Many routers including Netgear and Surfboard models look to be affected, with most attacks requiring just victims' default universal credentials to be applied. Applications security bod Joseph Giron detailed how …
Darren Pauli, 21 Jan 2015

SoShabby GoDaddy flings patch at domain hijack hole

Domain goliaths GoDaddy has rushed to plug a vulnerability that allowed attackers to hijack registered sites. Pen tester Dylan Saccomanni dropped the Cross-Site Request Forgery (CSRF) bug on his blog after the company said there was no timeline for a fix. GoDaddy applied a fix less than 24 hours after the blog was published. " …
Darren Pauli, 21 Jan 2015

Google reveals bug Microsoft says is mere gnat

Google has reported a local file flaw affecting Windows 7 and 8.1 32 and 64 -bit systems in the third vulnerability dropped since a spat with Microsoft erupted last week. The vulnerability that allowed a malicious Server Message Block version 2 server to force a client to open arbitrary local files was marked high severity by …
Darren Pauli, 20 Jan 2015
Traffic cones by Squire Morley. licensed under creative commons 2.0 https://creativecommons.org/licenses/by/2.0/

Video nasty: Two big bugs in VLC media player's core library

A Turkish hacker has revealed two zero-day vulnerabilities in library code used by the popular VLC media player and others. The data execution prevention (CVE-2014-9597) and write access (CVE-2014-9598) violation vulnerabilities could lead to arbitrary code execution, researcher Veysel Hatas said in a post. "VLC Media Player …
Darren Pauli, 20 Jan 2015

Possible Lizard Squad members claim hack of Oz travel insurer

Nearly 900,000 client records including names, addresses, and phone numbers have been stolen from travel insurer Aussie Travel Cover by a suspected member of the Lizard Squad hacking crew. The hacker released databases including those detailing customer policies and travel dates along with a list of partial credit card …
Darren Pauli, 20 Jan 2015

NSA: We're in YOUR BOTNET

The NSA quietly commandeered a botnet targeting US Defence agencies to attack other victims including Chinese and Vietnamese dissidents, Snowden documents reveal. The allegation is among the latest in a cache of revelations dropped by Der Spiegel that revealed more about the spy agency. The "Boxingrumble" botnet was detected …
Darren Pauli, 19 Jan 2015
Mozilla Firefox Fox sitting down

Firefox 35 stamps out critical bugs

Mozilla has crushed nine bugs, some rather dangerous, in the latest version of its flagship browser. The fixes include a patch for a critical sandbox escape (CVE-2014-8643) in the Gecko Media Plugin used for h.264 video playback affecting Windows machines (but not OS X or Linux). Another critical hole addressed a read-after- …
Darren Pauli, 19 Jan 2015

AT LAST: Australia gets its very own malware

Australians are being targeted by a new variant of the Carberp malware under what appears to be renewed criminal interest in the antipodes. The modified trojan, Carberp.C, was spread through a spam operation masquerading as a payment invoice. Virus writers pushed the malware out a day after coding it, Symantec researcher …
Darren Pauli, 19 Jan 2015

Dongle bingle makes two MEELLION cars open to exploit

A bluetooth dongle used to track driver habits for insurance purposes has been hacked potentially allowing cars to be remotely hijacked, researcher Corey Thuen says. The attack targeted the SnapShot dongle offered by US company Progressive Insurance and used by two million American drivers which collected vehicle location and …
Darren Pauli, 19 Jan 2015

Verizon sprints to crush FiOS account exposure hole

Up to five million user accounts, including email inboxes and private messages of Verizon's FiOS application, were exposed thanks to a flaw reported today. XDA senior software developer Randy Westergren said the FiOS API flaw since fixed allowed any account to be accessed by manipulating user identification numbers in web …
Darren Pauli, 19 Jan 2015

Please use TWO HANDS to access AdultFriendFinder

Four hosts are behind one in two typosquatting attacks against the top 500 websites, research has found. The hosts and their fellow fraudsters had registered domain names mimicking three-quarters of the internet's 500 most popular websites, say University of Leuven researchers Pieter Agten, Wouter Joosen, and Frank Piessens, who …
Darren Pauli, 16 Jan 2015

GRENADE! Project Zero pops pin on ANOTHER WINDOWS 0-DAY

Google has once again decided Microsoft's moving too slowly on the security front – by dropping yet another proof-of-concept attack against a Windows 7 and 8.1 bug that Redmond tried and failed to fix this week. The flaw is present in Windows on 32- and 64-bit architectures, and can accidentally disclose sensitive information or …
Darren Pauli, 16 Jan 2015

Apple wants your fingerprints in the cloud

Apple wants to collect and store your fingerprints to spread its payment service and simplify download authorisation. Cupertino aspires to upgrade its TouchID with the capability to collect, encrypt and upload fingerprints to Apple servers so that users can verify their identities with a single print matched to those stored …
Darren Pauli, 16 Jan 2015