Feeds
The Register Columnists

Darren Pauli

Contact Mail Follow Twitter RSS feed

Pizza stores popped, sandwich stores sacked in PoS plunder

Some 324 restaurants across the United States, including 216 Jimmy John's outlets, have had payment terminals compromised by malware after a breach at vendor Signature Systems. The massive breach occurred when an intruder stole remote log-in credentials for Signature's point of sale (PoS) kit, according to cyber-crime reporter …
Darren Pauli, 29 Sep 2014

Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'

Security geeks have worked out a formula for determining which of a series of formerly blacklisted domains would be reused in malware attacks. The method combines the domain name with the generic Top Level Domain, IP address alterations and the cost of a domain transfer. Under the right conditions, the researchers sway, the …
Darren Pauli, 26 Sep 2014

Welcome the world's new Most Phished Country: Australia

Move over Brazil: Australia has become the most phished country on Earth, accounting for a quarter of all targeted malicious emails sent globally. Down Under has worked hard at the title, according to Kasperksy, more than doubling its share of phishing attacks received. This despite that a mere 23 million people inhabit the …
Darren Pauli, 26 Sep 2014

Bad boy builds beastly Bash bug botnet, boxen battered

Mere hours after its discovery, the Shell Shock Bash vulnerability was exploited by an attacker to build a botnet. The bot was discovered by researcher known as Yinette, who reported it on her Github account and said it appeared to be remotely controlled by miscreants. Rapid 7 researcher Jen Ellis noted in a blog the discovery …
Darren Pauli, 26 Sep 2014
Cloud security

Xen security bug, you say? Amazon readies GLORIOUS GLOBAL CLOUD REBOOT

Amazon will tomorrow begin a bloody global reboot of its Elastic Compute Cloud (EC2) compute instances after it found a security bug within the Xen virtualisation platform. The rolling minutes-long reboots would be completed by 30 September. Amazon did not name the reason for the upgrade, widely thought to be a security issue …
Darren Pauli, 25 Sep 2014

Bash bug: Shellshocked yet? You will be ... when this goes WORM

Much of the impact of the Shellshock vulnerability is unknown and will surface in the coming months as researchers, admins and attackers (natch) find new avenues of exploitation. The vulnerability, called Shellshock by researcher Robert Graham, existed in the Bash command interpreter up to version 4.3 and affected scores of …
Darren Pauli, 25 Sep 2014

Desperate VXers enslave FREEZERS in DDoS bot

Bad guys are launching denial of service attacks from Windows and Linux boxes and in a sign of desperation even fridges, freezers and Raspberry Pis. The attacks spotted by security company Akamai are based on an updated version of the Chinese language Spike malware that now targets insecure Internet-of-Things things. Akamai's …
Darren Pauli, 25 Sep 2014

Bracelet could protect user herds from lurking PREDATORS

Researchers have developed a fashionable bracelet that could continuously authenticate users preventing snoops from accessing unattended machines. It goes beyond existing continuous authentication mechanisms, the designers say, because it requires users to be active on their machines and not just nearby. The Zero-Effort …
Darren Pauli, 24 Sep 2014

Kali turns Nexus fondleslabs into hacking weapons

Every hacker's favourite operating system, Kali Linux, has been brought to Google Nexus in a move that brings portable popping to a new level. Nexus users running the NetHunter penetration testing platform can now launch their attacks including Teensy keyboard and BadUSB man-in-the-middle (MITM) networking attacks via USB human …
Darren Pauli, 24 Sep 2014

jQuery site popped to serve malware slop

The jQuery site served credential-stealing malware to scores of users who visited the website on September 18, researcher James Pleger says. The super-popular JavaScript library was used by 30 percent of websites including 70 percent of the 10,000 most popular sites which may have been compromised by the RIG exploit kit. jQuery …
Darren Pauli, 24 Sep 2014
Mind blown

80 PER CENT of app devs SUCK at securing your data, study finds

Developers are experts in spinning wonderfully-shiny, horribly-insecure apps, according to research from Aspect Security. Social media meeting buttons and go-live dates rate far higher with app developers than the need to ensure the security of private data. Worse, devs couldn't secure apps if they wanted to, according to the …
Darren Pauli, 23 Sep 2014

Game pirates 'donate' compute power to Bitcoin miners

Hundreds of video game pirates have generously, if inadvertently, donated their compute resources to virus writers by downloading Bitcoin miner-infected torrent listings. Dozens of game torrent files identified by Microsoft threat researchers as malicious have been downloaded thousands of times and were continuing to be seeded ( …
Darren Pauli, 23 Sep 2014

Dyslexic, dyspraxic? No probs, says GCHQ

The British Government Communications Headquarters (GCHQ) says it employs 120 dyslexic and dyspraxic staff for code breaking and counter-espionage. Chairman of the dyslexic and dyspraxic committee, known just as Matt, said the neuro-diverse staff had "spiky skills" where they may excel in analytical areas at expense of others …
Darren Pauli, 23 Sep 2014

Exercise-tracking app not QUITE fit for purpose

Popular fitness app MyFitnessPal, used by 65 million people, has fixed a vulnerability that exposed personal information including date of birth records. The profiles allowed users to fill out their private location data including country, state, and city but not street-level addresses for the purposes of linking neighbours. …
Darren Pauli, 22 Sep 2014

Who.is does the Harlem Shake

Websites across the internet are doing the Harlem Shake after online comedians began exploiting cross site scripting (XSS) flaws that make pages dance and speakers blare. The flaws exist in the DNS text record – not the protocol – due to a lack of sanitation, and allowed internet scamps to turn boring websites like Who.is into a …
Darren Pauli, 22 Sep 2014

Home Depot ignored staff warnings of security fail laundry list

Home Depot is facing claims it ignored security warnings from staff, who say prior to its loss of 56 million credit cards, it failed to update anti virus since 2007, did not consistently monitor its network for signs of attack, and failed to properly audit its eventually-hacked payment terminals. The fixer-upper retail giant …
Darren Pauli, 22 Sep 2014

Google Apple grapple brings crypto cop block to Android

Google is set to build default encryption into its new Android fondleslabs in a bid to foil police forensics (and maybe to copy or catch up with Apple). The security enhancement, reported by the Washington Post, follows Apple's release of iOS 8, which introduced broader encryption, and will ensure Google-powered devices will be …
Darren Pauli, 19 Sep 2014

Google bloke Beer buzzes iOS 8, OS X in bug-busting bonanza bash

Apple has crushed a tonne of bugs across its products including 53 vuln fixes in iOS 8 and a heap of others in OS X Mavericks, the majority reported by Google researcher Ian Beer. Cupertino shut down iOS code execution bugs with root or kernel privileges some of which could be executed through a web browser, and closed off the …
Darren Pauli, 19 Sep 2014
rockstar games bully/canis canem edit

Feds act to stop cyber-bullying, whatever it is, at some future point

Australia's Communications minister Malcolm Turnbull, and his parliamentary secretary Paul Fletcher, have jointly announced that it is working on legislation to allow the appointment of a Children’s e-Safety Commissioner. The Commissioner will oversee “an effective complaints system, backed by legislation, to get harmful …
Darren Pauli, 18 Sep 2014

China hacked US Army transport orgs TWENTY TIMES in ONE YEAR

Sophisticated Beijing-backed hackers raided civilian organisations responsible for the movements of US troops and equipment 20 times in one year of which only two were detected by the responsible agency, an audit report has found. Contractors underneath the US Transportation Command (TRANSCOM) agency were hacked a total of 50 …
Darren Pauli, 18 Sep 2014

Comprehensive guide to obliterating web apps published

The global security community has completed an 18-month effort to produce a guide it is hoped will boost the standard of web application testing and address new and dangerous technologies. Version 4 of the Open Web App Security Project's (OWASP's) Testing Guide [pdf] was produced by more than 60 security bods from around the …
Darren Pauli, 18 Sep 2014

Student pleads guilty to Frances Abbott 'secret' scholarship leak

Sydney student Freya Newman has pled guilty to illegally using a colleagues' login credentials to access and leak documents about a scholarship awarded to the daughter of Australian Prime Minister Tony Abbott. Newman was charged with unauthorised access to restricted data after she accessed a email system owned by the Whitehouse …
Darren Pauli, 18 Sep 2014

Citadel Trojan phishes its way into petrochem firm's webmail

Trusteer researchers are saying that the victims of the latest round of Citadel trojan infections includes one of the largest petrochemical companies in the world. The attacks, like so many others, targeted critical infrastructure organisations using phishing campaigns to steal network credentials. Researcher Dana Tamir said …
Darren Pauli, 17 Sep 2014
australian credit cards fraud contactless

Credit card cutting flaw could have killed EVERY AD on Twitter

Twitter has patched a flaw in its service that allowed unauthorised users to delete every credit card from all accounts, potentially relieving the company of its advertising revenue, security researcher Ahmed Aboul-Ela says. The attacks worked through a direct object reference vulnerability and involved the manipulation of …
Darren Pauli, 17 Sep 2014

Amazon REINTRODUCES Kindle swindle vulnerability

Amazon has reintroduced and again fixed a flaw into its Kindle management page that allows attackers to commandeer accounts by booby trapping pirated books, researcher Benjamin Mussler says. The flaw was first discovered and fixed last October, when Amazon closed off the ability for bad guys to inject nasty script into eBook …
Darren Pauli, 17 Sep 2014

Rejoice, Blighty! UK is the TOP of the WHOLE WORLD ... for PHISHING

British punters are being served three times as many phishing links to trojans and exploit kits than the US, and five times more than the Germans, according to a ProofPoint study. The security researchers say that while the English were being served more malicious links, Germans were hit with the greatest amount of unsolicited …
Darren Pauli, 16 Sep 2014

THREE QUARTERS of Android mobes open to web page spy bug

A Metasploit module has been developed to easily exploit a dangerous flaw in 75 percent of Android devices that allows attackers to hijack a users' open websites. The exploit targets vulnerability (CVE-2014-6041) in Android versions 4.2.1 and below and was disclosed without fanfare on 1 September, but had since gathered dust, …
Darren Pauli, 16 Sep 2014

Hackers-for-hire raided 300 banks, corporates for TWELVE YEARS

A band of hackers for hire have raided some 300 banks, corporations and governments undetected for 12 years, possibly the longest campaign of its kind. The German hackers registered 800 front businesses in the UK to target and fully compromise organisations in Germany, Switzerland, and Austria at the request of customers. Elite …
Darren Pauli, 16 Sep 2014
Arrow quiver

Hey, scammers. Google's FINE with your dodgy look-a-like apps

Attackers can easily craft third party scripts to imitate Google to trick users into granting authorisation to their email accounts, says infosec chap Andrew Cantino. The Mavenlink engineer said Mountain View did not make it sufficiently clear when users were approving third party access to their data, thus making social …
Darren Pauli, 15 Sep 2014
Brute Force

Hackers pop Brazil newspaper to root home routers

A popular Brazilian newspaper has been hacked by attackers who used code that attacked readers' home routers, says researcher Fioravante Souza of web security outfit Sucuri. Attackers implanted iFrames into the website of Politica Estadao, which, when loaded, began brute force password guessing attacks against users. Souza says …
Darren Pauli, 15 Sep 2014
Spam image

spɹɐʍʞɔɐB writing is spammers' new mail filter avoidance trick

Spammers are writing emails backwards in an attempt to sneak past spam filters, security researcher Brian Bebeau has found. The pests were using left-to-right override code intended to facilitate the use of bi-direction text, such as a document that included English and Hebrew. The Trustwave researcher said the tactic had a …
Darren Pauli, 12 Sep 2014

Hacker publishes tech support phone scammer slammer

Security pro Matthew Weeks has released a Metasploit module that can take over computers running the Ammyy Admin remote control software popular among "Hi this is Microsoft, there's a problem with your computer" tech support scammers. Weeks' day job is director at Root9b, but he's taken time to detail a zero-day flaw in Ammyy …
Darren Pauli, 12 Sep 2014

Satellite weather forecast: Cloudy with a chance of p0wnage

Weather predictions could be thrown into chaos if miscreants exploited a litany of dangerous and years-old holes reported in ground control for the Joint Polar Satellite System (JPSS). The flaws, of which 12,703 are considered high risk, have been detailed in a US Government audit report that examined the state of security of …
Darren Pauli, 11 Sep 2014

TorrentLocker unpicked: Crypto coding shocker defeats extortionists

Crooks have borked the encryption behind the TorrentLocker ransomware, meaning victims can avoid paying the extortionists and unlock their data for free. TorrentLocker was regarded as the demonic spawn of CryptoLocker and CryptoWall which made killings last year by encrypting valuable data owned by individuals and organisations …
Darren Pauli, 11 Sep 2014
Rubbish bin

Webmin hole allows attackers to wipe servers clean

Holes in the Webmin Unix management tool - thankfully since patched - could allow attackers to delete data on servers, says security researcher John Gordon of the University of Texas. The remote root access server tool contained vulnerabilities in newly-created cron module environment variables that could erase data through …
Darren Pauli, 11 Sep 2014

Troll or thief? User claims Bitcoin founder Satoshi Nakamoto dox sabotage

An internet user has claimed to have hacked the email account of the entity thought to be behind the Bitcoin - Satoshi Nakamoto -and has offered to release personal details for $12,000. Nothing is known about the identity of the claimed hacker and there is little evidence that they had details of Nakamoto to hand. Evidence for …
Darren Pauli, 10 Sep 2014

Australian whistleblower laws weaker than China's, report finds

Australia's private sector whistleblower laws are weaker than those in most G20 countries including Turkey, China, and Indonesia, according to researchers at Melbourne and Griffith universities. The report Whistleblower Protection Rules in G20 Countries: The Next Action Plan found while in roads had been made to improve whistle …
Darren Pauli, 10 Sep 2014

Ultimate hardware hack: Home Depot nailed by vice merchants

Do-it-yourself kingpin Home Depot has confirmed a report it was breached indicating the compromise occurred in April this year. The US retail chain was working with law enforcement over compromise of payment terminals across stores in the country. Chief executive of the hacked firm Frank Blake admitted the breach in a terse …
Darren Pauli, 09 Sep 2014

Enigmail PGP plugin forgets to encrypt mail sent as blind copies

Enigmail has patched a hole in the world's most popular PGP email platform that caused mail to be sent unencrypted when all security check boxes were ticked. The dangerous hole in the Mozilla Thunderbird extension affected email that was sent only to blind carbon copy recipients on all versions below 1.7.2 released last month. …
Darren Pauli, 09 Sep 2014

China is now 99.8% sure you're you, thanks to world's-best facial recognition wares

Chinese researchers have developed a facial recognition system that can pick faces from a crowd with 99.8 percent accuracy from 91 angles. The platform can distinguish between identical twins, unravel layers of makeup and still identify an individual if they've packed on or shed kilos. Researcher Zhou Xi of the Chinese Academy …
Darren Pauli, 09 Sep 2014

Mozilla certification revocation: 107,000 websites sunk by untrusted torpedo

Over 107,000 websites have been consigned to the depths of the untrusted internet after Mozilla's move last week to allow its 1024-bit certificates to expire. The latest shipment of Firefox 32 improved security by killing support for the 1024-bit certificate authority (CA) certificates within the browser's trusted store. Google' …
Darren Pauli, 08 Sep 2014

Doubts cast over FBI 'leaky CAPTCHA' Silk Road rapture

Rather than a conspiracy involving NSA wiretaps, the FBI claims the downfall of Silk Road begun with a leaky CAPTCHA. Responding to a request for information from former kingpin Ross Ulbricht's defence lawyers, the Feds says the CAPTCHA left a trail from the TOR-protected Silk Road servers to the public Internet. That revealed …
Darren Pauli, 08 Sep 2014

Google recommends pronounceable passwords

Google has updated its password manager to recommend pronounceable passwords within its flagship Chrome browser. The experimental feature was the latest development which could make it into the regular versions of Chrome as part of steady improvements to its password capture, storage and generation. Chrome evangelist and …
Darren Pauli, 07 Sep 2014

Robin Hood virus: Chinese hackers target nation's wealthy

It seems China's state-supported hackers are being overshadowed by the black hat scene as the latter appears to have doubled in size – with some brazen crackers turning to carding the nation's wealthiest. A Trend Micro report dubbed The Chinese Underground in 2013 [PDF] issued this week reveals the black hat hacking scene has …
Darren Pauli, 05 Sep 2014

Microsoft, eBay apps open to man-in-the-middle diddle

At least 350 Android apps are open to man-in-the-middle MITM attacks, thanks to code that fails to validate certificates over secure sockets layer (SSL), says US Computer Emergency Response (CERT) security pro Will Dormann. The apps can be found in the Google Play and Amazon stores and have been included in a continually updated …
Darren Pauli, 05 Sep 2014

Scared of brute force password attacks? Just 'GIVE UP' says Microsoft

Sysadmins trying to harden user passwords against brute force attacks, or everyday folk trying to make sure their passwords don't lead to nude selfie leaks may not need to bother, according to the latest research from Microsoft mavericks. Redmond password provocateurs Dinei Florencio and Cormac Herley say password hardening isn' …
Darren Pauli, 04 Sep 2014
VirusTotal

VirusTotal mess means YOU TOO can track Comment Crew!

Security researcher Brandon Dixon has used Google's VirusTotal malware analysis tool to spy on what he claims are state-sponsored Chinese and Iranian elite hacking crews. Dixon (@9bplus) used the paid version of VirusTotal to watch as a subgroup of the Chinese hacker group Comment Crew and an unnamed Iranian mob developed, …
Darren Pauli, 04 Sep 2014

Twitter launches beer-money bug bounty

Twitter has announced it will begin paying for newly-found vulnerabilities under a bug bounty that has quietly run since June. The program, launched through third-party bounty outfit HackerOne, has so far garnered 44 reports, none of which were eligible for payments since they were submitted prior to today. Twitter says it is …
Darren Pauli, 04 Sep 2014

Are you a HOT CELEB? Think your SEXY PICS are safe? Maybe NOT

Rather than a single iCloud hack, this week's furore over celebrity nude pics looks more like the work of one or many "secret circles" of hackers whose members mingle on anarchic messageboard 4Chan to share their digital loot from computers and phones they've cracked over a period of years. The photos were, according to one …
Darren Pauli, 03 Sep 2014
Malware

Car makers, space craft manufacturers infected with targeted recon tool

Researcher James Blasco is warning the auto and aerospace industries against engineering software that's been compromised by keystroke-logging and reconnaissance malware. Blasco says an un-named provider of such software was compromised after a staffer visited a watering hole website that was established specifically to lure …
Darren Pauli, 03 Sep 2014