Darren Pauli

Contact Mail Follow Twitter RSS feed

Adobe Flash fix FAIL exposes world's most popular sites

Hackers Luca Carettoni and Mauro Gentile found a badly-applied four-year-old Adobe patch allows attackers to steal information and commandeer accounts for three of the world's top ten websites and 'many' others. The LinkedIn and Minded Security researchers say the indirect Same-Origin-Policy Request Forgery and Cross-Site …
Darren Pauli, 24 Mar 2015

Hilton member accounts info, trip dates open to plunder

A pair of security researchers have found a basic flaw that allows anyone to steal email and home address information, trip data, and spend points of Hilton Worldwide "HHonors" loyalty club members. The cross-site request forgery is tied to a password reset initiative the company launched offering 1000 points to those who took …
Darren Pauli, 24 Mar 2015
Spying image

CREEPS rejoice: Small biz Cisco phones open to eavesdrop 0-day

Creeps can listen in to conversations placed over vulnerable Cisco small business phones. Remote eavesdropping requires a crafted XML request be sent to the Borg's SPA 300 and 500 IP phones. Cisco warns version 7.5.5 of the software powering the phones is vulnerable, possibly along with more recent iterations. "An …
Darren Pauli, 23 Mar 2015

PoSeidon, brother of Zeus, forks up point of sale terminals

Cisco has found a new and stupendously badass breed of point of sale (POS) malware it says is meaner than the code that tore through Target. The "PoSeidon" malware is built on the shoulders of infamous Zeus money sucking exploit kit and sports improvements to BlackPOS which plundered millions from Target payment terminals in …
Darren Pauli, 23 Mar 2015
GEC PABX 3 switchboard and operator

NZ used XKEYSCORE to spy on World Trade Org election emails

New Zealand used the National Security Agency's XKEYSCORE to spy on World Trade Organisation elections targeting candidates from Indonesia, Brazil, and South Korea as its Trade Minister vied for the top job, according to reports. Secret documents obtained by the New Zealand Herald and Snowden spout The Intercept reveal …
Darren Pauli, 23 Mar 2015

Australian online voting system may have FREAK bug

UPDATE Next weekend, voters in the Australian State of New South Wales go to the polls to elect a new government. Some have already cast their votes online, with a system that may be running the FREAK bug. So say Vanessa Teague and J. Alex Halderman, respectively a research fellow in the Department of Computing and Information Systems …
Darren Pauli, 22 Mar 2015

Tax fraud fugitive nabbed after posting selfies

A US man charged with tax fraud and identity theft has been arrested after fleeing authorities and allegedly posting bragging selfies on Twitter. Lance Ealy, 28, of Ohio was arrested in a raid Wednesday in Atlanta by federal authorities after he skipped trial on charges he purchased stolen Social Security numbers and personal …
Darren Pauli, 20 Mar 2015

US threatened Berlin with intel blackout over Snowden asylum: report

The US Government threatened to starve Berlin of intelligence if it harboured fugitive document-leaker Edward Snowden, German Vice Chancellor Sigmar Gabriel says. The National Security Agency (NSA) leaker considered Germany as a place of refuge after he fled to Russia from the United States via Hong Kong in 2013. Moscow granted …
Darren Pauli, 20 Mar 2015
Facebook privacy image

Facebook found leaking private photos

Bug hunter Laxman Muthiyah has reported a Facebook vulnerability that exposes private photos to potentially malicious applications. The hacker received US$10,000 from Menlo Park for reporting the bug in Facebook Photo Sync and an API that allows third party apps to siphon private pics. Muthiyah says iOS and Android apps that …
Darren Pauli, 20 Mar 2015
DDoS image

Massive DDoS racks up $30,000-a-day Amazon bill for China activists

Chinese activist site Greatfire.org which masks censored traffic into the country is under a sustained distributed denial of service (DDoS) attack that is racking up $30,000 a day in server costs. The website masks internet traffic from websites including Facebook and Google, so it can be seen in China, and does so using cloudy …
Darren Pauli, 20 Mar 2015

PIRATES and THIEVES to get Windows 10 as BOOTY

Pirates running stolen Windows operating systems will get a free copy of Windows 10, according to reports. Microsoft told reporters the next Windows will be made free to whet appetites for legitimate software, particularly in China. "We are upgrading all qualified PCs, genuine and non-genuine, to Windows 10," Microsoft's …
Darren Pauli, 19 Mar 2015

Pinterest throws cash at topless bug-finders

Pinterest has stopped giving out t-shirts and started paying cash for vulnerabilities found under its bug bounty program. The web clipboard will offer up to US$200 under the BugCrowd-managed program for nine of its assets, including the Android and iOS applications. Security engineering lead Paul Moreno said the number of bug …
Darren Pauli, 19 Mar 2015

Noobs can pwn world's most popular BIOSes in two minutes

Millions of flawed BIOSes can be infected using simple two-minute attacks that don't require technical skills and require only access to a PC to execute. Basic Input/Output Systems (BIOS) have been the target of much hacking research in recent years since low-level p0wnage can grant attackers the highest privileges, persistence …
Darren Pauli, 19 Mar 2015
Collection of antique keys

Sensitive apps with 6.3 BILLION downloads found open to FREAK

Thousands of Android and Apple apps could lose sensitive financial and privacy data through exposure to the FREAK vulnerability, researchers say. The FREAK (Factoring RSA Export Keys) attack allowed sensitive data to be stolen before encrypted connections are secured by requesting weak export-grade 512-bit RSA keys. FireEye …
Darren Pauli, 18 Mar 2015
Routers

Cisco posts kit to empty houses to dodge NSA chop shops

Cisco will ship boxes to vacant addresses in a bid to foil the NSA, security chief John Stewart says. The dead drop shipments help to foil a Snowden-revealed operation whereby the NSA would intercept networking kit and install backdoors before boxen reached customers. The interception campaign was revealed last May. Speaking …
Darren Pauli, 18 Mar 2015
Internet of Things

Borg to assimilate Square Kilometre Array data

Cisco will open two internet of everything centres in the Australian cities of Sydney and Perth in coming months, in part to develop data-crunching capabilities for the Square Kilometre Array (SKA) and the mining and agricultural sectors. The centres will be the eight and ninth such sheds across Asia and the US and will foster …
Darren Pauli, 18 Mar 2015

Microsoft scrambles to kill Live.fi man-in-the-middle diddle

Microsoft is firing off updates to kill a fake certificate that can be used to create a convincing man-in-the-middle attack against its Live services. Certificate Authority Comodo has killed the bad cert, which it issued, and now Redmond is following suit by updating its revocation list for Windows platforms. "Microsoft is …
Darren Pauli, 17 Mar 2015

Redmond boffins' infosec trick will ship better code, faster

Security boffins from Microsoft and North Carolina State University have developed a method to help software developers better identify attack surfaces and therefore ship code more quickly. The work is effective enough for Microsoft's own security teams to consider adopting it in its internal review processes. The technique is …
Darren Pauli, 17 Mar 2015

Microsoft gives EMET divine powers to repel God Mode attack

Microsoft has released an update to its Enhanced Mitigation Experience Toolkit (EMET) that kills off an attack known as God Mode and improves Windows' defensive capabilities. The toolkit is designed to better protect Windows systems by diverting, terminating, and blocking the most common attacks. It hardens legacy applications …
Darren Pauli, 17 Mar 2015

OpenSSL preps fix for mystery high severity hole

The OpenSSL Project will repair a "high severity" security hole in updates due Thursday. Information is thin on the ground. El Reg has asked OpenSSL for more details to help admins prepare for the patching. The hole will be patched as part of a series of fixes that will land on 19 March and apply to versions 1.0.2a, 1.0.1m, 1.0 …
Darren Pauli, 17 Mar 2015
Brute Force

Brute force box lets researchers, Cops, pop iDevice locks

Apple fans have more reason to update to iOS 8.2 with the discovery of a device used in the computer repair industry that automates password exploitation. The IP-Box tool exploits CVE-2014-4451 to conduct unlimited password guesses against iOS devices on 8.1 and below for iPhones and iPads. A barrage of PINs are entered by …
Darren Pauli, 16 Mar 2015

Authy 2FA app popped by simple, secret, code

Attackers could bypass the Authy two factor authentication (2FA) system by typing a phrase in a token field. Authy's apps make it possible for punters to log in to services like Gmail, Dropbox and Facebook, or even Amazon Web Services, with a one-time password sourced from an app. But prior to the advent of a patch issued 8 …
Darren Pauli, 16 Mar 2015

Mozilla peers into processes with student-built forensics probe

Student hackers from the University of Buenos Aires have developed with Mozilla an open-source forensics tool to analyse memory of running processes. Computer science quartet Marco Vanotti, Patricio Palladino, Nahuel Lascano, and Agustin Martinez Suñé are part of Masche Team, who are "highly motivated by coding, security and …
Darren Pauli, 16 Mar 2015

Sydney's Bugcrowd lands $6m from venture capitalists

Vulnerability mercenary outfit Bugcrowd has scored $6 million in Venture Capital funding. The Series A funds for the crowd-sourced security testing outsourcer have been provided by Costanoa Venture Capital, Rally Ventures, Paladin Capital Group and Australian outfit Blackbird Ventures. Bugccrowd founder Casey Ellis says the …
Darren Pauli, 16 Mar 2015

Microsoft RE-BORKS Windows 7 patch after reboot loop horror

Reports are emerging that a twice-issued Microsoft Windows 7 patch is still causing pain for users, with some claiming the fix is triggering continuous reboots. The patch was first issued as KB2949927 and withdrawn in October due to system faults, before being re-released this week as KB3033929. Sporadic reports across internet …
Darren Pauli, 13 Mar 2015
Lock security

Google tells world where Apps users live after WHOIS SNAFU

Names, home and email addresses, and phone numbers for a whopping 282,867 Google Apps domains have been exposed through previously borked private WHOIS records, Cisco boffins say. The research is the work of Nick Biasini, Alex Chiu, Jaeson Schultz, Craig Williams and William McVey of Cisco's Talos team who today published an …
Darren Pauli, 13 Mar 2015

Kaspersky claims to have found NSA's 'space station malware'

Kaspersky malware probers have uncovered a new 'operating system'-like platform that was developed and used by the National Security Agency (NSA) in its Equation spying arsenal. The EquationDrug or Equestre platform is used to deploy 116 modules to target computers that can siphon data and spy on victims. "It's important to …
Darren Pauli, 12 Mar 2015

104 Australian orgs report breaches to privacy commissioner

Australian organisations have voluntarily submitted 104 data breach notifications over the last year, the Privacy Office says. News of the breach disclosures arrived today, the first anniversary of the country's tougher privacy policies, among reports of 4,016 privacy complaints, a 43 percent increase over the prior year. …
Darren Pauli, 12 Mar 2015

$1.3 million survelliance systems fights Logan bogans

Queensland's Logan City Council has opened a $1.3 million CCTV surveillance centre using facial recognition technology to track drunks, criminals, and burst water mains. The monitoring program has grown over the last decade from nine CCTVs to more than 300, and runs on the Teleste platform used in Paris, Sweden and in Austria's …
Darren Pauli, 12 Mar 2015
Don Draper is sad

Ad bidding network caught slinging ransomware

Attackers are using Flash exploits and foisting ransomware through real time advertising bidding networks, FireEye researchers say. The attacks link to malicious or compromised advertising sites which participate in real time bidding systems in which ad inventory is sold to and by publishers. More than 1700 malicious …
Darren Pauli, 11 Mar 2015

CloudFlare launches nameserver DDoS shield

CloudFlare has launched a DNS proxy service it says will help organisations improve DNS resilience by pushing distributed denial of service attacks to the outer edge of its network. The Virtual DNS service is billed as a means for DNS providers to mitigate a potential "massive single point of failure" in their nameservers caused …
Darren Pauli, 11 Mar 2015
Close-up of the flu virus (artist's impression) - Shutterstock

Malware uses Windows product IDs to mix mutex

Malware writers are using Windows unique product numbers to generate mutex values to evade researchers, SANS security boffin Lenny Zeltser says. Mutex values are used as an accurate reference to determine if multiple identical processes are running. Malware including the infamous BackOff credit card stealer has used mutex for …
Darren Pauli, 11 Mar 2015
ElasticSearch_ELK_stack

Attackers targeting Elasticsearch remote code execution hole

Attackers are targeting a patched remote code execution vulnerability in Elasticsearch that grants unauthenticated bad guys access through a buggy API. The flaw (CVE-2015-1427) within the world's number two enterprise search engine was patched last month. It relates, for folks at Mitre say, to the Groovy scripting engine in …
Darren Pauli, 10 Mar 2015

Yes our NAS boxen have a 0day, says Seagate: we'll fix it in May

Owners of some Seagate NAS boxen will be exposed to a remote execution zero day flaw until a patch drops in May unless they kill some external services. The company learned of flaw in its Business Storage 2-bay NAS products on 18 October, 2014. Australian Beyond Binary hacker OJ Reeves alleged the company failed to fix the flaw …
Darren Pauli, 10 Mar 2015

OpenSSL audit kicks off for post-Heartbleed strengthening program

A major audit of the ubiquitous OpenSSL web security protocol is set to commence under a US$1.2 million industry commitment to harden open source technologies. OpenSSL is first off the rank under the Linux Foundation’s Core Infrastructure Initiative given its popularity and lack of in-depth security review. "OpenSSL has been …
Darren Pauli, 10 Mar 2015

White-listed phish slip through Google Apps

Security probers Patrik Fehrenbach and Behrouz Sadeghipour have found a (since-patched) flaw in Google Apps that allowed criminals to register corporate domains and send white-listed phishing emails from admin addresses. The Choc Factory patched the flaw and handed the duo US$500 by way of thanks. the flaw meant attackers could …
Darren Pauli, 10 Mar 2015
Central Intelligence Agency

CIA re-orgs to build cyber-snooping into all investigations

The United States Central Intelligence Agency (CIA) has decided to re-invent itself for the digital age, promising to “place our activities and operations in the digital domain at the very center of all our mission endeavours.” The re-org was announced last Friday by CIA director John Brennan, who has made an unclassified …
Darren Pauli, 09 Mar 2015
Sad cloud

AWS cuts its own set of keys to VMware's vCenter kingdom

When Amazon Web Services (AWS) last year released the AWS Management Portal for vCenter we described it as a “stealth biz stealer” because it gave AWS a way to give VMware admins a way to run virtual machines in the Amazon cloud and manage them with vCenter. That's not quite VMware's script for the way things run in the vWorld: …
Darren Pauli, 09 Mar 2015

France fingered as source of Syria-spying Babar malware

France's spy agency has been fingered as the likely author of complex reconnaissance malware, researchers say. The Casper malware is one of a handful with links to the Babar spy program which leaked NSA documents revealed last month to be the handiwork of France's Direction Générale de la Sécurité Extérieure (General Directorate …
Darren Pauli, 06 Mar 2015
Mars with oceans

Boffins say Mars had ocean covering 20 per cent of planet

NASA boffins have popped out a new paper, Strong water isotopic anomalies in the martian atmosphere: Probing current and ancient reservoirs, in which they advance a theory that Mars once had substantial oceans. The theory outlined in the paper relies on measurements of the types of water found on Mars. Yes, we do mean “types” …
Darren Pauli, 06 Mar 2015
GoPro HD Hero

GoPro cameras' WiFi security is GoAmateur

Net nuisances can harvest the cleartext SSIDs and passwords of wireless networks accessed by sports selfie box GoPro. The GoPro app collects and siphons wireless credentials so it can be used to log on to and manage cameras. Security researcher Ilya Chernyakov says the credentials which give access to the cameras could be mass …
Darren Pauli, 06 Mar 2015
Bug bounties

Adobe launches cashless bug bounty

Adobe has launched a bug bounty program that hands out high-fives, not cash. The web application vulnerability disclosure program announced today and launched last month operates through HackerOne used by the likes of Twitter, Yahoo!, and CloudFlare, some of which provide cash or other rewards to those who disclose security …
Darren Pauli, 06 Mar 2015

FREAKing hell: ALL Windows versions vulnerable to SSL snoop

Microsoft has confirmed that its implementation of SSL/TLS in all versions of Windows is vulnerable to the FREAK encryption-downgrade attack. This means if you're using the company's Windows operating system, an attacker on your network can potentially force Internet Explorer and other software using the Windows Secure Channel …
Darren Pauli, 06 Mar 2015

Broadband routers: SOHOpeless and vendors don't care

Feature It is far more common to find routers with critical flaws than without – Craig Young It's sad that end-user education about strong passwords, password safes, and phishing can be undone by something as innocuous as the blinking box in the corner of your room. – Peter Adkins Introduction Home and small business router …
Darren Pauli, 05 Mar 2015
Web browsers

Choc Factory splatters 51 bugs, Mozilla bumps cert checker

Google and Firefox have upgraded their flagship browsers, crushing bugs and cracking down on bad certificates along the way. The Choc Factory's Chrome 41 swats 51 bugs of which at least 13 are classified as high severity and six considered medium risks. Google engineer Penny MacNeil thanked security researchers for the effort …
Darren Pauli, 05 Mar 2015

'Domain shadowing' hijacks registrar accounts to spawn attack sites

Fiends behind the world's most infamous exploit kit Angler are stealing login credentials to create tens of thousands of pop-up domains used in hit-and-run -style attacks. The new attacks are dubbed 'Domain Shadowing' and represent the latest evolution of online crime in which scores of web sites are set up to compromise victims …
Darren Pauli, 05 Mar 2015

D-Link removes fingers from ears, preps mass router patch

Domestic router Daddy D-Link is patching dangerous remote access flaws in several models of its networking gear. The patches follow a round of zero-day disclosures by Canadian researcher Peter Adkins early this week, after D-Link allegedly cut communication while he quietly disclosed the flaws. The most severe flaw allowed …
Darren Pauli, 04 Mar 2015

Botched NBN installs leave folks with no internet, or recourse

Australia's Telecommunications Industry Ombudsman Simon Cohen says the agency can do little to help subscribers dealing with broken National Broadband Network (NBN) installations. While the agency can flag complaints with NBN Co, the entity building and operating the NBN, it appears unable to do anything to force the utility to …
Darren Pauli, 04 Mar 2015

Marlinspike brings end-to-end crypto texts to iOS

Privacy bods can snub Cupertino's iMessage and instead encrypt their Apple iTexts using Moxie Marlinspike's Signal 2.0, released for iOS today. The latest version from the dreadlocked crypto fancier and Co will slap end-to-end encryption on text messages using the TextSecure protocol sent between Signal 2.0 clients. Encrypted …
Darren Pauli, 03 Mar 2015

50 shades of grey can turn Adobe Reader into a hot mess

Hackers can duck antivirus programs and execute malware in Adobe Reader by using greyscale images, says Danish security boffin Dénes Óvári. Lossy compression is thought to be susceptible to the DCTDecode filter, which should nuke malware woven into images and blunt this form of attack. However new intelligence published in the …
Darren Pauli, 03 Mar 2015