Darren Pauli

Contact Mail Follow Twitter RSS feed

Protected US military server poked via army recruitment website

Beads of sweat must have surely run down the face of one hacker who, while trying to score a bug bounty, inadvertently infiltrated an "internal US Department of Defence website that requires special credentials to access." The unnamed hacker used exploited a pair of vulnerabilities to gain access to the US Army network via an …
Darren Pauli, 23 Jan 2017
Stormtrooper heart photo via shutterstock

It's 2017 and 200,000 services still have unpatched Heartbleeds

Some 200,000 systems are still susceptible to Heartbleed more than two years and 9 months after the huge vulnerability was disclosed. Patching efforts spiked after news dropped in April 2014 of the world's most well-known and at the time then most catastrophic bug. The vulnerability (CVE-2014-0160) that established the …
Darren Pauli, 23 Jan 2017
Black Sabbath logo

Satan enters roll-your-own ransomware game

Satan is infecting computers, encrypting files and demanding ransoms. No, we're not talking about the prince of darkness itself, but an underground ransomware service bearing its name. It's devilish code: net demons wielding it can create a customised ransomware payload that will encrypt a victim's files with RSA-2048 bit and …
Darren Pauli, 23 Jan 2017
Hippie peace, image via Shutterstock

Mozilla wants infosec activism to be the next green movement

Mozilla has issued a prototype of its first internet health report in a bid to make humans give security and privacy the same level of attention they devote to climate change. The prototype report details rising breaches affecting healthcare and medical industries but largely serves as a pulpit from which the browser baron and …
Darren Pauli, 23 Jan 2017
Africa Studio http://www.shutterstock.com/gallery-137002p1.html

Unbreakable Locky ransomware is on the march again

Cisco is warning of possible return of a massive ransomware spam campaign after researchers noticed traces of traffic from the hitherto dormant Necurs botnet. The attacks are tiny: Cisco's security team has so far found fewer than a thousand Necurs spam messages. Those numbers pale in comparison to attacks when Necurs' …
Darren Pauli, 20 Jan 2017

Viral Chinese selfie app Meitu phones home with personal data

PIC The Meitu selfie horrorshow app going viral through Western audiences is a privacy nightmare, researchers say. The app harvests information about the devices on which it runs, includes invasive advertising tracking features and is just badly coded. But worst of all, the free app appears to be phoning some to share personal …
Darren Pauli, 20 Jan 2017

Operator of DDoS protection service named as Mirai author

The author of the massive distributed denial-of-service attack malware Mirai, which ropes infected routers and internet of things devices into remotely controlled armies, is a New Jersey man, according to journo Brian Krebs. On his website this week, Krebs names a chap called Paras Jha, owner of a distributed denial-of-service …
Darren Pauli, 20 Jan 2017
Image by ALESYA LS https://www.shutterstock.com/gallery-168750824p1.html

Chrome dev explains how modern browsers make secure UI just about impossible

Google Chrome engineer Eric Lawrence has described the battle of browser barons against the 'line of death', an ever-diminishing demarcation between trusted content and the no-man's land where phishers dangle their poison. The line, Lawrence (@ericlaw) says, is a conceptual barrier between content that browser developers …
Darren Pauli, 19 Jan 2017
money_987_648

Hacker cracks Facebook with remote code execution bug

Facebook has paid US$40,000 to vulnerability hunter Andrew Leonov for disclosing how the hacker gained remote code execution on its servers through the widely-reported ImageMagick flaw. Leonov (@4lemon) described how he discovered the so-called ImageTragick flaw still impacting Facebook in a post that detailed all but the most …
Darren Pauli, 18 Jan 2017
Image by Sergey Nivens http://www.shutterstock.com/gallery-461077p1.html

Kill it with fire: US-CERT urges admins to firewall off Windows SMB

The US computer emergency readiness team is recommending organisations ditch old versions of the Windows SMB protocol and firewall off access to file servers – after a potential zero-day exploit was released by the Shadow Brokers hacking group. The call from the US security clearing house does not name the Shadow Brokers as …
Darren Pauli, 18 Jan 2017

Stanford boffins find 'correlation between caffeine consumption and longevity'

A cup of tea, coffee or even a mocha could extend your life, new research shows. The Stanford University research published in the journal Nature reveals how a cuppa can directly combat underlying chronic inflammatory processes, particularly in older people. Inflammation is a critical process which helps the body fight …
Darren Pauli, 17 Jan 2017

Dodgy Dutch developer built backdoors into thousands of sites

Update Dutch police are this week warning 20,000 users that their email accounts were hacked after a malicious web developer left backdoors in the sites he built. Cops found the credentials in the un-named 35-year-old man's email account and say he used the stolen personal details to open accounts, convince family members to transfer …
Darren Pauli, 17 Jan 2017

911 app is a joke, says security researcher Randy Westergren

The Rave Panic Button app, designed to allow businesses to summon emergency services, allows miscreants to easily 'swat' targets by making false reports of emergencies says security researcher Randy Westergren. The app, which has a small install base of up to 10,000 users, has shuttered the holes Westergren identified. The …
Darren Pauli, 17 Jan 2017
Image by Ensuper http://www.shutterstock.com/gallery-585532p1.html

Dovecot mailserver graded 'nearly impenetrable'

POP and IMAP mailserver suite Dovecot has passed an extensive audit by hackers, who were able to find only three minor vulnerabilities. Dovecot is especially popular with service providers, so the news that four Cure53 researchers have given it a "thoroughly all-encompassing" audit and found the software to have "excellent …
Darren Pauli, 17 Jan 2017
1980 olympics weight-lifting champs. By RIA Novosti archive, image #484445 / Dmitryi Donskoy / CC-BY-SA 3.0

Windows 10 Anniversary Update crushed exploits without need of patches

Microsoft says its Windows 10 Anniversary Update squashes more exploit delivery chains than ever. The August updates brought in a series of operating system security improvements including boosts to Windows Defender and use of AppContainer, designed to raise the difficulty of having zero day exploits execute on patched systems …
Darren Pauli, 16 Jan 2017

McDonald's forget hash, browns off security experts

Dutch software engineer Tijme Gommers has revealed a still-active reflected cross-site scripting vulnerability and borked password controls in McDonald's main website that could be fodder for phishing attacks. The attack, reported on Gommers' blog, is possible thanks to an Angular expression injection vuln present in mcdonalds …
Darren Pauli, 16 Jan 2017
Image by Arak Rattanawijittakorn http://www.shutterstock.com/gallery-2364116p1.html

Brilliant phishing attack probes sent mail, sends fake attachments

UPDATE An newly-detected Gmail phishing attack sees criminals hack and then rifle through inboxes to target account owners' contacts with thoroughly convincing fake emails. The new attack uses the file names of sent attachments and applies that name into new attachments that appear to be PDFs but are actually images that, when …
Darren Pauli, 16 Jan 2017
fail

Just give up: 123456 is still the world's most popular password

The security industry's ongoing efforts to educate users about strong passwords appears to be for naught, with a new study finding the most popular passwords last year were 123456 and 123456789. Keeper Security wonks perused breached data dumps for the most popular passwords when they made the despondent discovery. Some 1.7 …
Darren Pauli, 16 Jan 2017
Duck Hunt. Credit: Nintendo.

MongoDB hackers now sacking ElasticSearch

It is open season on open services as net scum migrate from sacking MongoDB databases to insecure ElasticSearch instances. Some 35,000 mostly Amazon Web Services ElasticSearch servers are open to the internet and to ransoming criminals, Shodan boss John Matherly says. So far more than 360 instances have had data copied and …
Darren Pauli, 13 Jan 2017
Trump, photo by uplift the world via Shutterstock

Trump's cyber-guru Giuliani runs ancient 'easily hackable website'

US president-elect Donald Trump's freshly minted cyber-tsar Rudy Giuliani runs a website with a content management system years out of date and potentially utterly hackable. Former New York City mayor and Donald loyalist Giuliani was today unveiled by Trump's transition team as the future president's cybersecurity adviser – …
Darren Pauli, 13 Jan 2017
Hippie peace, image via Shutterstock

Peace-sign selfie fools menaced by fingerprint-harvesting tech

Researchers from Japan's National Institute of Informatics say people's fingerprints could be extracted from photographs using yet-to-be built technology. The eggheads warn that fingerprints can be copied from photographs snapped up to three metres from targets. Prints would need to be captured clearly in strong lighting, …
Darren Pauli, 12 Jan 2017

Crims shut off Ukraine power in wide-ranging anniversary hacks

Hackers of unknown origin cut power supplies in Ukraine for a second time in 12 months as part of wide-ranging attacks that hit the country in December. The attacks were revealed at the S4x17 conference in Miami in which Honeywell security researcher Marina Krotofil offered reporters some detail into the exploitation that …
Darren Pauli, 12 Jan 2017
Venomous snake

Sundown exploit kit weaves Edge hack hole

Authors of the Sundown exploit kit have integrated a since patched and limited Microsoft Edge vulnerability from a security firm's public proof-of-concept. The addition of the twin bugs (CVE-2016-7200 and CVE-2016-7201) means unpactched users of one of the world's most unpopular web browsers are likely to be targeted by a wide …
Darren Pauli, 11 Jan 2017

Like stealing data from a kid: LA school pays web scum US$28,000 ransom

A Los Angeles school has made a whopping US$28,000 ransomware payment after hackers raided its network. Attackers had encrypted enough to ruin computer services, email, and messaging at the Los Angeles Community College District. The school paid the bitcoin ransom after learning it had no other alternatives by way of backups …
Darren Pauli, 10 Jan 2017

Autocomplete a novel phishing hole for Chrome, Safari crims

Phishers have a new tool in their arsenal with the discovery that web browsers Chrome and Safari along with LastPass will autofill hidden registration form fields. Finnish web developer Viljami Kuosmanen discovered the flaws affecting the world's most popular browser, along with Apple's offering. The attack vector is manifest …
Darren Pauli, 10 Jan 2017

Biting the hand that feeds IT © 1998–2017