John Leyden

Contact Mail Follow Twitter RSS feed
women laughing

Until last week, you could pwn KDE Linux desktop with a USB stick

A recently resolved flaw in the KDE Linux desktop environment meant that files held on a USB stick could be executed as soon as they were plugged into a vulnerable device. The security howler created a means to execute arbitrary code on KDE by simply naming a pendrive VFAT volume $() or similar, as explained in this advisory ( …
John Leyden, 12 Feb 2018
Jigsaw puzzle of a desktop box

Cryakl ransomware antidote released after servers seized

Free decryption keys for the Cryakl ransomware were released last Friday – the fruit of an ongoing cybercrime investigation. The keys were obtained during an ongoing investigation by Belgian cops, and shared with the No More Ransom project, an industry-led effort to combat the growing scourge of file-encrypting malware. The …
John Leyden, 12 Feb 2018

Ghost in the DCL shell: OpenVMS, touted as ultra reliable, had a local root hole for 30 years

Forget Meltdown and Spectre. Someone's found a local privilege escalation in the operating system world's elderly statesman OpenVMS when running it on VAX and Alpha processors. On Itanium CPUs, the same bug can be exploited to crash a process. More details on the flaw, which has been given the designation CVE-2017-17482, are …
John Leyden, 6 Feb 2018
guard dog

GCHQ unit claims it has 'objectively' made the UK a less desirable target to cybercrims

GCHQ's National Cyber Security Centre claims that its strategy of "actively defending" the UK against high-volume commodity attacks is working. The Active Cyber Defence (ACD) programme aims to "protect the majority of people in the UK from the majority of the harm, caused by the majority of the attacks, for the majority of the …
John Leyden, 5 Feb 2018
sex work

Bluetooth 'Panty Buster' 'smart' sex toy fails penetration test

Security researchers have found multiple vulnerabilities in smart sex toys that open up the potential for all sorts of mischief by hackers. The Bluetooth and internet-connected Vibratissimo Panty Buster, and its associated online services, made by German gizmo biz Amor Gummiwaren, are riddled with exploitable privacy flaws, …
John Leyden, 2 Feb 2018
Woman in hospital (in hospital gown) covers face with hands

On the NHS tech team? Weep at ugly WannaCry post-mortem, smile as Health dept outlines plan

The WannaCry outbreak has forced the UK's national health service to overhaul its crisis planning to put new measures in place to avoid further crippling cyber attacks. A UK Department of Health and Social Care postmortem on the May 2017 WannaCry outbreak, published on Thursday, repeats the findings of previous UK government …
John Leyden, 2 Feb 2018

Hey, you know what the internet needs? Yup, more industrial control systems for kids to hack

The number of industrial control systems (ICS) connected to the internet has increased year on year – meaning more and more infrastructure is sitting on the 'net potentially open to attack. Of the 175,632 internet-accessible ICS equipment detected, approximately 42 per cent were in the US, marking a 10 per cent increase over …
John Leyden, 2 Feb 2018
boarded-up windows

Johnny Hacker hauls out NSA-crafted Server Message Block exploits, revamps 'em

Hackers* have improved the reliability and potency of Server Message Block (SMB) exploits used to carry out the hard-hitting NotPetya ransomware attack last year. EternalBlue, EternalSynergy, EternalRomance and EternalChampion formed part of the arsenal of NSA-developed hacking tools that were leaked by the Shadow Brokers …
John Leyden, 31 Jan 2018
Person using a card reader

Oracle point-of-sale system vulnerabilities get Big Red cross

A vulnerability has been unearthed in Oracle MICROS point-of-sale (POS) terminals that allowed hackers to read sensitive data from devices. The flaw (CVE-2018-2636) was fixed in Oracle's January 2018 patch batch, allowing business app security firm ERPScan to go public with its findings. Left unresolved, the bug would enable …
John Leyden, 31 Jan 2018

Been bugging the boss for a raise? Now's the time to go into infosec

Cybersecurity specialists will enjoy the highest salary increases among IT professionals with rises of 7 per cent – compared to 2 per cent for devs and 3 per cent for infrastructure experts – according to a survey by recruitment consultancy Robert Walters. Infosec bods have become ever more highly sought in the wake of high- …
John Leyden, 31 Jan 2018
Putin

Kremlin social media trolls aren't actually that influential, study finds

The effect of Russian trolls influencing opinion through social media is far more minor than commonly supposed, according to a new study. It is believed Kremlin agents orchestrated efforts to manipulate public opinion on the web, often around major political events such as the US presidential election, through dedicated …
John Leyden, 30 Jan 2018

Scammers become the scammed: Ransomware payments diverted with Tor proxy trickery

Cybercriminals are using Tor proxies to divert ransomware payments to their own Bitcoin wallets. Ransomware scammers have long directed victims to payment portals on the Tor network. For those who do not want to or cannot install the Tor browser necessary to pay their ransoms, operators generally direct victims to a Tor proxy …
John Leyden, 30 Jan 2018

Crooks make US ATMs spew million-plus bucks in 'jackpotting' hacks

Cash machines in the US are being hacked to spew hundreds of dollar bills – a type of theft dubbed "jackpotting" because the ATMs look like slot machines paying out winnings. A gang of miscreants have managed to steal more than $1m from ATMs using this attack, according to a senior US Secret Service official speaking to …
John Leyden, 30 Jan 2018
Image composite Titima Ongkantong, Stephen Marques, Shutterstock

Intel alerted Chinese cloud giants 'before US govt' about CPU bugs

Intel warned Chinese firms about its infamous Meltdown and Spectre processor vulnerabilities before informing the US government, it has emerged. Select big customers – including Lenovo and Alibaba – learned of the design blunders some time before Uncle Sam and smaller cloud computing suppliers, The Wall Street Journal reports …
John Leyden, 29 Jan 2018

What do you press when flaws in Bluetooth panic buttons are exposed?

Security researchers have uncovered flaws in Bluetooth-based panic buttons that, in a worst-case scenario, make the affected kit "effectively useless." Duo Labs put a range of Bluetooth-based personal protection devices – aka panic buttons – from ROAR, Wearsafem, and Revolar through their paces. These gadgets typically connect …
John Leyden, 29 Jan 2018

Text bomb, text bomb, you're my text bomb! Naughty HTML freezes Messages, Safari, etc

A specially crafted webpage will knacker Apple's Messages and Safari software on iOS and macOS, allowing miscreants to spread merry mischief by texting fans a link to the dastardly HTML. The page also causes other programs, such as TextEdit on Macs, to hang when opened. This is due to, from what we can tell, it being stuffed …
John Leyden, 19 Jan 2018
Google Chromecast 2

Google fuels up Chromecast Wi-Fi flooding fix

Google has confirmed plans to issue a patch for Chromecast and Google Home aimed at resolving a traffic flooding problem that was swamping home networks. Chromecast OK, Google: Why does Chromecast clobber Wi-Fi connections? READ MORE The fix – due later today – follows a series of work-around updates from router …
John Leyden, 18 Jan 2018
Oracle

And Oracle E-biz suite makes 3: Package also vulnerable to exploit used by cryptocurrency miner

A third Oracle enterprise package has been patched against a crypto-mining exploit. Security outfit Onapsis warns that Oracle E-Business Suite (EBS) is vulnerable to the cryptocurrency miner exploit that was recently used to hack Oracle's PeopleSoft and WebLogic servers. Campaigns based on these security shortcomings have …
John Leyden, 18 Jan 2018

VTech fondleslabs for kids 'still vulnerable' despite sanctions

New InnoTab child learning devices still have the same security flaw first found by researchers at Pen Test Partners two years ago. The issues persist even after manufacturer VTech was fined $650,000 by US watchdogs at the Federal Trade Commission (FTC) via a ruling published earlier this week. The settlement deal came after …
John Leyden, 18 Jan 2018
I AM NIKOM / Shutterstock.com

Android snoopware Skygofree can pilfer WhatsApp messages

Mobile malware strain Skygofree may be the most advanced Android-infecting nasties ever, antivirus-flinger Kaspersky Lab has warned. Active since 2014, Skygofree, named after one of the domains used in the campaign, is spread through web pages mimicking leading mobile network operators and geared towards cyber-surveillance. …
John Leyden, 16 Jan 2018
Penguins line up to dive into the icy water from the ice floe.

New Mirai botnet species 'Okiru' hunts for ARC-based kit

A new variant of the notorious Mirai malware is exploiting kit with ARC processors. The nasty, dubbed Okiru, is the first capable of infecting devices powered by ARC CPUs. This is according to Japan-based malware researcher UnixFreaxjp of the infosec group Malware Must Die. RISC-based ARC embedded processors are used in a …
John Leyden, 16 Jan 2018
Homer Simpson

Now Meltdown patches are making industrial control systems lurch

Patches for the Meltdown vulnerability are causing stability issues in industrial control systems. SCADA vendor Wonderware admitted that Redmond's Meltdown patch made its Historian product wobble. "Microsoft update KB4056896 (or parallel patches for other Operating System) causes instability for Wonderware Historian and the …
John Leyden, 15 Jan 2018
spectre

Boffins split on whether Spectre fix needs tweaked hardware

Analysis Processor security experts – including one cited in the Meltdown paper – are split on whether the resolution of the Spectre vulnerability may need to involve hardware modifications or the software defences being rolled out are adequate. The Meltdown vulnerability, which by contrast is already comprehensively defended against, …
John Leyden, 12 Jan 2018
hacker

Intel AMT security locks bypassed on corp laptops – fresh research

Updated Security shortcomings in Intel's Active Management Technology (AMT) can be exploited by miscreants to bypass login prompts on notebook computers. Insecure defaults in Intel AMT allow an intruder to completely bypass user and BIOS passwords and TPM and Bitlocker PINs to break into almost any corporate laptop in a matter of 30 …
John Leyden, 12 Jan 2018
Man holds mobile phone against backdrop of factory/industrial plant

Everything running smoothly at the plant? *Whips out mobile phone* Wait. Nooo...

The security of mobile apps that tie in with Supervisory Control and Data Acquisition (SCADA) systems has deteriorated over the last two-and-a-half years, according to new research. A team of boffins from IOActive and IoT security startup Embedi said they had discovered 147 vulnerabilities in 34 of the most popular Android …
John Leyden, 11 Jan 2018

Biting the hand that feeds IT © 1998–2018