Shaun Nichols

Contact Mail Follow RSS feed
fraud

Fraudster admits she was OPM dealer: Leaked US govt staff files used to bag cash, car loans

A woman has fessed up to using people's personal information, leaked online from the US government's Office of Personnel Management mega-hack, to take out loans and open bank accounts. Karvia Cross, 39, of Bowie, Maryland, USA, pleaded guilty on Monday in the eastern district of Virginia to one count of identity theft and …
Shaun Nichols, 19 Jun 2018

Yubico snatched my login token vulnerability to claim a $5k Google bug bounty, says bloke

Yubico has apologized to a security vulnerability researcher who had complained the dongle peddler lifted his work to nab a $5,000 Google bug bounty. Over the weekend, Marcus Vervier described how he and fellow infosec bod Michele Orru discovered flaws that could be exploited by miscreants to steal people's two-factor …
Shaun Nichols, 18 Jun 2018

Not so private eye: Got an Axis network cam? You'll need to patch it, unless you like hackers

Researchers have detailed a string of vulnerabilities that, when exploited in combination, would allow for hundreds of models of internet-linked surveillance cameras to be remotely hijacked. Security biz VDOO said today it privately alerted cam-maker Axis Communications to the seven bugs it found in its gizmos, leading to the …
Shaun Nichols, 18 Jun 2018

Silk road adviser caught, Kaspersky sues Dutch paper, and Vietnam's tech clampdown

Roundup This week included a big Patch Tuesday bundle, a fresh fine for Yahoo!, and yet another Intel bug that potentially exposes sensitive kernel information. Here are a few of the other security stories that broke this week. Kaspersky hungry for some Dutch crunch Eugene Kaspersky says he's sick of bad news coverage, and he's …
Shaun Nichols, 16 Jun 2018
china hacking

Wires, chips, and LEDs: US trade bigwigs detail Chinese kit that's going to cost a lot more

The Trump administration is moving forward with its plans to implement tariffs on Chinese goods coming into America. On Friday, it published a list of products totaling $34bn that will be subjected to a 25 per cent charge to importers, and another $16bn worth of goods that could be added to the list. The US Trade …
Shaun Nichols, 15 Jun 2018
Someone wearing a Fitbit

Jawbone bods allegedly jogged off to Fitbit with secret gadget blueprints

Six former and current Fitbit staffers have been accused of stealing trade secrets from rival gizmo-slinger Jawbone. According to an indictment [PDF] filed Thursday in a Northern California US District Court, each of the six had at one time worked at Jawbone and were hired away by Fitbit. In the process, it is alleged, they …
Shaun Nichols, 15 Jun 2018

Microsoft loves Linux so much its R Open install script rm'd /bin/sh

Microsoft had to emit a hasty update for its R Open analysis tool after developers found the open-source package was not playing nice with some Linux systems. The issue was brought to light earlier this week by developer Norbert Preining, who found that the Debian GNU/Linux version of Open R – Microsoft's open-source …
Shaun Nichols, 14 Jun 2018
Comcast center in Philadelphia

Thought the AT&T Time-Warner tie-up was scary? Comcast says 'hold my beer'

With the massive $85bn merger between AT&T and Time Warner set to finalize, a newly-emboldened Comcast is pushing for a media mega-deal of its own. The US cable kingpin officially made its offer on Wednesday to acquire 21st Century Fox in an all-cash deal worth $65bn. The deal would give Comcast all outstanding shares in 21st …
Shaun Nichols, 14 Jun 2018
Wyden

US senators get digging to find out the truth about FCC DDoS attack

Senate Democrats are pressing government officials to explain their claims on election tampering and cyberattacks. Senator Ron Wyden (D-OR) is heading up a pair of efforts to look into the FCC's claim that its comment system was hit by a DDoS attack in 2014 and 2017, and to examine whether the US Election Assistance Commission …
Shaun Nichols, 13 Jun 2018

AT&T gets clearance to devour Time Warner for $85 BEEEELION

A US District Court judge has given the all-clear for AT&T's $85bn acquisition of broadcast giant Time Warner. In a ruling issued Tuesday afternoon, Judge Richard Leon said that the DOJ had failed to show how the combined tv and telco giants would substantially harm competition in the US market. In doing so, Leon also removed …
Shaun Nichols, 12 Jun 2018
window patch

June 2018, and Windows Server can be pwned with a DNS request

Microsoft has released its monthly security update, addressing a total of 51 CVE-listed security vulnerabilities. The June edition of Patch Tuesday includes 11 fixes for critical vulnerabilities in Windows, including Microsoft's solution for the recently-disclosed Spectre Variant 4 chip design flaw. Among the most serious …
Shaun Nichols, 12 Jun 2018
Seattle skyline

That was quick: Seattle rushes to kill tax that would mildly inconvenience Amazon

The city of Seattle is moving to strike its plan to tax large businesses and use the money to address the Emerald City's chronic homelessness problems. Mayor Jenny Durkan announced on Monday night the city was already considering legislation that would overturn its earlier decision to impose a headcount tax on large businesses …
Shaun Nichols, 12 Jun 2018
bemused looking tech worker looks at laptop in disbelief

Microsoft pulls the plug on Windows 7, 8.1 support forums

Holdouts to Windows 7, 8.1, and 8.1 RT won't be able to ping Microsoft's own forums for tech support from the company anymore. The Redmond software behemoth announced on Friday that, come next month, its staff will no longer be combing the official forums for 13 outdated products to offer support advice and assistance. Users …
Shaun Nichols, 12 Jun 2018
Blackberry jam on toast. Photo by shutterstock

Facebook and Snap jam Blackberry patent suit

Facebook and Snap are pushing to have the patents behind Blackberry's massive infringement suit invalidated and thrown out. The two companies last week both filed (PDF) motions to dismiss their respective cases on the grounds the four patents cited by Blackberry in its complaints were invalid for use in court. Blackberry …
Shaun Nichols, 11 Jun 2018

Korean cryptocoin exchange $30m lighter after hacking attack

A weekend breach and theft at a Korean digital currency exchange is being blamed for a drop in the price of Bitcoin. Coinrail confirmed on Saturday that it had been the victim of a hack and as a result coins were lifted from its systems. 해킹공격시도로 인한 시스템 점검중입니다. 일부코인(펀디엑스,NPXS)이 확인되었으며 추가적인 코인피해가 있는지 여부를 확인중입니다. 추후 자세한 사항은 …
Shaun Nichols, 11 Jun 2018

What got breached this week? Ticket portals, DNA sites, and Atlanta's police cameras

Roundup This week brought new charges for Marcus Hutchins, a novel way to sneak malware into archives, and shady hotspots for World Cup fans. There was also plenty of other security bits that didn't quite make the headlines. Here are some of the best. Apple wants to be cert-ain on certs Apple is going to make it harder for sites to …
Shaun Nichols, 9 Jun 2018

Dems push Ryan to vote to help save America's net neutrality measures

With the FCC's motion on ending net neutrality provisions set to be enacted in a matter of days, Senate Democrats want the House to put their resolution to save the protections up for a last-minute vote. An open letter sent by the entire Democratic Senate Caucus to House Speaker Paul Ryan (R-WI) implores him to schedule a vote …
Shaun Nichols, 8 Jun 2018
Axe, image via Shutterstock

Yahoo! Kills! The! Messenger!

Yahoo! is set to discontinue its Messenger app in just over a month's time. The remaining bits of the Purple Palace confirmed on Friday that, as of July 17, the service will be no more. "Until then, you can continue to use the service normally," Yahoo! says. "After July 17, you'll no longer be able to access your chats and …
Shaun Nichols, 8 Jun 2018
Zuckerberg

The hits keep coming for Facebook: Web giant made 14m people's private posts public

Facebook is having to douse yet another privacy blaze – as the social network admitted to inadvertently setting some of its addicts' private posts to public, meaning anyone could read them. The web goliath said that about 14 million people were affected by a bug that, for a nine-day span between May 18 and 27, caused profile …
Shaun Nichols, 7 Jun 2018
analysis

Drupal drisputes dreport of widespread wide-open websites – whoa

Drupal is playing down estimates that more than 100,000 websites are still vulnerable to months-old critical security flaws in its content management system. The developer said Thursday that reports from earlier this week claiming tens of thousands of sites were not patched with version 7.58, and thus were vulnerable to an …
Shaun Nichols, 7 Jun 2018
A screen door being repaired

Stop us if you've heard this one: Adobe Flash gets emergency patch for zero-day exploit

Adobe has kicked out an out-of-band update for a security vulnerability in Flash – after learning the bug was being actively exploited in the wild by hackers to hijack PCs. The Photoshop giant said today its Flash Player 30.0.0.113 update should be a top installation priority for Mac, Windows, and Linux systems. One of the …
Shaun Nichols, 7 Jun 2018
A sports fan looking at a phone

In World Cup Russia, our Wi-Fi networks will log on to you!

The upcoming soccer World Cup will present no shortage of security dangers for travelers looking to get online in the host cities. Security house Kaspersky Lab said its researchers looked at 32,000 public Wi-Fi hotspots in the 11 Russian cities hosting the World Cup this year and found that one in five are using no protection …
Shaun Nichols, 6 Jun 2018
Young guy facepalms while holding a laptop

Pwn goal: Hackers used the username root, password root for botnet control database login

An IoT botnet has been commandeered by white hats after its controllers used a weak username and password combination for its command-and-control server. Ankit Anubhav, of Newsky Security, said researchers with the company were able to take over the MySQL server used to control the Owari botnet – thanks to its creator leaving …
Shaun Nichols, 6 Jun 2018
The Transamerica pyramid

Here's a transaction Transamerica regrets: Transgressors swipe retirees' personal info

Updated Financial house Transamerica has admitted criminals swiped some of its customers' sensitive personal information, including social security numbers. In a formal notice sent to the California Attorney General's office this month, the US insurance and investment giant said an "unauthorized" person was able to get into its …
Shaun Nichols, 5 Jun 2018
Cats eyes behind a zip

Loose .zips sink chips: How poisoned archives can hack your computer

Video Booby-trapped archive files can exploit vulnerabilities in a swath of software to overwrite documents and data elsewhere on a computer's file system – and potentially execute malicious code. Specifically, the flaws, dubbed "Zip Slip" by its discoverers at security outfit Snyk, are path traversals that can potentially be …
Shaun Nichols, 5 Jun 2018

Biting the hand that feeds IT © 1998–2018