Articles about Miscreants

Miscreants rummage in lawyers' silky drawers at will, despite warnings

UK data privacy watchdogs at the ICO investigated 173 UK law firms for reported breaches of the Data Protection Act (DPA) last year. A total of 187 incidents were recorded last year, with 173 firms investigated for a variety of DPA-related incidents, of which 29 per cent related to "security" and a similar 26 per cent related to …
John Leyden, 16 Apr 2015

So which miscreants wrote the CosmicDuke info-slurping nasty?

Security researchers have uncovered a link between a Trojan and a recently discovered cyber-espionage tool which suggests cyber-spies behind recent attacks on Western governments cut their teeth writing conventional Trojans. CosmicDuke combines elements from the Cosmu Trojan and a backdoor known as MiniDuke, previously …
John Leyden, 04 Jul 2014

Miscreants leak banking baddie's secret source

Miscreants have released the source code for the Tinba banking Trojan in a move that may spawn the development of copycats. The secret source behind early versions of the small (some versions weigh in at just 20KB) but pernicious banking Trojan was released through an underground forum last week, reports Danish security …
John Leyden, 11 Jul 2014

Phishing miscreants THWART securo-sleuths with AES-256 crypto

Phishing fraudsters have begun using industry-standard AES-256 encryption to disguise the content of fraudulent sites. Obfuscated phishing sites are nothing new. Various techniques such as JavaScript encryption tools are commonly used but Symantec recently caught what it reckons is the first use of AES-256 encryption in dodgy …
John Leyden, 09 Sep 2014
PCS with a red X in front of them

Swiping your card at local greengrocers? Miscreants will swipe YOU in a minute

More than a thousand point-of-sale, grocery management and accounting systems worldwide have been compromised by a new strain of malware, results of a March 2014 probe have revealed. During a survey of compromised POS terminals, accounting systems and grocery management platforms, the Nemanja botnet was fingered as one of the …
John Leyden, 27 May 2014
Fail whale

TweetDeck XSS flap: Miscreants flash their naughty bits at users

Updated Twitter aficionados are being warned to log out of Twitter client TweetDeck and revoke its access to their accounts after an apparent cross-site scripting vulnerability was discovered. Multiple users – including El Reg's HQ in London, England – reported on Wednesday that they had seen a suspicious pop-up within Tweetdeck that …
Jack Clark, 11 Jun 2014
Flash patch

Hackers exploit fresh PC hijack bug in Adobe Flash Player, the internet's screen door

Adobe is advising users and administrators to patch its Flash Player after yet another remote-code execution vulnerability was discovered in the plugin. The patch fixes bug CVE-2015-3113, which allows attackers to take control of a system if it opens a malicious Flash file. Miscreants are exploiting the flaw in the wild to …
Shaun Nichols, 23 Jun 2015

Insert 'Skeleton Key', unlock Microsoft Active Directory. Simples – hackers

Miscreants have forged a strain of malware which is capable of bypassing authentication on Microsoft Active Directory (AD) systems. Hackers can use arbitrary passwords to authenticate as any corporate user, Dell SecureWorks warns. The malware, dubbed Skeleton Key, is deployed as an in-memory patch on a victim’s AD domain …
John Leyden, 13 Jan 2015
Angela Merkel. Pic: Christliches Medienmagazin

Chancellor Merkel 'was patient zero' in German govt network hack

The recent cyberattack on the German government began with the compromise of Chancellor Angela Merkel's personal computer, it is alleged. German newspaper Bild claims Merkel's computer was one of the first systems to be infected with malware linked to miscreants in Russia. Hackers reportedly used Merkel's computer to send …
Shaun Nichols, 15 Jun 2015
Manneken pis wears football kit. Source: James Cridland, Flickr

Tesla Twitter account and website hijacked, Elon Musk pwned

The website and Twitter account of carmaker Tesla were hacked over the weekend, as part of what looks like a prank between rival hackers. Elon Musk’s personal Twitter account was also hijacked on Saturday night (US time) by miscreants who at one point claimed to be from the infamous Lizard Squad hacking crew. The name …
John Leyden, 27 Apr 2015

Sysadmins, patch now: HTTP 'pings of death' are spewing across web to kill Windows servers

The SANS Institute has warned Windows IIS web server admins to get patching as miscreants are now exploiting a flaw in the software to crash websites. The security bug (CVE-2015-1635) allows attackers to knock web servers offline by sending a simple HTTP request. Microsoft fixed this denial-of-service vulnerability on Tuesday …
Iain Thomson, 16 Apr 2015

MAC BOTNET uses REDDIT comments for directions

A zombie network that feasts on the computer brains of infected Macs has press-ganged 17,000 compromised machines into its ranks, Russian anti-virus firm Dr Web warns. The iWorm creates a backdoor on machines running OS X. Miscreants are using messages posted on Reddit as a navigational aid which points infected machines towards …
John Leyden, 03 Oct 2014
The Kremlin in Moscow. Pic: Pavel Kazachkov

Kremlin hackers exploited TWO 0-day Flash, Windows vulns

A hacking group probably backed by Russia has been making use of two zero-day exploits to target foreign governments. The so-called "Operation RussianDoll" attackers used zero-day exploits in Adobe Flash and Windows to target a specific foreign government organisation. Security firm FireEye says the pattern of the attacks fits …
John Leyden, 20 Apr 2015
gandalf

Google bakes W3C malware-buster into Gmail

If an online service offers even the slightest gap through which miscreants can launch an attack, they will do so. It's therefore not surprising that Google feels some extensions to its Gmail service may not be entirely friendly to users. The Chocolate Factory's, response, announced Tuesday, is to adopt the W3C's Content …
Simon Sharwood, 17 Dec 2014
register logo

What keeps CIOs awake? Leaky data centres – or leaky C-suites?

Reg Events If you’re a tech boss who wants to get yourself into the spotlight, one guaranteed route to notoriety is to preside over a major security breach. But it’s the last thing you really want to do. Rather, for the sake of your employer, your customers, or, let’s face it, the sake of your career, you’re going to want to keep your …
Team Register, 20 Apr 2015
pipes

Web advertising giant (Google) to spew ads over web – using HTTPS

Google has vowed to serve ads over HTTPS from its massive advertising network. The move will make it easier for website owners to go fully SSL-protected, serving their webpages and ads over HTTPS rather than just the pages over HTTPS and mixing in ads over HTTP, which is insecure. It also means each ad and its link can't be …
Darren Pauli, 20 Apr 2015
Github octodex

GitHub ordered to hand over access logs to Uber

GitHub has been ordered to hand over records on some of its users to taxi-booking app Uber after unsuccessfully challenging a subpoena. Last month, Uber announced its driver database had been hacked in May 2014, but it had only noticed in September of that year. Uber discovered that a supposedly secret database access key had …
Kieren McCarthy, 25 Mar 2015

ISC.org website hacked: Scan your PC for malware if you stopped by

The website for the Internet Systems Consortium, which develops the BIND DNS and ISC DHCP tools, has been hacked. Anyone who recently browsed ISC.org is urged to check their PC for malware as miscreants booby-trapped the site to infect visitors. The website has been replaced by a placeholder page warning netizens of the attack …
Chris Williams, 26 Dec 2014

Calling all cybercrooks: Ready-made phone attack rig for sale

Cybercrooks are marketing a hardware-based tool for running denial of service attacks on telephone systems. The Telephone Denial of Service attacks (TDoS) rig is being sold by a group of cybercriminals called “TNT” from Eastern Europe via underground cybercrime forums. The tool, called “TNT Instant Up”, features a special …
John Leyden, 23 Feb 2015

Hey kids, who wants to pwn a million BIOSes?

The overlooked task of patching PC BIOS and UEFI firmware vulnerabilities leaves corporations wide open to attack, a new paper by security researchers warns. Xeno Kovah and Corey Kallenberg argue that the poor state of low-level software security is among the easiest ways for hackers to deeply infiltrate organizations. A …
John Leyden, 12 Jun 2015

Adobe to hire security auditor to prevent repeat of password SNAFU

Australia's privacy commissioner says basic mistakes at Adobe allowed hackers to ransack its customer database in 2013, and reveals that the company plans to appoint auditors to make sure it won't experience a repeat of the breach. Timothy Pilgrim, holder of the privacy commissioner's office, yesterday released a report [PDF] on …
Simon Sharwood, 09 Jun 2015
The Queen Mother by Phil Houghton

Sony-blasting Lizard Squad suspects quizzed by UK and Finnish cops

UK police have arrested a suspected member of the infamous Lizard Squad crew. The 22-year-old from Twickenham, south-west London, was arrested by police on Tuesday, and questioned about alleged fraud against PayPal as well as claims he is reportedly linked to Lizard Squad – a group of cyber-miscreants who made headlines …
John Leyden, 02 Jan 2015
The Day the Earth Stood Still

FCC to crack down on robocall spammers' beloved loophole

The US Federal Communications Commission (FCC) has put forward rules to close a loophole used by robocallers and text-message spammers. The proposed regulations, if approved, will ban robocallers from harassing citizens when they take over a previously used number. Even if the previous owner of the number was OK with the calls, …
Shaun Nichols, 27 May 2015

Using Office 365 at work? It's dangerous to go alone! Take this...

Microsoft is adding some security tools, dubbed Advanced Threat Protection, to Office 365 for its business and government subscribers. The utilities will try to curb malware writers and phishers seeking to exploit vulnerabilities via emailed attachments and links. "As hackers around the globe launch increasingly sophisticated …
Iain Thomson, 08 Apr 2015
Good riddance to bad Java

Chrome version 42 will pour your Java coffee down the drain: Plugin blocked by default

The latest release of the Chrome web browser, version 42, will block Oracle's Java plugin by default as well as other extensions that use the deprecated NPAPI. The Chrome 42 – available now – brings about the end of official support for NPAPI, a move that will render various plugins incompatible with the browser. Among those …
Shaun Nichols, 14 Apr 2015
Sony PS4

Sony grovels, offers freebies after PlayStation network spent Xmas TITSUP

Sony has offered free membership and discounts to its console gamers after the PlayStation Network fell off the interwebs for several days over Christmas. The troubled entertainment giant said it would offer those whose free trial of PlayStation Plus was interrupted by the outages five more free days, while all PlayStation …
Shaun Nichols, 03 Jan 2015

Home routers co-opted into self-sustaining DDoS botnet

Hackers have established "self-sustaining" botnets of poorly secured routers, according to DDoS mitigation firm Incapsula. The hijacked routers – located mostly in Thailand and Brazil – were easy pickings for hackers because of the use of factory-default usernames and passwords. Knowledge of these login credentials allowed …
John Leyden, 13 May 2015
America

White House cyber-general says US must be able to cyber-nuke the worst of the cyber-worst

RSA 2015 The US government must hone its offensive capabilities to electronically attack those who menace America's interests, said the White House's Cybersecurity Coordinator Michael Daniel, quickly adding global ground rules for cyber-war have to be worked out first. On April 1, President Obama signed an executive order that would …
Iain Thomson, 21 Apr 2015
Free Realms

PlayStation Network blasted offline AGAIN. Just not Sony's decade

Sony's PlayStation Network has suffered yet another outage: the PlayStation store went titsup in the early hours of Monday, UK time. Hacktivist group the Lizard Squad claimed responsibility for flooding the servers off the internet using a distributed denial-of-service attack. The PlayStation giant said on its Twitter account …
Kelly Fiveash, 08 Dec 2014
China censorship

Day FOUR of the GitHub web assault: Activists point fingers at 'China's global censorship'

With the GitHub distributed denial-of-service (DDoS) attack nearing its fifth day of bombardment, the code-sharing upstart said it is holding up well under fire. The site said as of Monday afternoon, Pacific Time, it is still operating at 100 per cent, despite a continuing flow of malicious traffic to its servers. GitHub said …
Shaun Nichols, 31 Mar 2015
Bates Motel

Hotel Wi-Fi not only hideously expensive – it's horribly insecure

Travelers are used to getting screwed over by hotel internet access. But it's not just the eye-watering Wi-Fi prices guests should be worried about. A major security flaw in a network gateway popular among hoteliers can be exploited by hackers to launch attacks against guests by injecting malware into their downloads over …
Iain Thomson, 27 Mar 2015

Backdoor bot brains snatched after cops, white hats raid servers

Microsoft and Interpol have teamed up to derail a malware infection that compromised more than 770,000 Windows PCs worldwide. Simda is a “pay-per-install” software nasty: fraudsters pay miscreants some sum of money for every 1,000 or so machines they compromise. The hackers effectively earn cash by selling access to the infected …
John Leyden, 13 Apr 2015
A person measuring her waistline

FTC slaps orders on alleged diet pill spamvertising scam scum

Watchdogs at the US FTC (Federal Trade Commission) have obtained a restraining order against alleged diet pill scammers. The “Com Spammers”, nick-named over their use of domain names in the form of com-XXX.net, where XXX are three or four random characters, have been pushing out huge volumes of email and SMS spam for years. The …
John Leyden, 08 May 2015

Another day, yet another emergency Adobe Flash patch. Because that's how we live now

The new year hasn't been a pleasant one for Adobe: the Silicon Valley firm has scrambled to close yet more serious security holes in its Flash player. Last week the Photoshop biz rushed out a patch for a critical flaw in Flash that miscreants were exploiting in the wild to hijack victims' computers. Today, a new update has been …
Iain Thomson, 27 Jan 2015

Bash bug flung against NAS boxes

Hackers are attempting to exploit the BASH remote code injection vulnerability against Network Attached Storage (NAS) systems. Miscreants are actively exploiting the time-to-patch window in targeting embedded devices, security firm FireEye warns. We have evidence that attackers are actively exploiting the time-to-patch window …
John Leyden, 01 Oct 2014

Cortana, remind me to patch Windows, IE, and Adobe gear next Tues

Microsoft will release eight security updates next Tuesday to squash remote-code execution bugs in Windows and Internet Explorer among other flaws. Meanwhile, Adobe will issue new versions of Acrobat and Reader for this month's Patch Tuesday. Two of the security updates from Microsoft are rated as critical because they allow …
Shaun Nichols, 09 May 2014

VXers Shellshocking embedded BusyBox boxen

Malware writers have crafted new wares to attack embedded devices running BusyBox and not yet patched against the ShellShock vulnerability, researcher Rhena Inocencio says. Miscreants' tool of choice for such attacks is malware called "Bashlite" that, once executed on a victim machine, probes for devices such as routers and …
Darren Pauli, 17 Nov 2014

Twitch stitch-up: Gaming vid streamers in data breach hack alert

Gameplay-streaming upstart Twitch thinks hackers may have harvested its user accounts for private information – and has reset people's passwords as a precaution. The San Francisco-based startup, which lets people stream videos of themselves playing games to online spectators – said it has also voided all stream keys, and …
Shaun Nichols, 23 Mar 2015

Selfie sticks BANNED by Apple: No hipster tools' tools allowed at WWDC

Apple is selling tickets to this year's Worldwide Developers Conference – though if you get hold of one, leave your selfie stick in the hotel room. Those wishing to attend have until Friday to register for Cupertino's lottery system. The confab will be held between June 8 and 12 in San Francisco's Moscone West conference center …
Iain Thomson, 14 Apr 2015

Bad news everyone: Cybercrime is getting even easier

The volume of malware threats is actually on the decline despite the increase in breaches, according to a study from Websense Security Labs. Websense Security Labs logged 3.96 billion security threats in 2014, which was 5.1 per cent less than 2013. Despite this, the number of high-profile breaches increased. Hackers have …
John Leyden, 09 Apr 2015

FTC to Apple: Turn your head and cough while we feel for balls-up with HealthKit privacy

US watchdog the Federal Trade Commission (FTC) is reportedly scrutinizing Apple's health-monitoring software and hardware, dubbed HealthKit, for privacy problems. The regulator has asked the iThing giant to come in and explain just how it planned to handle fans' private information, according to a Reuters report citing unnamed …
Shaun Nichols, 14 Nov 2014
Steeden NRL ball

National Rugby League boots 'metadata' right into Australia's face

Australian politicians and activists frustrated at their fellows' apparent indifference to the metadata data retention debate have cause to thank the National Rugby League (NRL). In its laudable battle against bad behaviour by the inadvertent role models who sign up to play in its competition. the NRL has announced new rules for …
Keep out sign with deleted expletive

US watchdog: Anthem snubbed our security audits before and after enormous hack attack

A year or so before American health insurer Anthem admitted it had been ruthlessly ransacked by hackers, a US federal watchdog had offered to audit the giant's computer security – but was rebuffed. And, after miscreants looted Anthem's servers and accessed up to 88.8 million private records, the watchdog again offered to audit …
Shaun Nichols, 05 Mar 2015
Chat from the #opaustralia IRC channel

Freenode IRC users told to change passwords after securo-breach

A security breach at popular, free and open source software-focused IRC network Freenode means users need to change their passwords. Freenode's IRC server was compromised and passwords were likely sniffed by unidentified hackers, prompting a warning to users that they should reset their passwords as a precaution. The security …
John Leyden, 15 Sep 2014
Hackers

FBI alert: Get these motherf'king hackers off this motherf'king plane

The FBI is warning airlines to keep an eye out for miscreants hacking airplane computer networks mid-flight. The alert – privately circulated today by the FBI's InfraGard program – claims hackers may or may not be able to take over a plane's navigational system via the in-flight entertainment (IFE) system or public Wi-Fi network …
Shaun Nichols, 22 Apr 2015
cloud

ZeuS miscreants offer up honeypot

Cybercrooks are attempting to turn the tables on security researchers by setting up fake interfaces on their botnets in a bid to confuse and confound analysis. The fake honeypot tactic was brought into play by a group using a variant of the infamous Zeus crimeware toolkit. The unknown miscreants targeted quarterly federal …
John Leyden, 05 Nov 2010
The Register breaking news

MiniDuke miscreants whip out old-school tricks to spy on world+dog

A new strain of malware designed to spy on multiple government entities and institutions across the world has been discovered by anti-virus firm Kaspersky Lab. MiniDuke has infected government entities in the Ukraine, Belgium, Portugal, Romania, the Czech Republic and Ireland. In addition, a research institute, two think-tanks, …
John Leyden, 27 Feb 2013

Burglars' delight no more: Immobilise UK secures property list

Security flaws that left millions of records on the Immobilise UK National Property Register website wide open to snooping have been identified and removed. Security consultant Paul Moore uncovered flaws that meant it was possible to access other members' records. The Immobilise site allows consumers to add details of valuables …
John Leyden, 07 Jan 2015

Apple slips out security patches while world goes gaga over watches

While everyone was losing their mind over expensive watches, Apple sneaked out security fixes for iOS phones and tablets, and OS X computers. Both the OS X Security Update 2015-002 and iOS 8.2 address critical flaws. Leading the charge is a patch to squish the FREAK bug in the two operating systems' SSL/TLS code. Disclosed last …
Shaun Nichols, 10 Mar 2015
Screenshot of Chrome's "Aw, snap!" error message

Aw, snap! How huge HTML links can crash Chrome tabs in one click

Behind the bug A bug in the most recent version of the Chrome allows miscreants to crash browser tabs simply by embedding a link with a malformed URL in the HTML of a page. The vulnerability, dubbed "AwSnap" by web developer Jason Blatt, affects Chrome version 41 on Windows, OS X, and Chrome OS, though reports vary as to whether it exists in …
Neil McAllister, 07 Apr 2015