Articles about Miscreants

Miscreants rummage in lawyers' silky drawers at will, despite warnings

UK data privacy watchdogs at the ICO investigated 173 UK law firms for reported breaches of the Data Protection Act (DPA) last year. A total of 187 incidents were recorded last year, with 173 firms investigated for a variety of DPA-related incidents, of which 29 per cent related to "security" and a similar 26 per cent related to …
John Leyden, 16 Apr 2015

Major web template flaw lets miscreants break out of sandboxes

Black Hat 2015 A serious fresh category of web security vulnerability creates the potential for all sorts of mischief, security researchers warn. Template engines are widely used by web applications in order to present dynamic data via web pages and emails. The technology offers a server-side sandbox. The commonplace practice of allowing …
John Leyden, 05 Aug 2015

So which miscreants wrote the CosmicDuke info-slurping nasty?

Security researchers have uncovered a link between a Trojan and a recently discovered cyber-espionage tool which suggests cyber-spies behind recent attacks on Western governments cut their teeth writing conventional Trojans. CosmicDuke combines elements from the Cosmu Trojan and a backdoor known as MiniDuke, previously …
John Leyden, 04 Jul 2014

Miscreants leak banking baddie's secret source

Miscreants have released the source code for the Tinba banking Trojan in a move that may spawn the development of copycats. The secret source behind early versions of the small (some versions weigh in at just 20KB) but pernicious banking Trojan was released through an underground forum last week, reports Danish security …
John Leyden, 11 Jul 2014

Phishing miscreants THWART securo-sleuths with AES-256 crypto

Phishing fraudsters have begun using industry-standard AES-256 encryption to disguise the content of fraudulent sites. Obfuscated phishing sites are nothing new. Various techniques such as JavaScript encryption tools are commonly used but Symantec recently caught what it reckons is the first use of AES-256 encryption in dodgy …
John Leyden, 09 Sep 2014
PCS with a red X in front of them

Swiping your card at local greengrocers? Miscreants will swipe YOU in a minute

More than a thousand point-of-sale, grocery management and accounting systems worldwide have been compromised by a new strain of malware, results of a March 2014 probe have revealed. During a survey of compromised POS terminals, accounting systems and grocery management platforms, the Nemanja botnet was fingered as one of the …
John Leyden, 27 May 2014
Fail whale

TweetDeck XSS flap: Miscreants flash their naughty bits at users

Updated Twitter aficionados are being warned to log out of Twitter client TweetDeck and revoke its access to their accounts after an apparent cross-site scripting vulnerability was discovered. Multiple users – including El Reg's HQ in London, England – reported on Wednesday that they had seen a suspicious pop-up within Tweetdeck that …
Jack Clark, 11 Jun 2014
Flash patch

Hackers exploit fresh PC hijack bug in Adobe Flash Player, the internet's screen door

Adobe is advising users and administrators to patch its Flash Player after yet another remote-code execution vulnerability was discovered in the plugin. The patch fixes bug CVE-2015-3113, which allows attackers to take control of a system if it opens a malicious Flash file. Miscreants are exploiting the flaw in the wild to …
Shaun Nichols, 23 Jun 2015

Insert 'Skeleton Key', unlock Microsoft Active Directory. Simples – hackers

Miscreants have forged a strain of malware which is capable of bypassing authentication on Microsoft Active Directory (AD) systems. Hackers can use arbitrary passwords to authenticate as any corporate user, Dell SecureWorks warns. The malware, dubbed Skeleton Key, is deployed as an in-memory patch on a victim’s AD domain …
John Leyden, 13 Jan 2015
Angela Merkel. Pic: Christliches Medienmagazin

Chancellor Merkel 'was patient zero' in German govt network hack

The recent cyberattack on the German government began with the compromise of Chancellor Angela Merkel's personal computer, it is alleged. German newspaper Bild claims Merkel's computer was one of the first systems to be infected with malware linked to miscreants in Russia. Hackers reportedly used Merkel's computer to send …
Shaun Nichols, 15 Jun 2015
Marc Benioff of Salesforce. Pic: Techcrunch

Salesforce plugs silly website XSS hole, hopes nobody spotted it

A cross-site scripting (XSS) vulnerability on Salesforce's website might have been abused to pimp phishing attacks or hijack user accounts. Fortunately the bug has been resolved, apparently before it caused any harm. Cloud app and security firm Elastica said the issue affected a Salesforce sub-domain – admin.salesforce.com …
John Leyden, 14 Aug 2015
Manneken pis wears football kit. Source: James Cridland, Flickr

Tesla Twitter account and website hijacked, Elon Musk pwned

The website and Twitter account of carmaker Tesla were hacked over the weekend, as part of what looks like a prank between rival hackers. Elon Musk’s personal Twitter account was also hijacked on Saturday night (US time) by miscreants who at one point claimed to be from the infamous Lizard Squad hacking crew. The name …
John Leyden, 27 Apr 2015

MAC BOTNET uses REDDIT comments for directions

A zombie network that feasts on the computer brains of infected Macs has press-ganged 17,000 compromised machines into its ranks, Russian anti-virus firm Dr Web warns. The iWorm creates a backdoor on machines running OS X. Miscreants are using messages posted on Reddit as a navigational aid which points infected machines towards …
John Leyden, 03 Oct 2014

Sysadmins, patch now: HTTP 'pings of death' are spewing across web to kill Windows servers

The SANS Institute has warned Windows IIS web server admins to get patching as miscreants are now exploiting a flaw in the software to crash websites. The security bug (CVE-2015-1635) allows attackers to knock web servers offline by sending a simple HTTP request. Microsoft fixed this denial-of-service vulnerability on Tuesday …
Iain Thomson, 16 Apr 2015
F-16 falcon fighter jet

US Air Force: 'Loose tweets destroy fleets'

Pic The US Air Force has warned its personnel to keep quiet of their activities on Twitter – or as they put it: "Loose tweets destroy fleets." The notice reminds everyone that terrorist organizations and sympathizers will exploit any military information posted on social networks and other websites. The warning extends not only …
Shaun Nichols, 17 Aug 2015
The Kremlin in Moscow. Pic: Pavel Kazachkov

Kremlin hackers exploited TWO 0-day Flash, Windows vulns

A hacking group probably backed by Russia has been making use of two zero-day exploits to target foreign governments. The so-called "Operation RussianDoll" attackers used zero-day exploits in Adobe Flash and Windows to target a specific foreign government organisation. Security firm FireEye says the pattern of the attacks fits …
John Leyden, 20 Apr 2015

Dating gets even more dangerous after PlentyOfFish suffers tainted ads

Miscreants managed to squirt malware at users of dating site PlentyOfFish after planting malicious code in tainted ads. Users of PlentyOfFish are targeted by an array of fake adverts via the site’s ad network (as.360yield.com). This malvertising serves up content from booby-trapped sites. The Nuclear Exploit Kit hosted on …
John Leyden, 21 Aug 2015

Google, Adobe barricade Flash against hacker hordes – we peek inside

Google's team of computer security gurus have described the anti-hacker defenses they've helped Adobe add to Flash Player. It's hoped that these mechanisms will thwart or frustrate miscreants' attempts to exploit programming bugs in the software, and thus hopefully prevent attackers from hijacking victims' PCs and Macs. The …
Chris Williams, 17 Jul 2015

It's 2015, and someone can pwn Windows PCs by inserting a USB stick

Patch Tuesday Microsoft has released 14 sets of software patches to address critical security vulnerabilities in Windows, Office, Internet Explorer, and Edge. Yes, even Edge: Microsoft's supposedly whizzbang super-secure web browser. Users and sysadmins should apply August's Patch Tuesday fixes as soon as possible: the bugs can be exploited …
Shaun Nichols, 11 Aug 2015
band_aid_648

Four phone hijack bugs revealed in Internet Explorer after Microsoft misses patch deadline

Updated Microsoft has run out of time to fix four critical security vulnerabilities in the mobile edition of Internet Explorer – prompting HP's Zero Day Initiative (ZDI) to disclose their existence without revealing any damaging details. All four of the flaws present a remote code execution (i.e. malicious code injection on a Windows …
John Leyden, 23 Jul 2015

Bitdefender feeling a bit tender: Hackers enter anti-distemper vendor

One or more miscreants have been able to slurp and leak usernames and passwords from Bitdefender. The unencrypted login details belonged to some of the security biz's small business customers. Bitdefender, which makes antivirus software and other stuff, admitted its system was breached following rumors (here and here) that …
John Leyden, 31 Jul 2015

Google yanks fake Android battery monitor

Zscaler has spoiled someone's app-spoofing sting, discovering a fake battery monitor app on Google Play. Worryingly, the spoof app seems to have gotten past Google's self-lauded Bouncer app vetting system. The company reckons the malicious version of the BatteryBot battery indicator app was probably trying to put together an …
Funnel of cash. Credit: via SXC – http://www.sxc.hu/profile/Leonardini

Bloke clicks GitHub 'commit' button in Visual Studio, gets slapped with $6,500 AWS bill

A web developer from South Africa said a bug in a tool for using Microsoft's Visual Studio IDE with code-sharing site GitHub inadvertently exposed his sensitive data – and the error cost him more than $6,500 (£4,250) in just a few hours. Carlo van Wyk of Cape Town–based Humankode said he used the GitHub Extension for Visual …
Neil McAllister, 01 Sep 2015
Doctor Nick Riviera

Hackers invade systems holding medical files on 4.5 million Cali patients

UCLA Health hospitals say hackers may have accessed personal information and medical records on 4.5 million patients. The California medical group admitted today that miscreants infiltrated its computer systems as long ago as September. It is possible the intruders accessed databases holding patient names, addresses, dates of …
Shaun Nichols, 17 Jul 2015
gandalf

Google bakes W3C malware-buster into Gmail

If an online service offers even the slightest gap through which miscreants can launch an attack, they will do so. It's therefore not surprising that Google feels some extensions to its Gmail service may not be entirely friendly to users. The Chocolate Factory's, response, announced Tuesday, is to adopt the W3C's Content …
Simon Sharwood, 17 Dec 2014

Don't want pranksters 'bricking' your Android? Just stop using the internet, duh – Google

Video Trend Micro peeps say they have discovered a security bug that miscreants can exploit to seemingly murder millions of Android smartphones. A device will appear lifeless and unable to make calls, with a dead screen and no sound output, if an attack is successful, we're told. All a victim has to do is visit a dodgy webpage, or …
Iain Thomson, 30 Jul 2015
register logo

What keeps CIOs awake? Leaky data centres – or leaky C-suites?

Reg Events If you’re a tech boss who wants to get yourself into the spotlight, one guaranteed route to notoriety is to preside over a major security breach. But it’s the last thing you really want to do. Rather, for the sake of your employer, your customers, or, let’s face it, the sake of your career, you’re going to want to keep your …
Team Register, 20 Apr 2015

BitTorrent kills bug that turns networks into a website-slaying weapon

BitTorrent has fixed a flaw in its technology that quietly turns file-sharing networks into weapons capable of blasting websites and other internet servers offline. The San Francisco company said Thursday the patch for its libuTP software will stop miscreants from abusing the peer-to-peer protocol to launch distributed …
Shaun Nichols, 28 Aug 2015

Crims bait phishing hooks with Flash, cast at US Gov agencies

Hackers are attempting to break into US Government agencies using a recently patched Adobe Flash vulnerability, the FBI is warning. The attacks target flaw CVE-2015-5119 revealed and patched earlier this month that can if exploited allow attackers to run malware on victim machines. The agency warned of the attacks which began …
Darren Pauli, 20 Jul 2015
pipes

Web advertising giant (Google) to spew ads over web – using HTTPS

Google has vowed to serve ads over HTTPS from its massive advertising network. The move will make it easier for website owners to go fully SSL-protected, serving their webpages and ads over HTTPS rather than just the pages over HTTPS and mixing in ads over HTTP, which is insecure. It also means each ad and its link can't be …
Darren Pauli, 20 Apr 2015

ISC.org website hacked: Scan your PC for malware if you stopped by

The website for the Internet Systems Consortium, which develops the BIND DNS and ISC DHCP tools, has been hacked. Anyone who recently browsed ISC.org is urged to check their PC for malware as miscreants booby-trapped the site to infect visitors. The website has been replaced by a placeholder page warning netizens of the attack …
Chris Williams, 26 Dec 2014
Github octodex

GitHub ordered to hand over access logs to Uber

GitHub has been ordered to hand over records on some of its users to taxi-booking app Uber after unsuccessfully challenging a subpoena. Last month, Uber announced its driver database had been hacked in May 2014, but it had only noticed in September of that year. Uber discovered that a supposedly secret database access key had …
Kieren McCarthy, 25 Mar 2015

Calling all cybercrooks: Ready-made phone attack rig for sale

Cybercrooks are marketing a hardware-based tool for running denial of service attacks on telephone systems. The Telephone Denial of Service attacks (TDoS) rig is being sold by a group of cybercriminals called “TNT” from Eastern Europe via underground cybercrime forums. The tool, called “TNT Instant Up”, features a special …
John Leyden, 23 Feb 2015
The Queen Mother by Phil Houghton

Sony-blasting Lizard Squad suspects quizzed by UK and Finnish cops

UK police have arrested a suspected member of the infamous Lizard Squad crew. The 22-year-old from Twickenham, south-west London, was arrested by police on Tuesday, and questioned about alleged fraud against PayPal as well as claims he is reportedly linked to Lizard Squad – a group of cyber-miscreants who made headlines …
John Leyden, 02 Jan 2015

Hey kids, who wants to pwn a million BIOSes?

The overlooked task of patching PC BIOS and UEFI firmware vulnerabilities leaves corporations wide open to attack, a new paper by security researchers warns. Xeno Kovah and Corey Kallenberg argue that the poor state of low-level software security is among the easiest ways for hackers to deeply infiltrate organizations. A …
John Leyden, 12 Jun 2015

Adobe to hire security auditor to prevent repeat of password SNAFU

Australia's privacy commissioner says basic mistakes at Adobe allowed hackers to ransack its customer database in 2013, and reveals that the company plans to appoint auditors to make sure it won't experience a repeat of the breach. Timothy Pilgrim, holder of the privacy commissioner's office, yesterday released a report [PDF] on …
Simon Sharwood, 09 Jun 2015
facebook_shock_648

Wanna harvest a stranger's Facebook data? Get a mobile number and off you go

Hackers and other miscreants are able to access names, telephone numbers, images and location data in bulk from Facebook, using only a cellphone number. The loophole was revealed by software engineer Reza Moaiandin. Moaiandin, technical director at UK-based tech firm Salt.agency, exploited a little-known privacy setting in a …
John Leyden, 12 Aug 2015
The Day the Earth Stood Still

FCC to crack down on robocall spammers' beloved loophole

The US Federal Communications Commission (FCC) has put forward rules to close a loophole used by robocallers and text-message spammers. The proposed regulations, if approved, will ban robocallers from harassing citizens when they take over a previously used number. Even if the previous owner of the number was OK with the calls, …
Shaun Nichols, 27 May 2015

Using Office 365 at work? It's dangerous to go alone! Take this...

Microsoft is adding some security tools, dubbed Advanced Threat Protection, to Office 365 for its business and government subscribers. The utilities will try to curb malware writers and phishers seeking to exploit vulnerabilities via emailed attachments and links. "As hackers around the globe launch increasingly sophisticated …
Iain Thomson, 08 Apr 2015
Blackmail

More deaths linked to Ashley Madison hack as scammers move in

The Ashley Madison leak may have driven another two people to suicide, police in Toronto, Canada, fear. And scammers are harassing anyone named in the databases, which were swiped from the website by hackers and published online. Word of the two Ashley Madison-linked deaths in Canada came after a government worker in San …
Iain Thomson, 24 Aug 2015
Good riddance to bad Java

Chrome version 42 will pour your Java coffee down the drain: Plugin blocked by default

The latest release of the Chrome web browser, version 42, will block Oracle's Java plugin by default as well as other extensions that use the deprecated NPAPI. The Chrome 42 – available now – brings about the end of official support for NPAPI, a move that will render various plugins incompatible with the browser. Among those …
Shaun Nichols, 14 Apr 2015
Sony PS4

Sony grovels, offers freebies after PlayStation network spent Xmas TITSUP

Sony has offered free membership and discounts to its console gamers after the PlayStation Network fell off the interwebs for several days over Christmas. The troubled entertainment giant said it would offer those whose free trial of PlayStation Plus was interrupted by the outages five more free days, while all PlayStation …
Shaun Nichols, 03 Jan 2015
Free Realms

PlayStation Network blasted offline AGAIN. Just not Sony's decade

Sony's PlayStation Network has suffered yet another outage: the PlayStation store went titsup in the early hours of Monday, UK time. Hacktivist group the Lizard Squad claimed responsibility for flooding the servers off the internet using a distributed denial-of-service attack. The PlayStation giant said on its Twitter account …
Kelly Fiveash, 08 Dec 2014
America

White House cyber-general says US must be able to cyber-nuke the worst of the cyber-worst

RSA 2015 The US government must hone its offensive capabilities to electronically attack those who menace America's interests, said the White House's Cybersecurity Coordinator Michael Daniel, quickly adding global ground rules for cyber-war have to be worked out first. On April 1, President Obama signed an executive order that would …
Iain Thomson, 21 Apr 2015

Home routers co-opted into self-sustaining DDoS botnet

Hackers have established "self-sustaining" botnets of poorly secured routers, according to DDoS mitigation firm Incapsula. The hijacked routers – located mostly in Thailand and Brazil – were easy pickings for hackers because of the use of factory-default usernames and passwords. Knowledge of these login credentials allowed …
John Leyden, 13 May 2015

Microsoft: Hey, you. Done patching Windows this month? WRONG

Microsoft is urging everyone to install an emergency security update for all supported versions of Windows to fix a remote-code execution vulnerability. Details of the vulnerability were found and reported to Microsoft by security researchers poring over internal memos leaked online from spyware-maker Hacking Team. This …
Chris Williams, 20 Jul 2015

Adulterers antsy as 'entire' Ashley Madison databases leak online

Hackers at the Impact Team have apparently carried out their threat to publish the customer databases of Ashley Madison – a hookup website designed for those who want to cheat on their partners. In July, the hackers announced that they had successfully scraped the servers of Ashley Madison, and its sister site Established Men …
Iain Thomson, 18 Aug 2015

Cortana, remind me to patch Windows, IE, and Adobe gear next Tues

Microsoft will release eight security updates next Tuesday to squash remote-code execution bugs in Windows and Internet Explorer among other flaws. Meanwhile, Adobe will issue new versions of Acrobat and Reader for this month's Patch Tuesday. Two of the security updates from Microsoft are rated as critical because they allow …
Shaun Nichols, 09 May 2014
cloud

ZeuS miscreants offer up honeypot

Cybercrooks are attempting to turn the tables on security researchers by setting up fake interfaces on their botnets in a bid to confuse and confound analysis. The fake honeypot tactic was brought into play by a group using a variant of the infamous Zeus crimeware toolkit. The unknown miscreants targeted quarterly federal …
John Leyden, 05 Nov 2010

Bash bug flung against NAS boxes

Hackers are attempting to exploit the BASH remote code injection vulnerability against Network Attached Storage (NAS) systems. Miscreants are actively exploiting the time-to-patch window in targeting embedded devices, security firm FireEye warns. We have evidence that attackers are actively exploiting the time-to-patch window …
John Leyden, 01 Oct 2014