Security > More stories

Bank vault

BAE Systems partners with SWIFT to bolster hacker intel

BAE Systems has been recruited to help SWIFT's newly formed Customer Service Intelligence team in a bid to get ahead of cyber-criminals targeting banks connected to the global financial messaging service. The announcement follows the analysis and identification of malware that BAE Systems’ threat intelligence team was able to …
John Leyden, 15 Jul 2016

Cisco gives you two nasty bugs to fix before the weekend

Cisco has patched two vulnerabilities, including a remote denial of service bug in its Network Convergence System routers. Attackers can send packets to TCP listening ports running SSH, secure copy protocol, and secure FTP that can overwhelm NCS 6000 routers and cause processors to reload. The Borg rates the vulnerability ( …
Team Register, 15 Jul 2016

ANZ Bank staffers drop slick incident response tool for Mandiant mobs

Security boffins at ANZ, one of Australia's largest banks, have offered their nightHawk incident response tools for organisations running free Mandiant tools. Mandiant's open source platform is fit for enterprises requiring incident response at scale, and can run off a laptop for many investigations. ANZ bank security …
Darren Pauli, 15 Jul 2016
Nexus 6P

Google's Nexii stand tall among Android's insecure swill

Nexus devices are, unsurprisingly, the most secure Androids, says security outfit Duo. The devices are regarded as Google's flagship Android device on account of its operating system running the stock Android open source project (AOSP). Android phones from other manufacturers nearly always add custom modifications and are …
Darren Pauli, 15 Jul 2016

Chinese hacker jailed for shipping aerospace secrets home

Chinese national Su Bin has been sentenced to 46 months jail after admitting his role in stealing information on the Lockheed F-22 and F-35 aircraft, along with Boeing's C-17 cargo plane. The aviation expert worked with two members of China's military to attack networks of Boeing and US and European defence contractors in …
Darren Pauli, 15 Jul 2016

Microsoft silently kills dev backdoor that boots Linux on locked-down Windows RT slabs

Microsoft has quietly killed a vulnerability that can be exploited to unlock ARM-powered Windows RT tablets and boot non-Redmond-approved operating systems. The Register has learned that one of the security holes addressed this week in the July edition of Microsoft's Patch Tuesday closes a backdoor left in Windows RT by its …
Shaun Nichols, 15 Jul 2016

Thermostat biz Nest warms to home security, touts cam with cloud storage subscription

Nest has launched its first new product in several years: an outdoor surveillance camera. The Nest Cam Outdoor is effectively a rebuild of its existing Nest Cam designed for the outside. We had an early peek at it and came away with the sense that the company once famed for reinventing the thermostat has found at least some of …
Kieren McCarthy, 14 Jul 2016

Symantec, Intel carve out diminishing slice of growing security market

Worldwide security software revenues rose 3.7 per cent to reach $22.1bn in 2015, according to analyst Gartner. Security information and event management (SIEM) remained the fastest-growing sub segment of the cybersecurity biz last year, experiencing 15.8 per cent growth. By contrast, consumer security software recorded a 5.9 …
John Leyden, 14 Jul 2016

You really do want to use biometrics for payments, beam banks

Two in three European consumers actively want to use biometric technology when making payments, according to a new Visa-sponsored survey. Nearly three in four (73 per cent) see two-factor authentication – where a form of biometrics is used in conjunction with a payment device – as a secure payment authentication method. More …
John Leyden, 14 Jul 2016

Critical remote code execution holes reported in Drupal modules

Drupal is calling on its users to patch a dangerous remote code execution hole that can let attackers easily hijack sites. The content management system has some 15 million downloads, compared to WordPress on 140 million and Joomla with 30 million, but is used on big ticket and business sites including nine percent of the …
Darren Pauli, 14 Jul 2016
Image: Lessimol http://www.shutterstock.com/gallery-1612118p1.html

Cryptocat dev reckons WhatsApp is blocking calls to Saudi numbers

Lebanese-Canadian developer Nadim Kobeissi has taken aim at WhatsApp, accusing it of fudging about why calls to Saudi numbers don't work. In a long post at GitHub Gist, Kobeissi (best known for his work on secure chat app Cryptocat) says the blocks seem to be in WhatsApp, even though the company claims Saudi networks are …
Image by Daniel Wiedemann http://www.shutterstock.com/gallery-89719p1.html

CloudFlare probes mystery interception of site traffic across India

An unknown agency in India, possibly telco Airtel, is quietly capitalising on encryption gaps in sites tended by DDOS-buster CloudFlare to intercept and redirect users. Little is yet known about the attacks, so far detected targeting piracy torrent site The Pirate Bay and a handful of other outfits. CloudFlare engineers have …
Darren Pauli, 14 Jul 2016
Patchwork

Juniper's bug hunters fire out eight patches

Juniper has fired off fixes for eight security vulnerabilities. The company has been running Junos OS through the security mill since late last year, when its now-notorious backdoor hit the headlines. Junos OS systems running either generic routing encapsulation (GRE) or IP-in-IP (IPIP) tunnels are vulnerable to a kernel …

Tor board swept under carpet after Appelbaum 'sex misconduct' claims

The entire board of the Tor Project has been replaced in an effort to restore credibility in the anonymizing network software. In an announcement on the non-profit's website, executive director Shari Steele noted that the board decided to leave as a block and replace themselves entirely with a new set of six people, including …
Kieren McCarthy, 14 Jul 2016
Twiki

White hat hacker AI bots prepare for DARPA's DEF CON cyber brawl

The research wing of the US military has picked the seven teams who will compete to build machine-learning software that can find and patch bugs automatically to fend off hackers. The DARPA Cyber Grand Challenge will be held at the DEF CON hacking conference next month. The agency has put up $2m in prize money in the unlikely …
Iain Thomson, 13 Jul 2016
scrooge

Generous Fiat Chrysler offers $1,500 for car security bugs – or two minutes of annual profit

Fiat Chrysler has finally got around to offering a bounty on bugs found in its cars. But the scheme is unlikely to get any takers considering the pitiful amount of money on offer. Last year car-hacking artistes Charlie Miller and Chris Valasek took remote control of the engine, brakes, and minor systems of such Fiat Chrysler …
Iain Thomson, 13 Jul 2016
A person hiding in a box

US govt bank insurer 'covered up China hack to protect top boss'

The US Federal Deposit Insurance Corporation – a government agency tasked with safeguarding citizens' bank accounts – deliberately covered up a cyberattack by China to protect its incoming chairman. This is according to a damning report from Republican members of the US House Committee on Science, Space and Technology, who …
Shaun Nichols, 13 Jul 2016

Kids’ shoes seller Start-rite suspends sales following breach

Children’s shoes retailer Start-rite Shoes has suspended sales following the discovery of an attack by hackers last weekend. UK-based Start-rite reckons hackers may have obtained customer names, postal address, telephone number and email address of its clients. Payment details are not stored on the site and therefore should …
John Leyden, 13 Jul 2016

Exploit kit miscreants rush to plug gap in cyber-crime marketplace

Cybercrooks behind the Sundown Exploit Kit are rapidly updating the hacking tool in a bid to exploit a gap in the market created by the demise of the Angler and Nuclear exploit kits. While RIG and Neutrino have been the primary protagonists in the void left by Angler and Nuclear, Sundown is also vying for an increased share in …
John Leyden, 13 Jul 2016
Pic: Shutterstock

Meet Riffle, the next-gen anonymity network that hopes to trounce Tor

Next week, top eggheads will unveil a new anonymizing internet tool that they claim is snoop-proof and faster and more reliable against attack than Tor. Dubbed Riffle, the system was developed by MIT and the École Polytechnique Fédérale de Lausanne in Switzerland. It uses the same onion-encryption system as Tor, which wraps …
Iain Thomson, 13 Jul 2016
Office Space

It's 2016 and Windows lets crims poison your printer drivers

Among the Microsoft messes addressed in latest round of Patch Tuesday updates is a real doozy that allows remote attackers to compromise Windows machines thanks to a critical security vulnerability affecting printer drivers. The flaw is found in all desktop Windows since Vista and Windows Server since 2008 and means …
Darren Pauli, 13 Jul 2016

50 CELEBRITY SECRETS EXPOSED scores year behind bars

The New York man behind a 2014 data dump site exposed.su has been sentenced to a year in prison, plus 12 months for time already served, for doxing high-profile figures including First Lady Michelle Obama, Presidential candidate Donald Trump, and artist Jay Z, and placing dozens of highly-dangerous swatting calls. Mir Islam, …
Darren Pauli, 13 Jul 2016
Cell tower, view from below. Image by Shutterstock.com

US drug squads told to get a warrant before tracking mobile phones

A US federal judge in New York State has pushed back against Uncle Sam's Drug Enforcement Agency's use of Stingrays, saying evidence collected by the fake phone masts isn't admissible. A Maryland judge ruled in 2015 that investigators need court-approved warrants to set up pretend cellphone towers that track people by their …
Road Closed sign

VPN provider claims Russia seized its servers

VPN provider Private Internet Access (PIA) says its servers have been seized by the Russian government, so has quit the country in protest at its privacy laws. The company has sent an e-mail to users claiming some of its servers have been seized, even though the enforcement regime – in which all Internet traffic has to be …
Rusted car

Next month's Firefox 48 is looking Rusty – and that's a very good thing

Mozilla says it will next month ship the first official Firefox build that sports code written in its more-secure-than-C Rust programming language. The Firefox 48 build – due out August 2 – will include components developed using Rust, Moz's C/C++-like systems language that focuses on safety, speed and concurrency. It's hoped …
Shaun Nichols, 12 Jul 2016
Cthulu emerges from a printer. Image created by illustrator Andy Davies. Copyright: The Register

Webpages, Word files, print servers menacing Windows PCs – yup, it's Patch Tuesday

Microsoft will fix critical holes in Internet Explorer, Edge, Office and Windows with this month's Patch Tuesday security bundle. Meanwhile, Adobe has patched dozens of exploitable vulnerabilities in its Flash player. Redmond's July release includes 11 sets of patches, six rated as "critical" and five classified as "important …
Shaun Nichols, 12 Jul 2016

SCADA malware caught infecting European energy company

Security researchers have identified a strain of malware that has already infected at least one European energy company. The malware, dubbed SFG, is related to an earlier sample called Furtim, that created a backdoor on targeted industrial control systems. This backdoor might be used to deliver a payload which could be used to …
John Leyden, 12 Jul 2016
Image by gyn9037 http://www.shutterstock.com/gallery-691846p1.html

Nukeware: New malware deletes files and zaps system settings

Lazy but sneaky cybercrooks are slinging a new ransomware variant that falsely claims to have encrypted files when in reality it has deleted them. Ranscam tricks victims by falsely claiming that files have been moved onto an hidden, encrypted partition. In reality the malware has deleted files and comprehensively messed with …
John Leyden, 12 Jul 2016
Wordpress logo

Nasty session stealing hole filled in WordPress All in One SEO plugin

The developers have patched a hole in the popular All in One search engine optimisation WordPress plugin, a tool that's been downloaded by some 30 million users and is used on a million sites. Flaws exist in the Bot Blocker component which can be exploited to steal administrator tokens and conduct actions through cross-site …
Darren Pauli, 12 Jul 2016
Password

Purloined password re-use checker pees in the security soup

Lazy password reusers are at even higher risk of having accounts compromised following the publication of a proof-of-concept tool that can quickly test credentials against a host of sites. The work is the penmanship of Netsuite security bod Philip O'Keefe who uploaded his tool dubbed Shard to GitHub. Shard tests shared …
Team Register, 12 Jul 2016
Image by Alphonsine Sabine http://www.shutterstock.com/gallery-1997672p1.html

Android Nougat may contain traces of NOT for users of custom CAs

Google will sweeten the forthcoming Nougat release of Android by changing the way apps work with certificate authorities (CAs) and simplifying APIs. The changes will affect only some apps and users, Android security team software engineer Chad Brubaker says . The changes mean Google will not automatically trust user-selected …
Darren Pauli, 12 Jul 2016
Grandmotherly woman knits. Photo by shutterstock

Florida U boffins think they've defeated all ransomware

Researchers from the University of Florida and Villanova University reckon ransomware can be stopped by watching what it's doing to the target's files. Taking a “save what you can” approach, the authors of this PDF reckon in their tests they were able to lower the boom on ransomware when it had encrypted just 0.2 per cent of …
Image: Marvel

Aussie researcher claims 'Antminer' bitcoin boxen can be broken

Australian security researcher Tim Noise says scores of popular Antminer Bitcoin mining devices could be commandeered. Noise demonstrated how a vulnerability in the configuration of the open source mining program CGminer running on an Antminer box can be abused to redirect the efforts of massive mining operations to fill an …
Darren Pauli, 12 Jul 2016

Pokemon Go oh no no no, we're not reading your email, says gamemaker

Final update This was a developing story: read through to the updates for the full scoop. Smash-hit mobile game Pokemon Go's catchphrase is "you gotta catch 'em all" – gotta catch all your Google accounts, it seems. As spotted today by IT architect Adam Reeve, the ultra-popular monster-catching vitamin-D-injecting exercise-encouraging …
Shaun Nichols, 11 Jul 2016

Omni-shambles! Card-stealing malware checks into US hotel chain

Yet another US hotel chain has admitted malware infected its computer systems and stole guests' bank card information. Omni Hotels said today [PDF] an attacker managed to infiltrate its IT network and inject a software nasty into its payment terminals that siphoned off copies of people's credit and debit cards. The malware …
Shaun Nichols, 11 Jul 2016
Mullard Radio Astronomy Observatory

Amazingly insecure industrial control systems + internet = Cupful of nope

Many industrial control system are exposed to the internet, creating a severe risk because most are hopelessly insecure, according to a new study by Kaspersky Lab. To minimise the possibility of a cyber-attack, Industrial Control Systems (ICS) are supposed to be run in a physically isolated environment. In total, 188,019 hosts …
John Leyden, 11 Jul 2016
Daleks in Doctor Who – Witch's Familiar. Pic credit: BBC

Drowning Dalek commands Siri in voice-rec hack attack

University boffins have brewed one of the most complex mechanisms for loading malware onto phones by way of surreptitious Google Now and Siri voice commands hidden in YouTube videos. For the attack to work, phones need to be in a state where they can receive voice commands - a feature often left unlocked - and close enough to …
Darren Pauli, 11 Jul 2016

Lurk trojan takedown also took out Angler exploit kit

Security researchers have discovered a possible link between the demise of the Angler Kit and a crackdown against the Lurk banking trojan crew. In June, a group of individuals was arrested in Russia for using Lurk to target Russian banks. Cisco Talos researchers noticed that within a week of the arrests, Angler had disappeared …
John Leyden, 11 Jul 2016
Image composite Alex Yeung, NesaCera, NesaCera Shutterstock

White hat banned for revealing vulns in news sites used by London councillors

Security consultant Andrew Tierney has claimed that web platform NeighbourNET contains nasty vulnerabilities that could compromise users. The company's sites are used for local news services, often by councils and councillors to communicate with residents. London districts favoured with sites powered by the service include …
Darren Pauli, 11 Jul 2016

Hacker bites Datadog, finds hard-to-chew bcrypt passwords

Software as a service monitoring platform Datadog, used by the likes of Facebook, Salesforce, and Citrix, has been breached and therefore suggested strongly that customers reset their passwords. The company says attackers hit multiple servers Friday including production servers, and a database of user credentials. Other …
Darren Pauli, 11 Jul 2016
Pokemon toys

Teen thugs lure, rob Pokemon Go gamers

Enterprising teen thugs have used a feature in the virally-popular Pokemon Go mobile game to lure and rob gamers. The mobile app, released last week, uses augmented reality to overlay Pokemon around the real world, requiring players to walk around to collect the famed characters. Police at the US State of Missouri's O’Fallon …
Darren Pauli, 10 Jul 2016
Pokemon toys

Android Mew-ware, I choose you: Code nasty poses as Pokemon GO

Mind those downloads from non-official app stores: Android malware has been spotted posing as knockoff copies of the popular Pokemon GO game. According to a report from security biz Proofpoint, repackaged versions of the game have been found carrying a software nasty that grants remote-control access of infected devices to …
Shaun Nichols, 8 Jul 2016