Feeds

Security > More stories

apple mac malware vxer

Apple blats WireLurker OS X, iOS malware – but fanbois aren't safe yet

It appears the WireLurker malware threatening Macs, iPads and iPhones has, for now, been partially neutralized. Apple told The Reg it has revoked a previously legit cryptographic certificate the malware was using to sign itself: this certificate tricked iOS devices into trusting and installing WireLurker's malicious apps. Now …
Shaun Nichols, 7 Nov 2014

Bloke, 26, accused of running drug souk Silk Road 2.0 cuffed by Feds

A California man accused of running Silk Road 2.0 – a copycat drugs market hidden within the Tor network – has been arrested by the FBI. The website has since been torn down by Uncle Sam's agents. The Feds and the US Department of Justice claim 26-year-old Blake Benthall of San Francisco used the alias "Defcon" when operating …
Shaun Nichols, 6 Nov 2014
Hacker baseball cap

Hackers use DRAFT emails as dead-drops for running malware

Sneaky hackers are using Gmail and Yahoo! drafts to control compromised devices, with the tactic designed to make detection of malware-related communications more difficult to pick up in enterprise environments. Attacks occur in two phases. Hackers first infect a targeted machine via simple malware that installs Python onto the …
John Leyden, 6 Nov 2014
Pandemia

Rovnix Trojan infection outbreak infects 130,000 machines in Blighty

A new cluster of infections by the Rovnix Trojan has infected more than 130,000 Windows computers in the UK alone. The data-stealing malware is also affecting Germany, Italy, the US and Iran to a far lesser extent - 87 per cent of the computers infected are actually in the UK, according to anti-virus firm Bitdefender. Rovnix is …
John Leyden, 6 Nov 2014

Hide your Macs, iPhones and iPads: WireLurker nasty 'heralds new era'

The largest-scale attack of its kind on Apple Macs, phones and tablets – and believed the first to maliciously target non-jailbroken iPhones – has been detected. And it's hit thousands and thousands of devices in the wild. WireLurker infects OS X computers, and lies in wait for USB connections to Apple iPads and iPhones. It then …
Darren Pauli, 6 Nov 2014

NSA director: We share most of the [crap] bugs we find!

The National Security Agency (NSA) is only holding back a teeny, tiny number of code secrets, with director Admiral Mike Rogers promising the world the spook collective shares 'most' of the vulnerabilities it finds. The agency head made the remarks on his second visit to Silicon Valley since his appointment in April this year. …
Darren Pauli, 6 Nov 2014
Azure Index

Microsoft releases free anti-malware for Azure VMs

Free anti-malware software is not hard to find: even reputable vendors offer product at the low, low, price of $0.00 for client devices/ Microsoft is now doing the same for servers – or at least for virtual machines in its Azure cloud with a new offering called (deep breath now) Microsoft Antimalware for Azure Cloud Services and …
cookies_eyes_privacy evercookies flash cookies

EFF: VPNs will crumble Verizon's creepy supercookie stalkers

The Electronic Frontier Foundation says Verizon's silent supercookies, which always follow subscribers around the internet, are being abused by creepy advertisers to push targeted ads. The EFF says people should start using encrypted VPNs by default to claw back their privacy, because opting out of the system is not enough. Two …
Iain Thomson, 6 Nov 2014
Malware

158 new malware created EVERY MINUTE

Malware monitors PandaLabs says 227,747 new malware samples are released every day. The findings from its recent survey found 20 million samples were created in the third quarter of 2014. Three quarters of infections were trojans while only 9 percent were viruses and 4 percent worms. The number of trojans rose 13 percent over …
Darren Pauli, 6 Nov 2014
John Brennan protests TSA security by going starkers

Feds investigate Homeland Security background checker security breach

A contractor running background checks for the US Department of Homeland Security has suffered a potentially embarrassing security breach. The security snafu at USIS reportedly led to the theft of some DHS employees’ personal information. The recently discovered breach prompted DHS to suspend all work with USIS, pending the …
John Leyden, 5 Nov 2014
Fawlty Towers

Watchdog bites hotel booking site: Over 3k card details slurped

Hotel booking website Worldview Limited has been fined £7,500 over a security breach involving its website that allowed hackers to swipe the full payment card details of some 3,814 customers. Sensitive data was accessed after the unidentified attacker exploited a SQL injection flaw in Worldview website to access the firm's …
John Leyden, 5 Nov 2014
President Putin doing judo

Russia to ban iCloud.. to PROTECT iPhone fiddlers' pics 'n' sh*t

The Kremlin is set to ban Apple's iCloud as part of plans to throw up a new iron curtain around Russia's digital communications. Anti-data-offshoring laws will come into force on New Year's Day 2015 that require all data generated within Russia to be stored within its borders. Apple's iCloud service has been in the news …
Jasper Hamill, 5 Nov 2014

Crypto collision used to hijack Windows Update goes mainstream

The cryptographic hash collision attack used by cyberspies to subvert Microsoft's Windows Update has gone mainstream, revealing that MD5 is hopelessly broken. Security researcher Nat McHugh created two images of different rock 'n' roll icons - James Brown and Barry White - with the same MD5 hash. "The images were just two I …
John Leyden, 5 Nov 2014
Range Rover Evoque Si4

Israeli ex-spies want to help you defend your CAR from cybercrooks

Security shortcomings in new cars could nurture a new branch of the infosec industry in much the same way that Windows' security failings gave rise to the antivirus industry 20 or so years ago, auto-security pioneers hope. Former members of Unit 8200, the signals intelligence unit of the Israel Defense Forces, have banded …
John Leyden, 5 Nov 2014
grab_that_cash

Who wants to be A MILLIONAIRE? Not so fast, Visa tells wannabe pay-by-bonk thieves

Visa Europe has downplayed a new attack that could steal hundreds of thousands in foreign currency over the air from contactless credit cards. The electronic robbery was devised by researchers at Newcastle University in the UK, but the banking giant claims the techniques used aren't feasible in the real world. The researchers' …
Iain Thomson, 5 Nov 2014

Huffy BlackEnergy vxers cry: 'f*ck U Kaspersky', thank Cisco for 0-days

Developers of the maturing malware weapon BlackEnergy have written a personal message for Kaspersky reverse engineers and Cisco developers in new code that targets Linux and router kit. Pesky malware researchers have kept an eye on BlackEnergy since it evolved from a denial-of-service attack tool to version two kit used by …
Darren Pauli, 5 Nov 2014

Google puts down POODLE, now wants to eradicate breed

A trio of Googlers have released a tool to help sysadmins identify applications and services open to nasty transport layer security vulnerabilities such as POODLE, Heartbleed and Apple's gotofail. The dryly named nogotofail tool, written by Android engineers Chad Brubaker, Alex Klyubin and Geremy Condra, allows devs to set up a …
Darren Pauli, 5 Nov 2014

Hackers plunder Hilton 'HHonors' rewards points, go on shopping spree

Millions of Hilton HHonors* rewards points are being stolen and sold online traded in by scammers for gift cards and goods. Points appear to be stolen through brute force attacks. One user on a forum has released simple capture code alleged to have been used to breach accounts protected only with a four-digit PIN on the Hilton …
Darren Pauli, 5 Nov 2014
BCE video days: Jack Mullin, Bing Crosby and Wayne Johnson

Raj Samani: The Director’s Cut

Regcast after dark After our recent Regcast in which Raj Samani of McAfee's Intel Security scared us to death about security threats businesses are facing (before showing us how automating our security systems means we’re not doomed if we do the right thing), we got the sense he had more to say. Youtube Video We were right. So we sat Raj down for …
Tim Phillips, 4 Nov 2014

Apple OSX Yosemite infested by nasty 'Rootpipe' vuln

A Swedish security researcher has turned up a serious vulnerability in OS X “Yosemite”, but details are to be withheld until January, giving Apple time to prepare a patch. The vuln was first described in mid-October, when Truesec posted a YouTube video (below) that sketchily described the existence of the bug. Truesec …
Wifi grumpy cat

Pay-by-bonk 'glitch' means cards can go kaching-for-crims

Researchers from the UK's Newcastle University have outlined how pay-by-bonk cards can be p0wned by a “rogue POS terminal” running on a mobile phone. To be detailed on Wednesday at the 21st ACM Conference on Computer and Communications Security, the attack is said to rely on a “rogue POS terminal” being set up with a pre-set …
News team, 4 Nov 2014

Forging administrator cookies and crocking crypto ... for dummies

Security pro Laurens Van Houtven has created a free introduction cryptography course to help programmers lift their infosec game. The Crypto 101 book contained everything needed to understand complete systems including block and stream ciphers; hash functions; message authentication codes; public key encryption; key agreement …
Darren Pauli, 4 Nov 2014
Sham Shui Po market Hong Kong

Pro-democracy Hong Kong sites DDoS'd with Chinese cyber-toolkit

Hacking attacks against organisations promoting democracy in Hong Kong were run using the same infrastructure previously linked to Chinese cyber-espionage attacks, according to new research from security firm FireEye. Sites promoting the Occupy Central Pro Democracy movement, including Next Media’s Apple Daily publication and …
John Leyden, 3 Nov 2014

VMware: Yep, ESXi bug plays 'finders keepers' with data backups

Running VMware’s ESXi and diligently backing up your data in the belief it’s safe as houses? Think again. VMware has quietly ‘fessed up to the existence of a bug affecting all versions of its bare-metal hypervisor. It copped the problem in its knowledge base as users began cottoning on to the fact something was amiss in their …
Gavin Clarke, 3 Nov 2014
ISIS leader Shakir Wahiyib with Facebook thumbs-up

Pro-ISIS script kiddies deface West Yorkshire egg-chasers' site

Pro-ISIS script kiddies defaced the website of Rugby League team the Keighley Cougars over the weekend in the latest of a series of attacks against somewhat obscure targets. The West Yorkshire club's home page was replaced by a black screen and the message: "I love you Isis" with the tag "Hacked By Team System DZ" at the top of …
John Leyden, 3 Nov 2014

Auditors find encrypted chat client TextSecure is secure

Popular text and instant messaging client TextSecure would offer excellent security ... if it patched an attack vector found by a German research team conducting the first audit of the software. The app was downloaded half a million times from the Android play store and was built into the popular Cyanogenmod Android operating …
Darren Pauli, 3 Nov 2014

Remote code execution flaws fixed in tnftp and wget

The maintainer of the tnftp FTP client has patched a remote code execution vulnerability which affected operating systems including NetBSD, FreeBSD and Mac OS X. The flaw (CVE-2014-8517), which did not affect OpenBSD due to modifications, was patched over the weekend. Maintainer Luke Mewburn notified NetBSD (which ships tnftp) …
Darren Pauli, 3 Nov 2014

LastPass releases Open Source command line client

LastPass has published an open source command line application to provide terminal-loving devs with alternative access to their passwords and login data. The outfit says the app improves user security, with a growing list of commands that lets users edit their LastPass data. It also supports functions such as regular automated …
Darren Pauli, 2 Nov 2014
Gottfrid Svartholm Warg

Pirate Bay co-founder JAILED for three years after massive CSC HACK ATTACK

The Pirate Bay co-founder Gottfrid Svartholm Warg was banged up for three and a half years on Friday. The jail term comes after the 30-year-old was found guilty of hacking charges by a court in Denmark on Thursday. Warg and an unnamed, 21-year-old accomplice hacked into the mainframe of American tech outfit CSC, which was …
Kelly Fiveash, 1 Nov 2014

Facebook lifts Tor ban, touts encrypted onion access point

Facebook has changed its stance on Tor traffic and will now provide users with a way to connect to its free content ad network using the anonymizing service. The company said that it will now offer a special URL – https://facebookcorewwwi.onion – that will allow users running Tor-enabled browsers to access the service. Facebook …
Shaun Nichols, 31 Oct 2014

Popular Science site shrugs off malicious code infection

Surfers visiting Popular Science would be well advised to check their systems following an attack that has left the site compromised and harbouring malicious code. Security firm Websense warns that visiting the site exposed surfers to the RIG exploit kit. The malicious code was removed on Wednesday, but a number of surfers may …
John Leyden, 31 Oct 2014
Cloud security image

Microsoft patches GroupMe 'full account' hijack hole

Microsoft has patched a simple 'full-account takeover' flaw in its popular iOS and Android messaging client GroupMe. The app once described as "utterly indispensable" had of 2012 processed a whopping 550 million messages a month, and was downloaded 76,000 times from Google's Play Store. New York hacker Dylan Saccomanni said in …
Darren Pauli, 31 Oct 2014

Free government-penned crypto can swipe identities

The PLAID (Protocol for Lightweight Authentication of Identity) cryptography kit appears to be insecure. PLAID is a homebrew cryptography system designed by Centrelink - the Australian government agency that shovels out tens of billions a year in welfare payments. The system has been considered for use by US government agencies …
Darren Pauli, 31 Oct 2014

Google heads out the back with rifle, puts down POODLE

Google will destroy vicious POODLE in a pending update to its flagship Chrome browser. Update 40 will remove SSLv3 and the hard-to-exploit cookie-stealing Padding Oracle on Downgraded Legacy Encryption (POODLE) attack. Mountain View followed Redmond in its browser POODLE put-down after a single click FixIt SSLv3 disabler was …
Darren Pauli, 31 Oct 2014
Gottfrid Svartholm Warg

Danish court finds Pirate Bay cofounder guilty of hacking CSC servers

Gottfrid Svartholm Warg, cofounder of the Pirate Bay, has been found guilty of hacking charges by a court in Denmark, which ruled that he and a 21-year-old accomplice had hacked US technology company CSC to gain access to Danish government servers. "We welcome the decision of the court, and the trial clearly demonstrated the …
Iain Thomson, 30 Oct 2014

BIGGEST THREAT to Europe’s cybersecurity? Hint: not hackers

Forget cyber-espionage, cyber-warfare and cyber-terrorism. The biggest threat to Europe’s infrastructure cybersecurity are power outages and poor communication. On Thursday, ENISA (European Network and Information Security Agency) held its biggest ever cybersecurity exercise involving more than 200 organisations and 400 cyber- …
pyramidinvestnorthafrica

The ULTIMATE CRUELTY: Sandworm uses PowerPoint against Swiss bank customers

The Sandworm vulnerability is being actively abused to attack Swiss banking customers, Danish security consultancy CSIS has warned. CSIS reports that the attacks are pushing the latest version of the Dyre banking trojan. Attacks arrive as spam emails under the guise of information about unpaid invoices. In reality the …
John Leyden, 30 Oct 2014
alertme review energy meter monitor

UK smart meters arrive in 2020. Hackers have ALREADY found a flaw

British consumers could easily hack into controversial new smart meters, allowing them to illegally slash their energy bills, cyber-security experts have warned. The caution came as top White Hall apparatchiks met with energy industry leaders today to discuss plans that will see the the devices installed in every British home by …
Jasper Hamill, 30 Oct 2014

UK consumers particularly prone to piss-poor patching

UK consumer patching practices have worsened still further over the last three months, increasing the threat of malware problems, according to a new study by IT security provider Secunia. Secunia estimates 12.6 per cent of UK users are running unpatched operating systems, up from 9.7 per cent the previous quarter. In addition, …
John Leyden, 30 Oct 2014

Carders offer malware with the human touch to defeat fraud detection

A new cybercrime tool promises to use credit card numbers in a more human way that is less likely to attract the attention of fraud-detection systems, and therefore be more lucrative for those who seek to profit from events like the Target breach. The "Voxis Platform" is billed as "advanced cash out software" that promises to …
Darren Pauli, 30 Oct 2014
quasar map

Mozilla releases geolocating WiFi sniffer for Android

Mozilla has released a new app, Stumbler, that “collects GPS data for our location service” by detecting WiFi access points and mobile phone cells towers, then “uses these wireless network locations to provide geolocation services for Firefox OS devices and other open source projects.” That sort of data collection has, of course …
Simon Sharwood, 30 Oct 2014

DRUPAL-OPCALYPSE! Devs say best assume your CMS is owned

Drupal websites that had not patched seven hours after the disclosure on a "highly critical" SQL injection (SQLi) hole disclosed on 15 October are essentially hosed, the content management tool's developers say. Attacks against the vulnerability (CVE-2014-3704) in version seven of the content management system began "hours" …
Darren Pauli, 30 Oct 2014