Security > More stories

Poison résumé attack gives ransomware a gig on the desktop

Security researchers are focussing their crosshairs on what appears to be high-volume spam and exploit campaigns to deliver the latest iteration of the Cryptowall ransomware. Boffins from the SANS Institute, Cisco, and MalwareBytes have identified a dangerous if goofy spam campaign slinging the nasty ransomware masquerading as …
Darren Pauli, 12 Jun 2015

Europol operation crushes phiendish global phishing ring

Police have arrested 49 men from Spain, Nigeria, and Cameroon in connection with electronic bank account raids that plundered some €6 million across Europe. The men were arrested as part of Operation Triangle, an effort involving police from Spain, Italy, and Poland together with authorities in Belgium, the UK, and Georgia. …
Darren Pauli, 12 Jun 2015

It's 2015 and Microsoft has figured out anything can break Windows

Microsoft head software engineer Lee Holmes says Windows 10 applications will now be able to plug into installed anti-virus platforms to better combat malicious scripts. Holmes says the Windows 10 Antimalware Scan Interface (AMSI) will allow apps and services to use anti-virus to find badness operating in memory. He says most …
Darren Pauli, 12 Jun 2015
Ask toolbar

Vintage Ask toolbar is malware – and we'll kill Jeeves, says Microsoft

Older versions of the Ask toolbar, the bane of many a computer user over the years, has been declared persona non grata by Microsoft, and Redmond says its security software will now kill it on sight. In a June 11 update to its Malware Protection Center site, Microsoft states that older versions of the toolbar, which set itself …
Iain Thomson, 12 Jun 2015

Google wants you to buy Nest CCTV, turn your home into a Brillo pad

Pic Google is expanding its smart-home tech offerings with a networked security camera that could be the first hardware to run its cutdown Android OS, Brillo. The search giant's Nest arm – famous for its smart thermostat – will unveil a new version of the wireless camera Dropcam called the Nest Cam next week. The new camera will …
Kieren McCarthy, 12 Jun 2015
USS Enterprise in Task Force One

US Navy wants 0-day intelligence to develop weaponware

In the Navy, the Village People sang, you can sail the seven seas and live a life of ease. And now you can also work with third parties to identify and exploit 0-day flaws in common commercial software. That Naval job is revealed in a fascinating solicitation for a provider capable of reporting new flaws and developing …
Simon Sharwood, 12 Jun 2015
A Chinese laundry on the back streets of Shanghai

4 new twists that push the hacker attack on millions of US govt workers into WTF land

The data breach that recently hit the US government's Office of Personnel Management, in which personnel records for millions of federal workers were swiped, is worse than first feared, sources claim. According to new reports that emerged on Thursday, the attack was active for more than a year and the pilfered information …
Shaun Nichols, 12 Jun 2015

OpenSSL releases seven patches for seven vulns

Users are being urged to upgrade OpenSSL to prevent eavesdroppers listening to otherwise encrypted connections undermined through the LogJam vulnerability thought to be the NSA's crypto-cracking tool of choice. OpenSSL maintainers have patched seven vulnerabilities including the LogJam vulnerability (CVE-2015-4000) which allows …
Darren Pauli, 12 Jun 2015
Daniel Craig in Casino Royale

Decrypted WhatsApp chats laid groundwork for Belgian terror raids

The Belgian arrests of terror suspects on Monday were reportedly facilitated by decryption of WhatsApp user chats. WhatsApp cooperated with US intelligence agencies to decrypt user chats before raids against alleged members of an ethnic Chechen jihadist group based in Belgium, Bloomberg reports. Investigators said two people …
John Leyden, 11 Jun 2015
Eugene Kaspersky in Sydney

Duqu 2.0: 'Terminator' malware that pwned Kaspersky could have come from Israel

Eugene Kaspersky reckons hacking into his firm's corporate network was a "silly" move by cyberspies, but independent experts are far from convinced. All seem agreed that the rare attack by a state against an leading information security firm is bad news for corporate security more generally, as it shows attacks are getting more …
GCHQ Benhall doughnut aerial view

Indie review of UK surveillance laws: As you were, GCHQ

The response to multiple threats faced by the UK “depends on entrusting public bodies with the powers they need to identify suspects”, said David Anderson QC, the Independent Reviewer of Terrorism Legislation, in his long-awaited review of the country’s anti-terrorism laws, while giving GCHQ no reason to stop mass-surveillance. …

Cops turn Download Festival into an ORWELLIAN SPY PARADISE

As if being ankle deep in a muddy field, surrounded by pretend hippies seemingly re-enacting highlights of the Battle of Waterloo was bad enough, attendees of the aptly named Download Festival will be subjected to a new police facial recognition system, and surveillance of their onsite location and expenditure via the debut of …

Mozilla doubles bug bounties to $10k

Mozilla has more than doubled the cash rewards under its dusty bug bounty to beyond $10,000. The browser baron has increased the reward for high-severity bugs such as those leading to remote code execution without requiring other vulnerabilities. Engineer Raymond Forbes says the bounty had not been updated in five years and had …
Darren Pauli, 11 Jun 2015

Super Stuxnet's SCADA slaves: security is atrocious

Botnet boffin Peter Kleissner says at least 153 computers are still slaves to Stuxnet. Of those, six are tied to supervisory control and data acquisition (SCADA) systems which the malware is designed to exploit to destroy the attached machinery. Kleissner told a presentation at an information security conference in Vienna last …
Darren Pauli, 11 Jun 2015
Don Draper is Sad

But ... but iOS 9 could BLOCK my Ad-Block, dev squeals

Apple appears to have added an ad-blocking capability to iOS 9, stoking hopes and fears in different quarters. The beta version of the operating system sports a Content Blocking Safari Extensions feature which Apple says will give extensions "a fast and efficient way to block cookies, images, resources, pop-ups, and other …
Darren Pauli, 11 Jun 2015
ISIS Islamists in Iraq

Russia's to blame for pro-ISIS megahack on French TV network

Russians may have posed as ISIS in a high-profile hack against a French TV channel, according to French investigators and security firms. France's TV5Monde TV network was knocked off air for around 18 hours in April in the aftermath of a hack attack that also resulted in the hijack of its website and Facebook page. The …
John Leyden, 10 Jun 2015

Kaspersky Lab reveals Duqu 2.0 attack ON ITSELF during Iran nuke talks

Kaspersky Lab has unearthed an attack on its corporate network which hit high profile victims in several Western, Middle East and Asian nations, including covert surveillance attempts during the ongoing Iranian nuclear talks. The Duqu 2.0 malware platform associated with the attacks was exploiting up to three zero-day …
John Leyden, 10 Jun 2015
steam_dota_character_648

Unable to log on to online games? Blame cheap-rate DDoSers

Running botnets-for-hire to mount DDoS attacks has become cheaper and easier than ever, according to a new research. Imperva Incapsula reckons botnet-for-hire services might be acquired for for as little $19.99 per month, via underground forums and payable in Bitcoins. Short, single-vector attacks associated with botnet-for-hire …
John Leyden, 10 Jun 2015
ganesha_648

Israeli firm gets legal on Indian techie over ISP ad injection spat

Update An Indian security blogger was hit with a gagging order by an Israeli firm after he linked its technology to a sneaky ad injection by his ISP. Thejesh GN, an activist and programmer, got into legal hot water after he alleged that Airtel 3G was injecting JavaScript and iFrames into mobile browsing sessions. This JavaScript …
John Leyden, 10 Jun 2015
ISO7816 Tattoo

Online identity woes can only be solved through the medium of GIF

The Global Identity Foundation aims to recruit vendors in its ambitious quest to develop a global digital identity ecosystem. GIF is seeking to develop a new, global solution for digital identities, with the not-for-profit organisation building on work from the Jericho Forum, including the Jericho Forum’s Identity, Entitlement …
John Leyden, 10 Jun 2015

Trustwave: Here's how to earn $84,000 A MONTH as a blackhat

Exploit kit traders and ransomware slingers are in one of the most profitable industries in the world, landing a whopping 1,425 percent profit margin for raiding legitimate trade. Figures from infosec firm Trustwave show the blackhats who are enjoying what appears to be a current boom can score outrageous amounts of money by …
Darren Pauli, 10 Jun 2015

Password-flogging phishing tool pwns EVERY iOS Mail app

Ernst and Young forensic bod Jan Soucek has created a tool capable of generating slick iCloud password phishing emails he says exploits an unpatched bug affecting millions of Apple users. The researcher created the iOS 8.3 Mail.app inject kit which exploits a bug in the operating system's native email client to produce a …
Darren Pauli, 10 Jun 2015
Bug

United Airlines accounts open to mass lock-outs

A simple brute-force attack is all that's needed to lock users out of their frequent flyer accounts. However, in spite fof the discovery, by Turrisio Cybersecurity security officer Yosi Dahan, being disclosed under the airline's bug bounty in March, the researcher is complaining that United isn't responding to him. Dahan says …
Darren Pauli, 10 Jun 2015
Skull image

Industrial Wi-Fi kit has hard-coded credentials

The travelling side-show of industrial control kit insecurity continues, with an outfit called Red Lion being called out for hard-coded credentials on a wireless access point. ICS-CERT has issued an advisory noting that the company's N-Tron 702.-W industrial wireless access point has hard-coded private keys for SSH and HTTPS …

Tech giants gang up on Obama over encryption key demands

A pair of technology industry pressure groups have sent a letter to President Obama asking his administration to back off demands that companies give government agencies the ability to decrypt all user data. In the letter [PDF], the Information Technology Industry Council (ITIC) and the Software and Information Industry …
Shaun Nichols, 10 Jun 2015

It's 2015 and hackers can hijack your Windows PC if you watch a web video

Microsoft has released the June edition of its Update (neé Patch) Tuesday security update dump. This month's bundle includes eight security bulletins, two rated "critical" and six rated "important." Users and administrators are advised to test (if necessary) and install the updates as soon as possible to prevent attacks. MS15- …
Shaun Nichols, 9 Jun 2015
Web browsers 2015

Microsoft: FINE, we'll help your web sessions be secure, SHEESH

Microsoft has updated both Internet Explorer and its new Edge web browser to make it easier for sites to encourage visitors to use secure HTTPS encryption. As part of this month's Patch Tuesday batch of security updates, the software giant has added support for HTTP Strict Transport Security (HSTS) to its browsers. Sites can use …

VMware hypervisor escape via serial port? VMware hypervisor escape via serial port.

VMware has advised of two security flaws that impact its desktop products. VMware's desktop hypervisors Workstation and Fusion, plus the Player app that runs pre-packaged virtual machines, all have “an input validation issue on an RPC command” that could allow a denial-of-service of the guest operating System (32-bit) or a …

Adobe to hire security auditor to prevent repeat of password SNAFU

Australia's privacy commissioner says basic mistakes at Adobe allowed hackers to ransack its customer database in 2013, and reveals that the company plans to appoint auditors to make sure it won't experience a repeat of the breach. Timothy Pilgrim, holder of the privacy commissioner's office, yesterday released a report [PDF] on …
Cloudy sky

Sophos buys cloudy email security outfit Reflexion Networks

Sophos has acquired cloud-based email security firm Reflexion Networks. Financial terms of the deal, announced on Tuesday, were undisclosed. Reflexion markets archiving, email encryption and business continuity services. Reflexion Total Control blocks spam and viruses before they ever get to the corporate network. Archiving, …
John Leyden, 9 Jun 2015

Freeparking hit by DDoS, vexed customers scream into abyss

Email and hosting biz Freeparking has run into yet more trouble after being hit by a DDoS attack today. One customer told us this morning: "I have several domains which rely on Freeparking's name servers. All of them have been unresolvable since around 8:50am." Another got in touch to say the site went down before 9am, saying …
Kat Hall, 9 Jun 2015
GCHQ is following you on Twitter, Faceboo, email...

NSA slapdown prompts Privacy Int'l to file new lawsuit against GCHQ

Privacy International has stepped up its battle against GCHQ, and yesterday filed an official legal challenge to the spy agency's mass snooping on net users. Emboldened by new restrictions to the similar programme run by America's National Security Agency (NSA), PI filed the complaint in the UK’s Investigatory Powers Tribunal. …
typewriter_wtf_648

Undetectable NSA-linked hybrid malware hits Intel Security radar

CTB Locker ransomware attacks rose 165 per cent in the first three months of 2015. More than a third (35 per cent) of victims were based in Europe, McAfee Labs reported. CTB Locker encrypts files and holds them hostage until the ransom is paid. As such, the crimeware is picking up the baton that dropped with the takedown of the …
John Leyden, 9 Jun 2015
Obama

Obama issues HTTPS-only order to US Federal sysadmins

Black Hat Barack has issued a Memorandum – an executive order in all but name, and an instrument the president has used more than any of his predecessors – to all Federal website sysadmins, informing them to deprecate HTTP and roll on with HTTPS. The HTTPS-Only Standard was proposed by the US' Chief Information Officer Tony …
Blackmail

Bitcoin blackmail gang start hurling DDoSes at Scandinavia

Bitcoin extortionists DD4BC have begun targeting Scandinavian companies with complex DDoS attacks. DD4BC is blackmailing targets by asking them to pay 40 bitcoins or more to avoid their central services being subject to DDoS attacks. Extortionate demands typically appear in emails around an hour after targets are blitzed off the …
John Leyden, 9 Jun 2015
Concorde. Pic: Dean Morley

Les unsporting gits! French spies BUGGED Concorde passengers

Infosec 2015 The Edward Snowden leaks might imply that electronic espionage is a relatively new innovation but an under-publicised story from the supersonic age bursts that myth, as well as highlighting the French as a major power in activities these days more closely associated with China and the US. Ed Wallace, director of incident …
John Leyden, 9 Jun 2015
Osborne 1, second version - DRAM detail

Is that a graphics driver on your shop's register – or a RAM-slurping bank card thief?

Crooks are infecting sales registers running Oracle-owned MICROS software with malware tailor-fitted to steal bank card information from the machines. MalumPoS scrapes sensitive data from the RAM inside the tills, which are used in places from shops and restaurants to hotels and bars. The software nasty can be easily modified to …
John Leyden, 9 Jun 2015

Use SDN to smash tier one 'oligarchy', hacker says

AusCERT IIX security bod David Jorm is urging users and organisations to adopt software-defined networking (SDN) to break up the 'tier one networking oligarchy'. The former Red Hat security bod said SDN establishes peer-to-peer interconnects without the expense and complexity of traditional models, using projects including OpenDaylight …
Darren Pauli, 9 Jun 2015

Cisco: Nice things you got there. Shame if anything should happen to them

If you doubted that the Internet of Things is a security problem, doubt no more, since Cisco kicked off its Cisco Live! US with John Chambers talking up the Borg's IoT security capabilities. There are announcements a-plenty, so The Register's networking desk is quite happy for Cisco's PR team to do its own talking. Instead, in …
Australia map and flag pwned theme

iiNet probes WestNet breach

Australian telco iiNet is investigating reports criminals are selling trying to flog online 30,000 customer records swiped from subsidiary Westnet. The breach was reported on Twitter after a security news tweeting service found a user attempting to sell what they said was Westnet's database on an unspecified website. At this …
Darren Pauli, 9 Jun 2015
Abbott and Costello dressed as policemen

Vic cops want 'potential radicals' off the Internet

Victoria Police reckon it's possible to spot “potential radicals”, and keep them safe from undesirable influences by cutting off their Internet connections. The pre-crime solution would also restrict freedom of movement and association, under laws proposed by the police that are apparently attractive to the relatively-new …
Syrian Electronic Army

Armchair cyber-army vandalizes Uncle Sam's Army.mil website

The elusive hacking group calling itself the Syrian Electronic Army (SEA) has claimed it is behind the defacement of US military websites on Monday. Among the messages injected into the US Army homepage was one stating, "Your commanders admit they are training the people they have sent you to die fighting." True to form, the …