Iain Thomson

Contact Mail Follow Twitter RSS feed
Charlie Miller and Chris Valasek

Car hacking's dynamic duo offers to save others $1m in research

Two famed car hackers claim they can save fellow tinkerers and security researchers a lot of time and money – by handing over their tools and blueprints for free. The pair boast the gear is worth over a million bucks. Charlie Miller and Chris Valasek were both hackers of renown before they started working together to see if …
Iain Thomson, 25 Apr 2017
panic

Webroot antivirus goes bananas, starts trashing Windows system files

Webroot's security tools went berserk today, mislabeling key Microsoft Windows system files as malicious and temporarily removing them – knackering countless PCs in the process. Not only were people's individual copies of the antivirus suite going haywire, but also business editions and installations run by managed service …
Iain Thomson, 25 Apr 2017
tears

We're 'heartbroken' we got caught selling your email records to Uber, says Unroll.me boss

Jojo Hedaya, the CEO of email summarizer Unroll.me, has apologized to his users for not telling them clearly enough that they are the product, not his website. Unroll.me is owned by analytics outfit Slice Intelligence, and the site began life in 2011 with a fairly useful function. Its software crawls through your email inbox, …
Iain Thomson, 24 Apr 2017
china hacking

China 'hacked' South Korea to wreck Star Wars missile shield

Well-connected security biz FireEye is claiming Chinese hackers are trying to break into South Korea's military to halt the deployment of an anti-ballistic weapons system in the country. In an interview with the Wall Street Journal, FireEye's director of cyber-espionage analysis John Hultquist said his organization – which is …
Iain Thomson, 21 Apr 2017
schoolkids

Base specs leak for Windows 10 Cloud – Microsoft's wannabe ChromeOS assassin

The base tech specs for Microsoft's Windows 10 Cloud laptops have leaked out ahead of a rumored launch next month, giving you an idea of their target market. Clue: Google-powered Chromebooks in education. Windows 10 Cloud will be a cutdown version of Redmond's latest operating system, and is designed to be run on cheap kit. …
Iain Thomson, 21 Apr 2017

Script kiddies pwn 1000s of Windows boxes using leaked NSA hack tools

The NSA's Equation Group hacking tools, leaked last Friday by the Shadow Brokers, have now been used to infect thousands of Windows machines worldwide, we're told. On Thursday, Dan Tentler, founder of security shop Phobos Group, told The Register he's seen rising numbers of boxes on the public internet showing signs they have …
Iain Thomson, 21 Apr 2017
elon musk

Tesla's latest car crash: Its 'meritless' lawsuit against ex-Autopilot bod

Less than three months after Tesla sued a former manager, claiming he'd stolen its blueprints and tried to poach staff, the flash automaker has settled out of court. In January the Elon Musk-led upstart filed a lawsuit against its former of Autopilot program boss, Sterling Anderson, after he quit to start up an autonomous …
Iain Thomson, 21 Apr 2017
Orion Hindawi

'We should have done better' – the feeble words of a CEO caught using real hospital IT in infosec product demos

The CEO of computer security biz Tanium has admitted his staff logged into hospital networks and accessed live IT systems during product demos with potential customers. Since 2014 Tanium sales executives have used healthcare systems at the El Camino Hospital in Mountain View, California, to demonstrate their endpoint …
Iain Thomson, 20 Apr 2017
headphones

SPY-tunes scandal: Bloke sues Bose after headphones app squeals on his playlist

A chap in Chicago is suing headphone maker Bose after discovering how much personal information its app was phoning home to base – this slurped data includes songs listened to, for how long, and when. The class-action lawsuit, filed Tuesday in the US district court of Illinois by a one Kyle Zak, claims the Bose Connect …
Iain Thomson, 20 Apr 2017
hotel

If you've stayed at a Holiday Inn you may have lost more than a good night's sleep (like maybe your bank card)

In February, Intercontinental Hotels Group alerted customers that some of its US locations had been infected with credit-card-stealing malware. Now it has admitted the cyber-outbreak is much worse than first thought. IHG, which owns brands like Holiday Inn and Crown Plaza, has warned that around 1,200 of its hotels across the …
Iain Thomson, 19 Apr 2017

PACK YOUR BAGS! Boffins spot Earth-size planet most likeliest yet to harbor alien life

Scientists have spotted a planet slightly larger than Earth orbiting a distant star that looks to be the best contender yet for hosting life as we know it. In a paper in the journal Nature, published today, the team lead by Jason Dittmann of the Harvard-Smithsonian Center for Astrophysics described LHS 1140, a rocky exoplanet …
Iain Thomson, 19 Apr 2017
Oracle acrobatics in the cloud

Oracle patches Solaris 10 hole exploited by NSA spyware tool – and 298 other security bugs

Oracle today emitted a huge batch of 299 security fixes for its software – including a patch for a vulnerability exploited by a leaked NSA tool that can hijack Solaris systems. Details of the massive April dump can be found here: Oracle describes the updates as "critical," and urges admins to install them "without delay." …
Iain Thomson, 19 Apr 2017
trump

Trump signs exec order signaling foreign H-1B visa techie crackdown

Updated President Trump today signed an executive order that may lead to an overhaul of the H-1B visa system used by US technology giants to draft in cheap foreigner workers. The exact text of the order has yet to be published on the White House website. So far, all we have are comments from administration officials and the commander …
Iain Thomson, 18 Apr 2017

NASA agent faces heat for 'degrading' moon rock sting during which grandmother wet herself

A NASA agent can be sued for allegedly subjecting a 74-year-old granny to a "degrading" two-hour interrogation over a sliver of moon rock. That's according to the US Court of Appeals for the Ninth Circuit in San Francisco, which late last week ruled space agency investigator Norman Conley is not, at least in this case, immune …
Iain Thomson, 18 Apr 2017
Bob Taylor

RIP Bob Taylor: Internet, desktop PC pioneer powers down at 85

Obit Robert Taylor, who oversaw the creation of the internet's precursor ARPANET, the computer mouse and the first GUI-based personal computer, has died after a long illness. He was 85. For over 50 years, Bob Taylor was at the forefront of research into computing. He had a hand in many of the technologies we take for granted today …
Iain Thomson, 17 Apr 2017
closed

IDF now stands for Intel Ditches Frisco: Chipzilla axes annual tech conf

For the past 20 years, Intel has held its annual Intel Developer Forum in and around the San Francisco Bay Area. It is supposed to be a technical conference for system programmers, application writers and hardware engineers. Well, not no more it ain't: Chipzilla has scrapped the event for good. IDF 2017, due to take place in …
Iain Thomson, 17 Apr 2017
NSA

Leaked NSA point-and-pwn hack tools menace Win2k to Windows 8

Updated The Shadow Brokers have leaked more hacking tools stolen from the NSA's Equation Group – this time four-year-old exploits that attempt to hijack venerable Windows systems, from Windows 2000 up to Server 2012 and Windows 7 and 8. The toolkit puts into anyone's hands – from moronic script kiddies to hardened crims – highly …
Iain Thomson, 14 Apr 2017

Sysadmin 'trashed old bosses' Oracle database with ticking logic bomb'

A systems administrator is being sued by his ex-employer, which has accused the IT bod of planting a ticking time-bomb on company's servers to wipe crucial data. Nimesh Patel, of Shrewsbury, Massachusetts, is alleged to have broken the Computer Fraud and Abuse Act, trespassed, and committed conversion – that's legal jargon for …
Iain Thomson, 14 Apr 2017
patch

Linux remote root bug menace: Make sure your servers, PCs, gizmos, Android kit are patched

A Linux kernel flaw that potentially allows miscreants to remotely control vulnerable servers, desktops, IoT gear, Android handhelds, and more, has been quietly patched. The programming blunder – CVE-2016-10229 – exposes machines and gizmos to attacks via UDP network traffic: any software receiving data using the system call …
Iain Thomson, 14 Apr 2017
MOAB

US military makes first drop of Mother-of-All-Bombs on Daesh-bags

Video For the first time, the US has used its largest non-nuclear explosive, the GBU-43/B Massive Ordnance Air Blast bomb (also known as the Mother Of All Bombs) in Afghanistan. The MOAB is a 10.5-ton bomb containing 18,700 pounds (8,482 kilograms) of high explosive. It was used against a cave and tunnel complex in use by the …
Iain Thomson, 13 Apr 2017
voting

India to world+dog: Go ahead, please hack our elections ... if you can

Following demands for an investigation into the security of India's electronic voting machines, the country's election watchdog has invited all comers to hack its e-ballot boxes. A kerfuffle over the machines kicked off after a round of recent elections: some in the Indian parliament claimed tallies were maliciously altered by …
Iain Thomson, 12 Apr 2017
Judith Garber

Trump's govt hiring freeze means there's no US Privacy Shield chief: We tracked down the woman filling in for now

Shortly after ascending to office, President Donald Trump triggered a hiring freeze across most branches of the US government. The resulting understaffing has been a bit of a pain for Americans – but may be a boon for Europe. The freeze left the States without an appointed ombudsman to oversee the negotiations for, and …
Iain Thomson, 12 Apr 2017
boffin

How's that for a remote login? NASA puts New Horizons probe to sleep 3.5 billion miles away

Pic NASA's New Horizons spacecraft – right now 3.5 billion miles (5.6 billion kilometres) from Earth – has been powered down by boffins as it heads out to the icy wastes of the Kuiper Belt. The probe, which was launched in 2006 and gave humanity its first close-up images of Pluto in July 2015, was sent shutdown commands on Friday …
Iain Thomson, 11 Apr 2017
trader

Software dev cuffed for 'nicking proprietary financial trading code'

FBI agents have collared a devops engineer accused of stealing rifling through colleagues' user accounts and stealing proprietary stock trading software. Since 2010, Zhengquan Zhang was employed by New York finance house KCG that makes billions of dollars in trades a day via sophisticated algorithmic trading models and trading …
Iain Thomson, 11 Apr 2017
policia

Spanish cops snatch suspected top spammer as US moves against Kelihos botnet

Police in Barcelona have arrested a man suspected of being one of the web's top spammers and the possible operator of a major botnet. Pyotr Levashov, 36, was arrested on Friday by Spanish police in a joint operation with the FBI. The local authorities told the AP that the arrest was part of an investigation into the Kelihos …
Iain Thomson, 11 Apr 2017

Biting the hand that feeds IT © 1998–2017