Iain Thomson

Contact Mail Follow Twitter RSS feed

America throws down gauntlet: Accept extra security checks or don't carry laptops on flights

Folks flying into America must endure extra security checks if they want to bring their laptops into airplane cabins. In a press conference on Wednesday, US Homeland Security boss John Kelly announced the introduction of: Enhanced screening of passengers and their electronic devices. Increased security protocols around …
Iain Thomson, 28 Jun 2017
Police search

Kaspersky Lab US staff grilled by Feds in nighttime swoop

Several employees of Russian security vendor Kaspersky Lab got an unpleasant surprise on Tuesday night when FBI agents popped round to their residences for a chat. Staff in the US were visited and agents reportedly told them that they weren't under criminal investigation, but that the Feds would just like some information …
Iain Thomson, 28 Jun 2017
TNT

Virus (cough, cough, Petya) goes postal at FedEx, shares halted

FedEx has suspended trading of its shares on the New York stock exchange after admitting that its subsidiary TNT Express has been hit by "an information system virus." The big package giant said no information had been stolen by the cyber-nasty and only some offices of TNT Express appear to have been disrupted. After yesterday …
Iain Thomson, 28 Jun 2017

Everything you need to know about the Petya, er, NotPetya nasty trashing PCs worldwide

Analysis It is now increasingly clear that the global outbreak of a file-scrambling software nasty targeting Microsoft Windows PCs was designed not to line the pockets of criminals, but spread merry mayhem. The malware, dubbed NotPetya because it masquerades as the Petya ransomware, exploded across the world on Tuesday, taking out …
Iain Thomson, 28 Jun 2017
security

Microsoft: We'll beef up security in Windows 10 Creators Edition Fall Update

The next big update to Windows 10 Creators Edition is out in the Fall – and Redmond is hyping up its security chops. For a start, we're told Windows Defender will be extended from client to Microsoft's server operating systems. In addition, Redmond is adding Windows Defender Exploit Guard and Application Guard to the security …
Iain Thomson, 27 Jun 2017
drunk

US engineer in the clink for wrecking ex-bosses' smart meter radio masts with Pink Floyd lyrics

Fueled by beer and bitterness, a US techie logged into his ex-employer's radio towers to sabotage them – and is now behind bars as a result. Adam Flanagan, 42, of Bala Cynwyd, Pennsylvania, worked as an engineer for a company that built radio masts used by utility companies to collect power and water usage data from home …
Iain Thomson, 26 Jun 2017
Panic

Tremble in fear, America, as Daesh-bags scrawl cyber-graffiti on .gov webpages no one visits

A crew of useful idiots called Team System Dz defaced US government and business websites over the weekend in the name of medieval terror bastards Daesh (aka the Islamic State). Sites that fell to the gang include .gov webpages in Ohio, such as the pages for governor John Kasich and his wife, and the Ohio Department of …
Iain Thomson, 26 Jun 2017

Tech giants flash Russia their code blueprints in exchange for access

Cisco, IBM, HP, McAfee and SAP are among plenty of western technology companies that have been showing their source code to Russian authorities in exchange for the right to sell their products in the country. Documents seen by Reuters state that in the past three years, the Russian FSB (what used to be called the KGB) and its …
Iain Thomson, 24 Jun 2017
sniffer

AES-256 keys sniffed in seconds using €200 of kit a few inches away

Side-channel attacks that monitor a computer's electromagnetic output to snaffle passwords are nothing new. They usually require direct access to the target system and a lot of expensive machinery – but no longer. Researchers at Fox‑IT have managed to wirelessly extract secret AES-256 encryption keys from a distance of one …
Iain Thomson, 23 Jun 2017
peeking

Not Apr 1: Google stops scanning your Gmail to sling targeted ads at you

Google has said it will no longer scan the content of Gmail messages to sell targeted adverts to users of the free service. The Chocolate Factory made the announcement in a blog post on Friday touting the success of its G Suite, the cloud apps service for business. G Suite is ad-free and doesn't scan content – for the obvious …
Iain Thomson, 23 Jun 2017
windows10

Latest Windows 10 Insider build pulls the trigger on crappy SMB1

Microsoft has released the newest build of Windows 10 Insider, version 16226, to developers on its fast-track release list. Build 16226 for Home and Professional editions strips out the SMB1 server software exploited by the NSA, and later by the authors of the WannaCry malware. The client SMB1 remains, so that users can …
Iain Thomson, 22 Jun 2017
kangaroo

WikiLeaks doc dump reveals CIA tools for infecting air-gapped PCs

WikiLeaks has published online more top-secret documents it has obtained from the CIA describing the agency's hacking tools. This time the dossier details software codenamed Brutal Kangaroo that agents can use to infect targets' air-gapped computers with malware. The documents, originally written on May 11, 2015 and revised on …
Iain Thomson, 22 Jun 2017
Donald Trump thumbs up photo via Shutterstock

Lordy! Trump admits there are no tapes of his chats with Comey

President Trump has, in a tweet-burst today, backtracked on his earlier menacing claim that he may have secretly recorded his meetings with then-FBI boss James Comey. ...whether there are "tapes" or recordings of my conversations with James Comey, but I did not make, and do not have, any such recordings. — Donald J. Trump (@ …
Iain Thomson, 22 Jun 2017
Putin

Homeland Security: Putin’s hackers tried to crack electoral networks in 21 US states

Russian attempts to hack key American election systems are more advanced than first thought, according to Homeland Security officials on Wednesday. In a public hearing into election hacking held by the US Senate Intelligence Committee, the Department of Homeland Security's acting director of the cyber division, Dr Samuel Liles …
Iain Thomson, 22 Jun 2017
cheating

OnePlus accused of installing cheat codes for benchmarks with new handset

On Tuesday OnePlus launched its latest smartphone with much hoopla, and the handset has already found notoriety. The Middle Kingdom manufacturer sent out review units to a few publications before the launch (El Reg isn't on their lovey list) and coder blog XDA Developers analyzed a unit. According to its research, the new …
Iain Thomson, 21 Jun 2017
win10

Microsoft admits to disabling third-party antivirus code if Win 10 doesn't like it

Windows 10 does disable some third-party security software, Microsoft has admitted, but because of compatibility – not competitive – issues. Redmond is currently being investigated in the EU, Germany and Russia over alleged anti-competitive behavior because it bundles the Windows Defender security suite into its latest …
Iain Thomson, 20 Jun 2017

Stack Clash flaws blow local root holes in loads of top Linux programs

Powerful programs run daily by users of Linux and other flavors of Unix are riddled with holes that can be exploited by logged-in miscreants to gain root privileges, researchers at Qualys have warned. Essentially, it's possible to pull off a "Stack Clash" attack in various tools and applications to hijack the whole system, a …
Iain Thomson, 20 Jun 2017
VR

Varjo promises Oculus-killing VR/AR, but is it the next Magic Leap?

A Finnish startup reckons it has stolen the march on Oculus and other mixed reality forms with a headset capable of both virtual and augmented reality and with a resolution that's on a par with the human eye. Dubbed Varjo Technologies, the Finnish startup has just 19 employees – including many ex-Nokia folks – and a smidgen of …
Iain Thomson, 19 Jun 2017
voting

Worried about election hacking? There's a technology fix – Helios

Election hacking is much in the news of late and there are fears that the Russians/rogue lefties/Bavarian illuminati et al are capable of falsifying results. For example, voters in the state of Georgia's sixth district are going to the polls on Tuesday for a close-fought election, and serious doubts have been raised about the …
Iain Thomson, 16 Jun 2017
Keeping a secret photo via Shutterstock

FOIA documents show the Kafkaesque state of US mass surveillance

A mystery technology biz tried to fight off demands from the US government that it hand over people's communications flowing through its systems. The unnamed company refused to obey the surveillance order, and was also denied the ability to even review the outcomes of any previous challenges to help form its case. That's …
Iain Thomson, 16 Jun 2017
cherry blossom

WikiLeaks emits CIA's Wi-Fi pwnage tool docs

Hundreds of commercial Wi-Fi routers are, or were, easily hackable by the CIA, according to classified files published today by WikiLeaks. The confidential US government documents describe the Cherry Blossom project, which is the framework by which CIA operatives can subvert wireless routers; install software that harvests …
Iain Thomson, 15 Jun 2017
Death

BAE accused of flogging mass-spying toolkits to assh*le autocrats

A year-long investigation has uncovered evidence that British armaments conglomerate BAE Systems has been selling internet surveillance equipment to Middle Eastern regimes with questionable human rights records. BAE has its fingers in many pies, including the online sphere, and in 2011 it bought Danish firm ETI and added it to …
Iain Thomson, 15 Jun 2017
scam

Soldiers bust massive click-farm that used 500k SIM cards, 100s of mobes to big up web tat

A massive click-fraud farm has been raided in Thailand by police and army troops, who seized nearly half a million SIM cards and hundreds of iPhones used to promote products online. The raid on two rented houses in Ban Mai Nong Sai in the Aranyaprathet District led to the arrest of three Chinese suspects: Wang Dong, 33, Niu …
Iain Thomson, 14 Jun 2017

Crouching cyber, Hidden Cobra: Crack North Korean hack team ready to strike, says US-CERT

The Norks are coming and it won't be fun, according to a new bulletin from the United States Computer Emergency Readiness Team (US-CERT). The advisory warns that a North Korean hacking team, dubbed Hidden Cobra, is actively targeting media, aerospace, financial, and critical infrastructure sectors in the US and around the …
Iain Thomson, 14 Jun 2017

Ta-ta, security: Bungling Tata devs leaked banks' code on public GitHub repo, says IT bloke

Staff at Indian outsourcing biz Tata Consultancy Service uploaded a huge trove of financial institutions' source code and internal documents to a public GitHub repository, an IT expert has claimed. Jason Coulls, CTO of food safety testing company Tellspec and a former banking software developer, said he stumbled upon the …
Iain Thomson, 12 Jun 2017

Biting the hand that feeds IT © 1998–2017