Iain Thomson

Contact Mail Follow Twitter RSS feed
manager

Bank IT fella accused of masterminding multimillion-dollar insider-trading scam

A banking IT expert orchestrated an insider-trading caper that raked in millions of dollars for him and his pals, it was claimed on Wednesday. Between August 2013 and April 2017, Daniel Rivas, 32, worked for an unnamed New York bank in its capital markets technology division. He was hired as a consultant for a new banking …
Iain Thomson, 17 Aug 2017
ship

NotPetya ransomware attack cost us $300m – shipping giant Maersk

The world's largest container shipping biz has revealed the losses it suffered after getting hit by the NotPetya ransomware outbreak, and the results aren't pretty. The malware surfaced in Ukraine in June after being spread by a malicious update to MeDoc, the country's most popular accounting software. Maersk picked up an …
Iain Thomson, 16 Aug 2017
cop

Disgraced US Secret Service agent coughs to second Bitcoin heist

An ex-Secret Service agent who stole Bitcoins from the Silk Road dark web drugs bazaar he was supposed to be investigating has admitted stealing even more sacks of the digital currency. Shaun Bridges, who is already serving a six-year sentence for nicking Bitcoins from the underground souk, pleaded guilty on Tuesday to …
Iain Thomson, 16 Aug 2017
sorn

Strip club selfie bloke's accidental discharge gets him 6 years in clink

A Florida man has been sent to prison for six years and five months after he shot up a strip club toilet while taking a selfie. In December, patrons of Club Lust in St Petersburg, in America's Sunshine State, were startled to hear the sound of gunfire in the men's bathroom. A .40 caliber round shattered one of the mirrors in …
Iain Thomson, 16 Aug 2017
hacker

Creepy backdoor found in NetSarang server management software

Researchers at Kaspersky Lab have found a well-hidden backdoor in NetSang's server management software. The secret access route, dubbed Shadowpad by its discoverers, lurks in the nssock2.dll library within NetSarang's Xmanager and Xshell software suites. It pings out every eight hours to a command-and-control server with the …
Iain Thomson, 15 Aug 2017

Uber to bend over, take privacy probe every two years for next 20 years

Uber and America's trade watchdog have reached a settlement following claims the taxi app maker lied about the extent to which its staff can mine customers' personal info for fun. The Federal Trade Commission's formal complaint [PDF] against the troubled San Francisco biz slammed the upstart's God View – a program that …
Iain Thomson, 15 Aug 2017

US military spies: We'll capture enemy malware, tweak it, lob it right back at our adversaries

The US Defense Intelligence Agency has vowed to capture enemy malware, study and customize it, and then turn the software nasties on their creators. Speaking at the US Department of Defense Intelligence Information Systems (DoDIIS) conference in Missouri on Monday, the head of the agency Lieutenant General Vincent Stewart told …
Iain Thomson, 15 Aug 2017
China internet

Internet addict sent to an anti-addiction boot camp is no longer an addict. Because he's dead

Staff at one of China's internet addiction clinics have been arrested after a teenager sent there for rehabilitation was found dead after 48 hours. The 18-year-old was sent to the camp at the turn of the month by his parents who were in despair at the amount of time he was spending online. The center in in Fuyang city claims …
Iain Thomson, 14 Aug 2017

Chap behind Godwin's law suspends his own rule for Charlottesville fascists: 'By all means, compare them to Nazis'

Mike Godwin, creator of Godwin's law, has rescinded his own rule for those outraged by vile fascists marching the streets of Virginia, USA, at the weekend. In other words, it's OK to call these un-American white supremacists exactly what they are: "By all means, compare these shitheads to Nazis. Again and again. I'm with you …
Iain Thomson, 14 Aug 2017
goldfish

Trapped under ice with no oxygen for months, goldfish turn to booze. And can you blame 'em?

Scientists have discovered how goldfish and their wild ilk survive months of winter in frozen-over lakes of oxygen-free water. The answer is alcohol – the cause of, and solution to, all of life's problems. There aren't many vertebrates that can survive without oxygen. However, goldfish, and their wild relatives, the crucian …
Iain Thomson, 12 Aug 2017
lock

Firmware update blunder bricks hundreds of home 'smart' locks

Hardware biz Lockstate has managed to brick hundreds of internet-connected so-called smart locks on people's front doors with a bad firmware update. The upshot is you can't use the builtin keypad on the devices to unlock the door. Lockstate's smart locks are popular among Airbnb hosts as it allows them to give guests an entry …
Iain Thomson, 11 Aug 2017

Infosec eggheads rig USB desk lamp to leak passwords via Bluetooth

Malicious USB gadgets can secretly spy on data flowing in and out of devices plugged into adjacent USB ports, security researchers in Australia have warned. For example, keypresses from a USB keyboard could be read by a specially modified thumb drive placed in the next-door port. The spy stick can pick up electrical signals …
Iain Thomson, 11 Aug 2017
Money explosion photo via Shutterstock

Schoolboy bags $10,000 reward from Google with easy HTTP Host bypass

A teenager in Uruguay has scored big after finding and reporting a bug in Google's App Engine to view confidential internal Google documents. While bored in July, high schooler Ezequiel Pereira, who has all the makings of a competent security researcher, used Burp to manipulate the Host header in web connections to Google's …
Iain Thomson, 10 Aug 2017
asteroid

Cancel the farewell party. Get back to work. That asteroid isn't going to hit Earth in October

The European Space Agency has confirmed there is no danger of asteroid 2012 TC4 hitting Earth in October, despite what some panicky YouTube videos might tell you. The rock was spotted five years ago when it whizzed past Earth, missing us by 94,800 kilometres (58,900 miles). Last month NASA eggheads reckoned the asteroid may …
Iain Thomson, 10 Aug 2017
data leakage

Carbon Black denies its IT security guard system oozes customer secrets

Security firms are, understandably, quite sensitive about claims that their products are insecure, so accusations of this sort tend to cause a kerfuffle. On Wednesday, security consultancy DirectDefense published a blog post alleging endpoint security vendor Carbon Black's Cb Response protection software would, once installed …
Iain Thomson, 10 Aug 2017

70% of Windows 10 users are totally happy with our big telemetry slurp, beams Microsoft

Microsoft claims seven out of ten Windows 10 users are happy with Redmond gulping loads of telemetry from their computers – which isn't that astounding when you realize it's a default option. In other words, 30 per cent of people have found the switch to turn it off, and the rest haven't, don't realize it's there, or are …
Iain Thomson, 09 Aug 2017
sextortion

FBI's spyware-laden video claims another scalp: Alleged sextortionist charged

The FBI’s preferred tool for unmasking Tor users has brought about another arrest: a suspected sextortionist who allegedly tricked young girls into sharing nude pics of themselves and then blackmailed his victims. As we learned from previous investigations, the Feds have a network investigative technique (NIT) up their sleeve …
Iain Thomson, 09 Aug 2017
justice

Marcus Hutchins free for now as infosec world rallies around suspected banking malware dev

British security researcher Marcus Hutchins was released on Monday from a Nevada jail after posting bail. He is now on his way to Milwaukee to face charges of selling malware online. Hutchins, 23, who shot to fame after finding a way to kill off the WannaCry ransomware outbreak that crippled parts of Britain's National Health …
Iain Thomson, 08 Aug 2017
FAST

China can't find anyone smart enough to run its whizzbang $180m 1,640ft radio telescope

There aren't many astronomy jobs that pay very well – but the Chinese authorities are offering just that for the director of scientific operation for its new Five-hundred-metre Aperture Spherical Telescope. At 500m (1,640ft) across, FAST became the world's largest filled-aperture radio telescope when construction finished last …
Iain Thomson, 08 Aug 2017

Engineer gets 18 months in the clink for looting ex-bosses' FTP server

An engineer has been jailed for 18 months after admitting to stealing blueprints from his former employer's FTP server. Jason Needham, 45, of Arlington, Tennessee, USA, worked at engineering firm Allen & Hoshall until 2013, when he left to set up his own consultancy, HNA. But in the two years following his departure he hacked …
Iain Thomson, 08 Aug 2017
power outage

Hackers could exploit solar power equipment flaws to cripple green grids, claims researcher

A Dutch researcher says he found a way to cause mischief on power grids by exploiting software bugs in solar power systems. Specifically, Willem Westerhof, a cybersecurity researcher at ITsec, said he uncovered worrying flaws within power inverters – the electrical gear turns direct current from solar panels into alternating …
Iain Thomson, 07 Aug 2017

WannaCry-killer Marcus Hutchins denies Feds' malware claims

Marcus Hutchins, the WannaCry ransomware killer and now suspected malware developer, was told by a Las Vegas court on Friday he can be released on bail. He also denied any wrongdoing. The British citizen was sensationally arrested and taken into custody on Wednesday by the FBI. The agents swooped as he was about to board a …
Iain Thomson, 04 Aug 2017
magnifying

Mid-flight jumbo font smartphone text shock sparks kid abuse arrests

Two people have been charged with child molestation after their texts allegedly discussing sexually abusing kids were spotted and reported by a preschool teacher. Who was sitting behind one of them. On an airplane. And the messages were in a huge font. The unnamed hero was on a Southwest Airlines flight from Seattle, …
Iain Thomson, 04 Aug 2017

Forget sexy zero-days. Siemens medical scanners can be pwned by two-year-old-days

Hackers can exploit trivial flaws in network-connected Siemens' medical scanners to run arbitrary malicious code on the equipment. These remotely accessible vulnerabilities lurk in all of Siemens' positron emission tomography and computed tomography (PET-CT) scanners running Microsoft Windows 7. These are the molecular imaging …
Iain Thomson, 04 Aug 2017
Bear

Russian admits being Ebury botnet herder, now jailed for 46 months

A Russian man has been imprisoned for 46 months after admitting to using the Ebury malware to create a massive botnet for fun and profit. Maxim Senakh, 41, of Veliky Novgorod in Russia, was sentenced in Minnesota after pleading guilty to conspiracy to commit wire fraud and violating the Computer Fraud and Abuse Act. He was …
Iain Thomson, 03 Aug 2017

Biting the hand that feeds IT © 1998–2017