Iain Thomson

RoundupHere's a summary of recent infosec news beyond what we've already covered – earlier than usual because some of us have Thanksgiving to get through in the US. By the way, watch out for hackers taking advantage of IT teams suffering turkey comas. Fortinet fsck up: Some Fortinet networking equipment was caught sending customers' …

VideoAt a pseudo-rave slash launch party in Los Angeles on Wednesday night, Motorola revealed the 2019 Razr, an update on a flip phone that wowed people 15 years ago. Today, perhaps... not so much. Back in the old days, the Razr was the consummate flip phone – a well-engineered piece of kit that took design cues from the StarTAC …

Two men have confessed they siphoned confidential information from databases hosted in the Amazon cloud, and then demanded payment to delete their copies of the data. Brandon Charles Glover, 26, of Winter Springs, Florida, America, and Vasile Mereacre, 23, of Toronto, Canada, each pleaded guilty to one charge of conspiracy to …

Security flaws have been found in the European Union's electronic identity system that could have been exploited by miscreants to impersonate member states' citizens online. The programming blunders were buried in the five-year-old eIDAS – that's electronic IDentification, Authentication and trust Services – that was designed …

The US military’s controversial JEDI cloud contract has seen another strange twist: the US Secretary of Defense has stepped back from the project as it emerged his son works for one of the bidders for the $10bn winner-takes-all deal. Secretary Mark Esper made the announcement on Tuesday, saying that he would not have any input …

ExclusiveThe technology behind the Catholic Church’s latest innovation, an electronic rosary, is so insecure, it can be trivially hacked to siphon off worshipers' personal information. The eRosary, which went on sale this week at just $109 (£85) a pop, consists of ten metallic beads, and a metal cross that’s Bluetooth enabled, has …

Pitney Bowes, the US stamping meter maker, has been infected with ransomware, leaving customers unable to top-up their equipment with credit nor access the corporate web store. “At this time, the company has seen no evidence that customer or employee data has been improperly accessed,” it said in a statement today. “Our …

NASA has confirmed its Europa Clipper spacecraft will head off to the Jovian moon in search of signs of life and a landing zone for future exploration. Europa has fascinated astroboffins since it was discovered that the moon has an ocean albeit one under a thick layer of ice. The water, it turns out, is heated, and kept liquid …

DEF CONDespite some progress, the US is still massively underprepared for a serious cyber attack and the current administration isn't helping matters, according to politicians visiting the DEF CON hacking conference. In an opening keynote, representatives Ted Lieu (D-CA) and James Langevin (D-IL) were joined by hackers Cris Thomas, …

DEF CONFor the first time, Vegas's annual DEF CON hacking conference has an "aviation hacking village", and the US military is scouting around there for a few good hackers to find bugs that its own hackers have missed. "We've got some great hackers on our team and we're proud of them," Dr Will Roper, assistant secretary of the Air …

Black HatDeepfakes, the AI-generated talking heads that can say whatever their creator wants them to, are getting harder to detect. But boffins have enlisted an unlikely ally in the quest for truth – mice. In a presentation at the Black Hat security conference in Las Vegas, data scientists examined various ways to identify deepfake …

Black HatWhen Europe introduced the General Data Protection Regulation (GDPR) it was supposed to be a major step forward in data safety, but sloppy implementation and a little social engineering can make it heaven for identity thieves. In a presentation at the Black Hat security conference in Las Vegas James Pavur, a PhD student at …

Black HatWhile various high-tech solutions to secure electronic voting systems are being touted this week to election officials across the United States, according to infosec guru Bruce Schneier there is only one tried-and-tested approach that should be considered: pen and paper. It's the only way to be sure hackers and spies haven't …

Black HatA Black Hat presentation on how to potentially hijack a 787 – by exploiting bugs found in internal code left lying around on a public-facing server – was last night slammed as "irresponsible and misleading" by Boeing. At the hacking conference in Las Vegas on Wednesday, Ruben Santamarta, principal security consultant at pen- …

Black HatAmerica's crime-fighters, desperate to recruit white-hat hackers to collar spies and cyber-crooks, are quietly and slightly relaxing the ban on hiring anyone who has used illegal drugs. Generally speaking, dabbling in any kind of substance abuse will rule you out of the running for a job at the NSA, Homeland Security, the FBI …

Black HatBlack Hat founder Jeff Moss opened this year's shindig in Las Vegas with tales of quite how odd the hacking culture in China is. You see, Moss also founded the DEF CON conference series, and has started running DEF CON events for nerds in China – which makes sense given the sizable reservoir of infosec and computer science …

Black HatIBM's X-Force hacking team have come up with an interesting variation on wardriving – you know, when you cruise a neighborhood scouting for Wi-Fi networks. Well, why not try using the postal service instead, and called it "warshipping," Big Blue's eggheads suggested earlier today. To demonstrate this approach, the X-Force team …

Bsides LVA satellite-killing debris field encircling the Earth isn't coming any time soon, but hackers working from Earth could help severely damage the planet's orbital traffic. Satellite systems specialist Elizabeth Wilson presented research to the Bsides hacking conference in Las Vegas showing that our machinery in orbit – and the …

BSides LVIn one of the most disturbing talks in all 10 years of Bsides Las Vegas, neuroscientists have warned that not only is hacking the brain possible right now, but it's also a lot easier than you may think. Two boffins from Laboratory for Autonomy-Brain Exchange (LabX) have been working on brain/machine interfaces. The technology …

BSides LVLife’s tough as a malware developer. If the cops or Feds don't collar you, your fellow scumbags will screw you over – or perhaps both will happen. In a presentation at the Bsides Las Vegas hacking conference today, Winnona DeSombre, an analyst at threat-intelligence biz Recorded Future, detailed a year-long probe into dark and …

After last week's revelations that a hacker stole the personal details of 106 million Capital One credit card applicants from its Amazon-hosted cloud storage, a US Senator has demanded Amazon CEO Jeff Bezos explain what exactly what went wrong. The sensitive information was siphoned from Capital One's Amazon Web Services S3 …

An FBI contractor has pleaded not guilty to charges that he installed a camera under a coworker's desk to satisfy his "voyeur" fetish. Joshua Green was working as a contractor in the J Edgar Hoover building – aka the FBI headquarters in Washington DC – last month. On July 26, one of his colleagues, who had just returned to …

Black HatIt's that time of year again and the world's white, grey and the occasional black-hat hackers descends into the fetid hell that is Las Vegas in August for a week of conferences, community conflabs and catching up with old friends. What started as a bunch of friends hanging out in a cheap hotel has grown into the largest …

Black HatIf you're heading off the Black Hat and DEF CON security conferences in Las Vegas, USA, this week, be prepared to have your hotel room searched if - for any reason - you shoo maid service away and stop staff from cleaning your room. Most hotels in the city enforce mandatory checks within their rooms following the October 1, …

Pics and videoA British firm thinks it has found the answer to an age-old problem – how to decide which boozed-up revellers should get served at the bar first. It works like this. A webcam constantly scans the crowd of eager punters wanting to get a drink and sorts them out in the order in which it first spotted them. They are assigned a …