Iain Thomson

Contact Mail Follow Twitter RSS feed

Guilty: The Romanian ransomware mastermind who infected Trump inauguration CCTV cams

A Romanian woman has admitted running a ransomware operation from infected Washington DC's CCTV systems just days before President Trump was sworn into office in the US capital. Eveline Cismaru, 28, pled guilty this week to one count of conspiracy to commit wire fraud, and one count of conspiracy to commit computer fraud, …
Iain Thomson, 21 Sep 2018
police in body armour doing a raid

Developer goes rogue, shoots four colleagues at ERP code maker

Cops have named the programmer who went on a gun rampage at WTS Paradigm – a US maker of enterprise resource planning software – this week. He shot four colleagues, leaving one in a critical condition. At around 10.20am on Wednesday, Anthony Tong, who had worked at the company in Middleton, Wisconsin, for little over a year, …
Iain Thomson, 20 Sep 2018
hacker

No, the Mirai botnet masters aren't going to jail. Why? 'Cos they help Feds nab cyber-crims

The three brains behind the Mirai malware, which infects and pressgangs Internet-of-Things devices into a botnet army, have avoided jail. In December, Paras Jha, 22, Josiah White, 21, and Dalton Norman, 22, pleaded guilty in the US to breaking the Computer Fraud and Abuse Act after developing and masterminding the Mirai …
Iain Thomson, 20 Sep 2018
Yusaku Maezawa

Revealed: The billionaire baron who’ll ride Elon’s thrusting erection to the Moon and back

Video SpaceX today named its first paying passenger it will fly around the Moon and back to Earth – and it's Japanese biz baron Yusaku Maezawa. Yeah, him. You know. Him. “SpaceX has signed the world’s first private passenger to fly around the Moon aboard our BFR launch vehicle — an important step toward enabling access for everyday …
Iain Thomson, 18 Sep 2018
florence

Florence and the Machines: Data centers brace as hurricane smashes into US coast

Hurricane Florence has now landed on US soil, bringing 100 MPH winds, torrential rain, and claiming at least four lives. Many residents have fled, though some can’t – because they are keeping the area’s data centers up and running during the carnage. The Carolinas, on America's east coast, are studded with data centers full of …
Iain Thomson, 14 Sep 2018
NASA

Space station springs a leak while astronauts are asleep (but don't panic)

NASA ground controllers received some disturbing readings from the International Space Station on Wednesday - air pressure inside the craft was falling. That’s not a good sign when you're 220 miles up in space. The ISS crew were asleep at the time, but ground control opted not to mention it to them, since the pressure drop …
Iain Thomson, 30 Aug 2018
farris

Miss America 'scholarship program' adds Microsoft Azure developer to lineup

The annual Miss America beauty pageant scholarship program has a tech entry this year, Microsoft developer Allison Farris. Ms Farris, who holds both bachelor's and master's degrees in Management Information Systems from the University of Alabama, has spent the last three years as a Redmond developer in the US capital working …
Iain Thomson, 21 Aug 2018
Caesars Palace in Las Vegas, USA

Et tu, Brute? Then fail, Caesars: When it's hotel staff, not the hackers, invading folks' privacy

Comment The hacking world's summer camp has ended. The last of the Black Hat USA, BSides Las Vegas, and DEF CON attendees and organizers have now left Sin City after a week of lectures, networking, and partying. What unfolded over those seven or so days will have knock-on effects for years to come – not just from researchers and …
Iain Thomson, 20 Aug 2018
CHiPs

'Oh sh..' – the moment an infosec bod realized he was tracking a cop car's movements by its leaky cellular gateway

Black Hat If you want to avoid the cops, or watch deliveries and call-outs by trucks and another vehicles in real-time, well, there's potentially not a lot stopping you. Security researchers have found more than 100,000 internet-facing cellular gateways, some of which broadcast their exact whereabouts to the world. These particular …
Iain Thomson, 18 Aug 2018
hacking

US voting systems: Full of holes, loaded with pop music, and 'hacked' by an 11-year-old

DEF CON Hackers of all ages have been investigating America’s voting machine tech, and the results weren't great. For instance, one 11-year-old apparently managed to hack and alter a simulated, albeit deliberately hobbled, Secretary of State election results webpage in 10 minutes. The Vote Hacking Village, one of the most packed-out …
Iain Thomson, 13 Aug 2018
panel

Criminal justice software code could send you to jail and there’s nothing you can do about it

DEF CON American police and the judiciary are increasingly relying on software to catch, prosecute and sentence criminal suspects, but the code is untested, unavailable to suspects' defense teams, and in some cases provably biased. In a presentation at the DEF CON hacking conference in Las Vegas, delegates were given the example of …
Iain Thomson, 13 Aug 2018
Rob Joyce

Former NSA top hacker names the filthy four of nation-state hacking

DEF CON Rob Joyce, the former head of the NSA’s Tailored Access Operations hacking team, has spilled the beans on which nations are getting up to mischief online. Joyce gave one of the first talks at the DEF CON hacking conference in Las Vegas and interest was intense - the lines to get in stretched around the hall. Joyce …
Iain Thomson, 13 Aug 2018
linton

Google Spectre whizz kicked out of Caesars, blocked from DEF CON over hack 'attack' tweet

Updated At midnight on Thursday, Matt Linton, a senior Google bod who was one of the key players in sorting out the Spectre CPU security hole mess, went to his hotel room in Caesars Palace, Las Vegas – and found his key no longer worked. When he went to reception to find out what the problem was, he was met by two security guards who …
Iain Thomson, 10 Aug 2018
Santamarta

Hackers can cook you alive using 'microwave oven' sat-comms – claim

Black Hat Four years ago, IOActive security researcher Ruben Santamarta came to Black Hat USA to warn about insecurities in aircraft satellite-communication (SATCOM) systems. Now he’s back with more doom and gloom. During a presentation at this year's hacking conference in Las Vegas this week, he claimed he has found a host of flaws in …
Iain Thomson, 10 Aug 2018
pwnie

Spec-exec CPU bugs sweep hacking Oscars – and John McAfee’s in there like a bullet

Black Hat The whizz kids who uncovered the Spectre and Meltdown data-leaking flaws in modern processors have scooped two Pwnie Awards – often referred to as the information security industry’s Oscars. Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike …
Iain Thomson, 10 Aug 2018
Two execs in a server room. Has to have happened some time heh. Photo by Shutterstock

Can we talk about the little backdoors in data center servers, please?

Black Hat Data centers are vital in this cloudy world – yet little-understood management chips potentially give hackers easy access to their servers in ways sysadmins may not have imagined. The components in question are known as baseband management controllers (BMCs). They are discrete microcontrollers popped into boxes by the likes of …
Iain Thomson, 10 Aug 2018
hackers

Say what you will about self-driving cars – the security is looking 'OK'

Black Hat Car hacking wizards Charlie Miller and Chris Valasek have turned their attention to autonomous vehicles – and reckon the security is surprisingly good. The duo, who work for General Motors’ robo-automaker offshoot Cruise, told this year's Black Hat USA conference on Thursday while self-driving vehicles are much less hackable …
Iain Thomson, 10 Aug 2018
Thumbs up for Spectre-Meltdown protection

Revealed: El Reg blew lid off Meltdown CPU bug before Intel told US govt – and how bitter tech rivals teamed up

Black Hat Next time you leave things to the last minute, remember this well. Despite having known about the Meltdown and Spectre security vulnerabilities for roughly six months, Intel and other chip giants still hadn't warned the US government's cybersecurity nerve-center by the time The Register blew the lid off the design flaws. …
Iain Thomson, 9 Aug 2018
Skull and cross bones in binary

Microsoft to hackers: Finding Hyper-V bugs is hard. Change my mind. PS: Here's a head start...

Black Hat Not that many moons ago, Microsoft was seemingly reluctant to open a bug bounty program. It also once described Linux as a cancer. Now it claims to love Linux, and is offering bounties on bugs. How times change. On Wednesday, Redmond not only reiterated its offer of oodles of cash in exchange for details of exploitable …
Iain Thomson, 9 Aug 2018
Duo's Jamie Tomasello

Stress, bad workplace cultures are still driving security folk to drink

Black Hat In a personal and powerful presentation, a computer security veteran has warned that too many infosec bods are fighting a losing battle with the bottle. Jamie Tomasello, senior manager of security operations at Duo Security, has 17 years of experience in the industry, and has been sober for the past six. While the causes of …
Iain Thomson, 8 Aug 2018
Parisa Tabriz at Black Hat USA 2018

Google Project Zero boss: Blockchain won’t solve your security woes – but partying just might

Black Hat Parisa Tabriz, a director of engineering at Google and head of the web giant's Project Zero bug-hunting squad, today opened this year's Black Hat USA conference with a reminder that partying is key to securing software. There’s more to it than that, of course: clear goals and targets have to be set, management and staff have …
Iain Thomson, 8 Aug 2018
ATM money shot

IBM, ATMs – WTF? Big Blue to probe cash machines, IoT, vehicles, etc in new security labs

Black Hat IBM has promised to open four research centers that will hunt for security vulnerabilities in technology – including a team dedicated to probing cash machines for flaws. It has been eight years since the late, great hacker Barnaby Jack took to the stage at the Black Hat USA conference in Las Vegas, and showed attendees how in …
Iain Thomson, 6 Aug 2018
ransomware

BlackBerry claims it can do to ransomware what Apple did to its phones

Black Hat While ransomware continues to extort factories, hospitals, schools, businesses, and ordinary netizens, BlackBerry reckons it can quickly rescue peeps from malware infections. The Canadian biz's days as the smartphone king long gone, with Apple making quick work of its hardware. And although it still licenses its name to a few …
Iain Thomson, 6 Aug 2018
A black hat hacker

Security world to hit Las Vegas for a week of hacking, cracking, fun

About a quarter of a century ago, a handful of hackers decided to have a party in a cheap hotel, and had a whale of a time. Fast forward to 2018, and that get-together has grown into events that will see an estimated 30,000 people converge on Las Vegas for the biggest security shindig in the world – the combination of Black …
Iain Thomson, 4 Aug 2018
defcon

Dear alt-right morons and other miscreants: Disrupt DEF CON, and the goons will 'ave you

DEF CON The organizers of the DEF CON hacking conference, due to be held in Las Vegas, USA, next week, have put those who intend to spoil the event on warning: such tactics will not be tolerated. At last month's Hackers on Planet Earth (HOPE) event in New York City, several sessions were wrecked by white nationalist attendees spouting …
Iain Thomson, 2 Aug 2018

Biting the hand that feeds IT © 1998–2018