John Leyden

Contact Mail Follow Twitter RSS feed
Cat stares at vacuum cleaner robot. Photo by shutterstock

Doctor, doctor, I feel like my IoT-enabled vacuum cleaner is spying on me

Vulnerabilities in a range of robot vacuum cleaners allow miscreants to access the gadgets' camera, and remote-control the gizmos. Security researchers at Positive Technologies (PT) this week disclosed that Dongguan Diqee 360 smart vacuum cleaners contain security flaws that hackers can exploit to snoop on people through the …
John Leyden, 20 Jul 2018
bank

Cybercrooks slurp nearly $1m from Russian bank after pwning router at regional branch

Hackers stole almost $1m from a Russian bank earlier this month after breaching its network via an outdated router. PIR Bank was looted by the notorious MoneyTaker hacking group, according to Group-IB, the Moscow-based security firm called in by the bank to handle incident response. Funds were stolen on 3 July through the …
John Leyden, 20 Jul 2018
China selfie revolution

UK's Huawei handler dials back support for Chinese giant's kit in critical infrastructure

A UK government-run oversight board has expressed misgivings about the security of telecoms kit from Chinese firm Huawei. An annual report (PDF) from the Huawei Cyber Security Evaluation Centre (HCSEC) concluded that "shortcomings in Huawei's engineering processes have exposed new risks in the UK telecommunication networks and …
John Leyden, 20 Jul 2018
spies_648

Declassified files reveal how pre-WW2 Brits smashed Russian crypto

Efforts by British boffins to thwart Russian cryptographic cyphers in the 1920s and 1930s have been declassified, providing fascinating insights into an obscure part of the history of code breaking. America's National Security Agency this week released papers from John Tiltman, one of Britain’s top cryptanalysts during the …
John Leyden, 19 Jul 2018
Handshake

Brit tech forges alliance to improve cyber security as MPs moan over 'acute scarcity' of experts

A cross-sector alliance incorporating leading UK organisations has been created in response to government plans to develop a national professional body for cybersecurity. The imaginatively titled Collaborative Alliance aims to shape national cybersecurity standards, drive advances in education and advise the government on …
John Leyden, 19 Jul 2018

Adobe on internal systems security hole: Panic not. It isn't critical

Adobe has attempted to play down the significance of a vulnerability in its internal systems. Bug hunters at an outfit called Vulnerability Laboratory claimed they had discovered a remote code execution hole in one of the Photoshop giant's main staff-only database systems – a weakness that was only corrected on Saturday. …
John Leyden, 19 Jul 2018
Woman in hospital (in hospital gown) covers face with hands

Will this biz be poutine up the cash? Hackers demand dosh to not leak stolen patient records

Hackers say they will leak patient and employee records stolen from a Canadian healthcare provider unless they are paid off. The records include medical histories and contact information for tens of thousands of home-care patients in Ontario, Canada, and belong to CarePartners. The biz, which provides home medical care …
John Leyden, 18 Jul 2018

So long and thanks for all the fixes: ERPScan left out of credits on Oracle bug-bash list

Oracle fixed 17 flaws in its products found by ERPScan researchers without acknowledging the application security firm, which was recently and controversially sanctioned in the US. hole US tech companies sucked into Russian sanctions row READ MORE ERPScan said vulnerabilities it uncovered affect six different business …
John Leyden, 18 Jul 2018
Celeb exits car while paparazzi try to take her picture

Call records breach let users feel like Movistars (with everyone watching who they're talking to)

Telefonica Spain has inadvertently exposed the personal details of customers of its Movistar division. Names, addresses, fixed and mobile line numbers, email addresses and the call breakdown of Movistar customers were all exposed because of basic programming errors in Movistar’s online customer portal. Anyone with a Movistar …
John Leyden, 18 Jul 2018
Teenage girl pointing away

Look, what's that over there? Sophos nips Windows DNS DLL false positive in the bud

A Windows operating system library was wrongly identified as malware by Sophos's antivirus scanner for some users on Tuesday. Security software from Sophos quarantined dnsapi.dll, provoking a modest number of complaints on the antimalware maker's support forums. The main gripe seemed to be bogus alerts generated by the …
John Leyden, 17 Jul 2018

Russia's national vulnerability database is a bit like the Soviet Union – sparse and slow

Russia's vulnerability database is much thinner than its US or Chinese counterparts – but it does contain a surprisingly high percentage of security bugs exploited by its cyber-spies. Recorded Future's Priscilla Moriuchi and Dr Bill Ladd found the database is highly focused yet incomplete, slow to update, and "likely intended …
John Leyden, 17 Jul 2018
MOSCOW, RUSSIA, JANUARY 2017: Russian traditional toy - Matryoshka with a portrait of Putin and Trump. showcase souvenir kiosk Editorial credit: dimbar76 / Shutterstock, Inc.

Trump wants to work with Russia on infosec. Security experts: lol no

Security experts have poured scorn on plans by US president Donald Trump to work more closely with Russia on cybersecurity. After the summit in Helsinki on Monday, both Trump and Russian president Vladimir Putin deflected questions related to the US intelligence community's assessment that Russia attempted to interfer in the …
John Leyden, 17 Jul 2018
hacker

IoT search engine ZoomEye 'dumbs down' Dahua DVR hijackings by spewing passwords

Login passwords for tens of thousands of Dahua digital video recorder devices have been cached by ZoomEye, an IoT search engine, and published on the web so that even the dumbest hacker could crack unpatched kit. "A new low has been achieved in the ease of hacking IoT devices," said Ankit Anubhav, principal researcher at …
John Leyden, 16 Jul 2018

Kremlin hacking crew went on a 'Roman Holiday' – researchers

Researchers have claimed the infamous APT28 Kremlin-linked hacking group was behind a new cyber-espionage campaign they believe was targeted at the Italian military. Security researchers from the Z-Lab at CSE Cybsec spent the weekend unpicking a new malware-base cyber-espionage campaign allegedly conducted by APT28 (AKA Fancy …
John Leyden, 16 Jul 2018

Two-factor auth totally locks down Office 365? You may want to check all your services...

Hackers can potentially obtain access to Microsoft Office 365 emails and calendars even if multi-factor-authentication is in place, we were warned this week. Cybercrooks are able to force their way into corporate Office 365 accounts, bypassing single sign-on or multi-factor authentication, by targeting older systems that aren' …
John Leyden, 13 Jul 2018
Woman in city street using smartphone

Bogus Mobile Device Management system used to hack iPhones in India

Business iPhone users in India have been targeted in a sophisticated and attack run through bogus Mobile Device Management (MDM) servers. Using either physical access or - more likely - social engineering trickery, certificates from a selection of two sketchy MDM servers were installed on targeted iPhones. This gave the hacker …
John Leyden, 13 Jul 2018
Buildings in Dnepr City seen from the Dnieper River, ukraine

Ukraine claims it blocked VPNFilter attack at chemical plant

A Ukrainian intel agency has claimed it stopped a cyber attack against a chlorine plant that was launched using the notorious VPNFilter malware. Ukraine's SBU Security Service said it thwarted an attack on network equipment belonging to the LLC Aulska chlorine plant in Auly, about an hour away from Dnepr City in Dnipropetrovsk …
John Leyden, 13 Jul 2018
Spectre logo jazzed up

Google's ghost busters: We can scare off Spectre haunting Chrome tabs

Google is touting the benefits of a recently rolled out browser security feature called Site Isolation. Site Isolation has been gradually introduced to users of the Chrome browser over several months, and now Google has officially unveiled this important piece of tech. With Site Isolation is enabled, Chrome runs a different …
John Leyden, 12 Jul 2018
hacker

Ransomware is so 2017, it's all cryptomining now among the script kiddies

The number of organisations affected by cryptomining malware in the first half of 2018 ramped up to 42 per cent, compared to 20.5 per cent in the second half of 2017, according to a new report from Check Point. The top three most common malware variants seen in the first half of 2018 were all cryptominers: Coinhive (25 per …
John Leyden, 12 Jul 2018
Pulling the plug

What can $10 stretch to these days? Lunch... or access to international airport security systems

Dark web shops are selling access to computers on corporate networks for less than the cost of a short cab ride. Security researchers at McAfee have uncovered a network of so-called Remote Desktop Protocol (RDP) shops on the dark web which sell access to compromised IT systems, sometimes for as little as $10 a pop – which …
John Leyden, 12 Jul 2018
ticketmaster

Ticketmaster breach 'part of massive bank card slurping campaign'

The Ticketmaster breach was not a one-off, but part of a massive digital credit card-siphoning campaign. Threat intel firm RiskIQ reckons the hacking group Magecart hit Ticketmaster as part of a massive credit card card hacking campaign affecting more than 800 ecommerce sites. Magecart has evolved tactically from hacking …
John Leyden, 12 Jul 2018
Young man sitting in his new convertible car

Like my new wheels? All I did was squash a bug, and they gave me $72k

Vuln hunters brought home the bacon last year, according to figures released today by bug bounty platform HackerOne. The Hacker-Powered Security Report is a biannual study of vulnerability disclosure ecosystems. It found that organisations resolved 27,000 vulnerabilities, earning ethical hackers $11.7m in 2017 alone. The …
John Leyden, 11 Jul 2018
A Royal Air Force MQ-9 Reaper drone. Crown copyright

US military manuals hawked on dark web after files left rattling in insecure FTP server

Sensitive US Air Force documents have leaked onto the dark web as part of an attempted sale of drone manuals. Threat intel firm Recorded Future picked up on an auction for purported export-controlled documents pertaining to the MQ-9 Reaper drone during its regular work monitoring the dark web for criminal activities last month …
John Leyden, 11 Jul 2018
scream

AAAAAAAAAA! You'll scream when you see how easy it is to pwn unpatched HPE servers

HPE servers running unpatched enterprise software are trivially easy to exploit with just one line of code, it has emerged. The script kiddie-friendly attack route dumbs down exploitation of a severe vulnerability dating from last year which stemmed from coding flaws in HPE's Integrated Lights-Out 4 (iLO 4), a tool for …
John Leyden, 11 Jul 2018
airplane

Thomas Cook website spills personal info – and it's fine with that

Holidaymakers who used Thomas Cook Airlines had their personal information spilled onto the internet no thanks to basic coding cockups. Norwegian programmer Roy Solberg came across an enumeration bug that leaked the full name of all travelers on a booking, the email addresses used, and flight details from Thomas Cook Airlines …
John Leyden, 10 Jul 2018

Biting the hand that feeds IT © 1998–2018