Subscribe: The Register - Security
Added By: Feedage Forager Feedage Grade B rated
Language: English
account  data  email  flaw  hackers  malware  million  popular  researchers  run  security  users  vulnerability  years     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security

The Register - Security

Biting the hand that feeds IT

Copyright: Copyright 2016, Situation Publishing

Como–D'oh! Infosec duo exploits OCR flaw to nab a website's HTTPS cert

Fri, 21 Oct 2016 20:40:31 GMT

Pair abused typo blind spot to game certificate authority

Two European security researchers exploited Comodo's crappy backend systems to obtain a HTTPS certificate for a domain they do not own.…

Dyn dinged by DDoS: US DNS firm gives web a bad hair day

Fri, 21 Oct 2016 14:23:12 GMT

Reddit, Github, Airbnb and pals affected

A denial of service attack against managed DNS provider Dyn restricted access to many US-based websites on Friday.…

Hax0rs sow Discord by using VoIP service to sling malware at gamers

Fri, 21 Oct 2016 13:31:07 GMT

Not even playtime's safe these days

Hackers abused a free VoIP service for gamers to distribute remote-access Trojans and other malware.…

Hack us and you're basically attacking America, says UK defence sec

Fri, 21 Oct 2016 11:43:11 GMT

And we'll attack you back, promises Defence Secretary

Britain is splurging £265m on military cyber security – and that includes offensive capabilities, according to Defence Secretary Sir Michael Fallon.…

Slack whacks global account hijack holes

Fri, 21 Oct 2016 06:30:05 GMT

For a while there your Slack account could be hijacked with just a username

Hipster collaboration platform Slack has shuttered an access control bypass that allowed users to hijack any account.…

Fruity hacking group juiced by Microsoft's October patch parade

Fri, 21 Oct 2016 05:29:05 GMT

Get your patching done, people, this Font-borne bug is being actively exploited

Kaspersky Labs researcher Anton Ivanov says an advanced threat group was exploiting a Windows zero day vulnerability before Microsoft patched it last week.…

Spam scum ping global blacklists to wreck rep

Fri, 21 Oct 2016 04:02:09 GMT

Email pests seek clean machines for better hit rates.

Malware authors are consulting IP blacklists designed to help fight spam in a bid to avoid detection and increase inbox hit rates.…

Dirty COW explained: Get a moooo-ve on and patch Linux root hole

Fri, 21 Oct 2016 02:21:33 GMT

Widespread flaw can be easily exploited to hijack PCs, servers, gizmos, phones

Code dive Patch your Linux-powered systems, phones and gadgets as soon as possible, if you can, to kill off a kernel-level flaw affecting nearly every distro of the open-source operating system.…

Google pays $100k to anti-malware crusader Giovanni Vigna

Fri, 21 Oct 2016 01:58:13 GMT

Prolific malware murderer bags Mountain View's Security, Privacy and Anti-Abuse award

Anti-malware machine and head of the Shellphish DARPA Grand Challenge bronze-medallist team has won US$100,000 from Google for security research efforts.…

DIY website builder Weebly was secured feebly

Fri, 21 Oct 2016 00:55:41 GMT

43m credentials lifted, plus 58m more at Modern Business Solutions and 22m from FourSquare

Another day, another three major breaches: this time at do it yourself website builder Weebly, which has been revealed as secured feebly, as were FourSquare and Modern Business Solutions.…

Three million debit cards at risk after hackers raid Indian payment systems

Thu, 20 Oct 2016 20:37:37 GMT

It wasn't us, gov! Hitachi Payment Services denies its ATMs were pwned

A suspected security breach has led banks in India to warn 3.25 million customers to replace their debit cards or change the PINs.…

US DNC hackers blew through SIX zero-days vulns last year alone

Thu, 20 Oct 2016 19:07:51 GMT

Most targets were individuals with Gmail addresses

Security researchers have shone fresh light on the allegedly Russian state-sponsored hacking crew blamed for ransacking the US Democratic National Committee's computers.…

Boffins exploit Intel CPU weakness to run rings around code defenses

Thu, 20 Oct 2016 16:48:12 GMT

Branch buffer shortcoming allows hackers to reliably install malware on systems

US researchers have pinpointed a vulnerability in Intel chips – and possibly other processor families – that clears the way for circumventing a popular operating-system-level security control.…

Security research tool had security problem

Thu, 20 Oct 2016 07:31:07 GMT

Plugin for popular disassembler OllyDbg allowed man-in-the-middle diddle

Security researchers and the networks they rely on were at risk of breach by the hackers they investigate, thanks to now mitigated man-in-the-middle holes in a popular plugin for analysing debugger OllyDbg.…

Kids today are so stupid they fall for security scams more often than greybeards

Thu, 20 Oct 2016 05:27:06 GMT

Millennials turn out to be digital naïfs, not digital natives

Millennials are more likely to fall for tech support scams than baby boomers, Microsoft says.…

GPS spoofing can put Yik Yak in a flap

Thu, 20 Oct 2016 04:34:13 GMT

De-anonymising 'secret' chat app not that hard, really

A little machine learning can de-anonymise Yik Yak users, according to researchers from American and Chinese universities.…

Jumpin' AppFlash! Actifio's devops gear rolls onto Pure kit

Thu, 20 Oct 2016 02:58:08 GMT

Copy data virtualisation gets a flash boost

+Comment Actifio's AppFlash DevOps Platform will run on Pure Storage's FlashArray.…

Reading this? Then you can pop root shells on Markvision enterprises

Thu, 20 Oct 2016 02:04:04 GMT

Twin bug bombs perish with patch

Lexmark has patched two dangerous vulnerability in its Markvision enterprise IT analysis platform that grants remote attackers god-mode system access over the internet.…

Yahoo! begs! US! spymaster! Clapper!: Spill! the! beans! on! secret! email! snooping!

Thu, 20 Oct 2016 00:12:24 GMT

Uncle Sam asked to come clean on what info it sought. Good luck with that

Yahoo! has asked the US government to break its silence on the secret court order that forced the Purple Palace to scan its webmail users' messages for specific keywords.…

Donald Trump running insecure email servers

Wed, 19 Oct 2016 15:39:05 GMT

But he's got a yuge firewall, folks... the best kind of firewall

US presidential candidate Donald Trump’s criticism of rival Hillary Clinton's use of a private email server while Secretary of State appeared to have rebounded on him.…

It's finally happened: Hackers are coming for home routers en masse

Wed, 19 Oct 2016 14:18:12 GMT


Cybercrooks are increasingly targeting routers in consumers’ homes.…

Crims cram credit card details into product shots on e-shops

Wed, 19 Oct 2016 03:57:06 GMT

Just Save Image As to exfiltrate data, safe in the knowledge webmasters trust JPGs

Hackers are going to considerable lengths to hide credit cards stolen from websites victimised in a wave of recent attacks, weaving the data into working images of products sold online.…

Democralypse Now? US election first battle in new age of cyberwarfare

Tue, 18 Oct 2016 13:45:12 GMT

CIA said to blame Russia for voter database hacks

Hacking attempts against more than 10 US state election databases have increased fears about Russian efforts to disrupt or influence the 2016 presidential election.…

You work so hard on coding improvements... and it's all undone by a buggy component

Tue, 18 Oct 2016 12:03:22 GMT

Third-party addition not the time-saver the boss thinks it is

Nearly all (97 per cent) of Java applications contain at least one component with a known vulnerability, according to a new study by app security firm Veracode.…

It's good to talk, UK banks told after massaging cyberattack figures

Tue, 18 Oct 2016 10:20:05 GMT

It's not like the public will think any worse of you

Top techies at British banks are being encouraged to share information about cyberattacks following revelations that the financial sector is under-reporting breaches to regulators.…

Audit sees VeraCrypt kill critical password recovery, cipher flaws

Tue, 18 Oct 2016 04:02:05 GMT

Patches slung at 11 bad bugs

Security researchers have found eight critical, three medium, and 15 low -severity vulnerabilities in a one month audit of popular encryption platform VeraCrypt.…

'Dyre' malware re-surfaces as 'TrickBot', targets Australian banks

Tue, 18 Oct 2016 02:25:03 GMT

Researchers say it looks like Dyre wolves are back in the wild, despite February arrests

Malware now targeting Australian users could be based on one of the world's worst banking trojans.…

SHA3-256 is quantum-proof, should last BEELLIONS of years, say boffins

Tue, 18 Oct 2016 01:29:10 GMT

Ye Olde hash standard looks like it can beat the coming of the quantum cats

While it's reasonable to assume that a world with real quantum computers will ruin traditional asymmetric encryption, perhaps surprisingly hash functions might survive.…

Sextortion on the internet: Our man refuses to lie down and take it

Mon, 17 Oct 2016 10:48:34 GMT

It rubs the lotion on its skin, repeatedly it seems

Exclusive An unpleasant Monday morning kicked off when my personal email account popped up a message of thanks for joining YouTube rival Vimeo. Seven minutes later, I visited the website, where I was confronted by a sexually explicit video stating I was a pedophile.…

ShadowBrokers put US$6m price tag on new hoard of NSA hacks

Mon, 17 Oct 2016 07:37:09 GMT

Auction failed, now false-flag filchers want 10k bitcoin or the code gets it

A group thought linked to a Russian hacking outfit has moved to cash in on its cache of likely NSA exploit tooling, by offering it in exchange for 10,000 Bitcoins.…

Hello |FNAME|, this is the Obama-bot Drupal chat module speaking

Mon, 17 Oct 2016 05:30:11 GMT

White House open-sources presidential Facebook Messenger chatbot

The White House has open-sourced the bot that president Obama uses to automatically respond to messages sent on Facebook Messenger…

Outlook-on-Android alternative 'Nine' leaked Exchange Server creds

Mon, 17 Oct 2016 04:04:36 GMT

Patches slung to fix popular third-party email app

Staff logging into Exchange Server through a popular app could have placed their enterprise credentials at risk through a since-closed vulnerability.…

More than half of Androids susceptible to ancient malware

Mon, 17 Oct 2016 03:02:13 GMT

Bad ads, off-brand app stores and smut carry 'Ghost Push' nasty

One of the world's most prolific Android malware instances is still the most prevalent piece of malware more than two years after it first emerged.…

Netflix reminds password re-users to run a reset

Sun, 16 Oct 2016 22:27:22 GMT

Your! account! has! shown! up! on! a! breach! list! We! can't! imagine! which! one!

Netflix has reminded people whose user IDs are circulating in breach-lists to check their security and if necessary reset their passwords.…

IBM: Yes, it's true. We leaned on researchers to censor exploit info

Fri, 14 Oct 2016 20:05:48 GMT

Big Blue says this isn't normal practice as infosec bods take down proof-of-concept code

IBM successfully pressured security researchers into yanking offline part of a published vulnerability advisory – even after patches had been distributed to customers.…

Hey! spies! Get! in! here! and! explain! this! Yahoo! email-scanning! 'kernel! module!'

Fri, 14 Oct 2016 19:04:54 GMT

US Congress demands answers on what exactly was slurped and how

Four dozen members of US Congress have signed a letter requesting a full briefing on the Yahoo! email scandal.…

Forget malware, crooks are cracking ATMs the old-fashioned way – with explosives

Fri, 14 Oct 2016 18:26:06 GMT

Blowing up cash machines is blowing up

Bank raiders are increasingly turning to explosives in order to break into cash machines.…

In 2020, biz will chuck $100bn+ at protecting itself online

Fri, 14 Oct 2016 14:33:06 GMT

Hackers gonna hack

Security spending is predicted to grow from $73.7bn in 2016 to $101.6bn in 2020, according to analysts.…

Post-referendum UK still part of Euro cyberterror stress test... for now

Fri, 14 Oct 2016 11:57:04 GMT

Cheer up, Europe, love. Cyberwar might never happen

European enterprises are teaming with information security agencies and governments to run a pan-European cyberwar readiness exercise today.…

You've been hacked. What are you liable for?

Fri, 14 Oct 2016 10:03:05 GMT

'It won't happen to me...' but best be prepared

Hacking is big news and we’re all susceptible. In the UK, hackers could face jail time under the Computer Misuse Act, but the question on many businesses’ minds will be where the liability lies if they are hacked.…

Facebook's un-Liked ~900 security flaws in five years

Fri, 14 Oct 2016 05:31:12 GMT

The Social Network™ has slung more than US$5m to bounty hunters

Facebook has paid security researchers US$5million in five years, after they found vulnerabilities in its platforms and quietly disclosed them under its bug bounty program.…

'Pork Explosion' flaw splatters Foxconn's Android phones

Fri, 14 Oct 2016 02:58:07 GMT

Full compromise over USB bacon-ed in to smartmobes

Security researcher Jon Sawyer says a limited backdoor has been found in some Foxconn-manufactured Android phones, allowing attackers to root phones they have in hand.…

Google splats 21 bugs in Chrome 54 patch run

Fri, 14 Oct 2016 02:33:18 GMT

None critical, some embarrassing, all worth the auto-upgrade

Google has patched 21 bugs in its Chrome web browser, closing six high-severity holes along the way.…

Personal info on more than 58 million people spills onto the web from data slurp biz

Thu, 13 Oct 2016 18:09:44 GMT

Modern Business Solutions keeping quiet

A US-based data aggregator that trades people's personal information with the automotive industry and real estate companies has seemingly spilled the private information of more than 58 million people online.…

New GCHQ unit: Psst, breached biz bods. We won't rat you out to the ICO

Thu, 13 Oct 2016 12:59:20 GMT

National Cyber Security Centre wants you to come in for a reassuring chat

The new National Cyber Security Centre is pitching itself to CEOs as a friendly government organisation which won't get the regulators involved after data breaches.…

Time to crack down on sales of dragon's gold - securobods

Thu, 13 Oct 2016 09:02:08 GMT

Coin of the gaming realm used for money laundering, malware and more

Security researchers have urged gaming companies to crack down on virtual currency auction and sales sites, reckoning criminals are cashing in to launder stolen money.…

Email security: We CAN fix the tech, but what about the humans?

Thu, 13 Oct 2016 07:27:06 GMT

From Michelangelo to ransomware

Last month’s Mr Chow ransomware attacks serve as a timely reminder that security should be at the top of any business IT strategy. Ransomware is on the increase, at least according to the FBI and while it is not all email borne, it is an example of how sophisticated hackers and criminals are getting with technology.…

Hackers pop 6000 sites on active 18-month carding bonanza

Thu, 13 Oct 2016 02:58:55 GMT

US National Republican Senatorial Committee on list of sites slinging data to Russia

Hackers have installed skimming scripts on more than 6000 online stores and are adding 85 each day in a wide-scale active operation that may have compromised hundreds of thousands of credit cards.…

Carders bag stylish sack shop Vera Bradley

Thu, 13 Oct 2016 01:30:07 GMT

Malware siphoned mag-stripe data from servers

American retail chain Vera Bradley has been breached by hackers who stole a yet unknown number of credit cards.…

SAP fixes gaping authentication bypass flaw after 3 YEARS

Wed, 12 Oct 2016 13:38:09 GMT

ERPScan reveals wide open door for miscreants

A critical SAP vulnerability stayed unpatched for three years prior to its resolution this week, according to application security specialists.…