Subscribe: The Register - Security
Added By: Feedage Forager Feedage Grade B rated
Language: English
attack  attacks  ddos  denial service  hacked  hackers  internet things  internet  security  service  things  yahoo  years     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security

The Register - Security

Biting the hand that feeds IT

Copyright: Copyright 2016, Situation Publishing

Criticize Donald Trump, get your site smashed offline from Russia

Fri, 30 Sep 2016 23:16:11 GMT

Newsweek Cuban connection story enrages miscreants

It has been an odd day for Newsweek – its main site was taken offline after it published a story claiming a company owned by Republican presidential candidate Donald Trump broke an embargo against doing deals with Cuba.…

Crypto guru Matt Green asks courts for DMCA force field so he can safely write a textbook

Fri, 30 Sep 2016 22:31:36 GMT

Next move in EFF's plans to regain the right to tinker

Assistant Professor Matthew Green has asked US courts for protection so that he can write a textbook explaining cryptography without getting sued under the Digital Millennium Copyright Act.…

Upstart bags $2.5m to help put the brakes on self-driving car hackers

Fri, 30 Sep 2016 18:22:37 GMT

Sales of connected autonomous vehicles by 2025 projected to be 70% of light-duty vehicles

Israeli car security startup Karamba Security has banked $2.5m in fresh investment, which it plans to use to extend its technology to autonomous vehicles.…

NHS trusts ‘complacent’ on cloud app security risks

Fri, 30 Sep 2016 12:36:04 GMT

Do we block unsanctioned ones? Well half of us think we do...

Almost half of NHS Trusts make no attempt to monitor cloud app usage, according to the results of a Freedom of Information request.…

Security analyst says Yahoo!, Dropbox, LinkedIn, Tumblr all popped by same gang

Fri, 30 Sep 2016 06:17:47 GMT

Says five-strong 'Group E' may have lifted a billion Yahoo! records, sells to states

Five hackers are said to be behind breaches totalling up to a staggering three billion credentials from some of the world's biggest tech companies including the Yahoo! breach that led to the loss of 500 million credentials.…

Want to make US$1.5m this weekend? Just jailbreak iOS

Fri, 30 Sep 2016 01:08:21 GMT

Zerodium triples iOS exploit bounty to $1.5M, doubles 'droid to $200k

Exploit broker Zerodium has tripled its bug bounty for a remote iOS 10 jailbreak vulnerability to US$1.5 million.…

'Syrian Electronic Army' goon extradited from Germany now coughs to hacking, extortion

Thu, 29 Sep 2016 20:59:00 GMT

His crime boss The Shadow remains at large

An associate of the self-styled Syrian Electronic Army has been sentenced to five years in an American prison for his part in running a cyber extortion scheme against businesses around the world.…

Microsoft widens Edge browser bug hunt for bounty hunters

Thu, 29 Sep 2016 15:41:06 GMT

Keeping you in hoodies

Microsoft has expanded its programme for rewarding those who find and report bugs in its Edge browser, enabling bounty hunters to claim their prize for a broader range of vulnerabilities.…

VESK coughs up £18k in ransomware attack

Thu, 29 Sep 2016 15:02:06 GMT

Biz took the precaution to pay up as a belt and braces approach

Exclusive Hosted desktop and cloud provider VESK is staggering back to its feet after paying 29 Bitcoins (£18,600) in a ransomware attack earlier this week.…

Russian hackers target MH17 journalists for embarrassing Putin

Thu, 29 Sep 2016 13:07:16 GMT

State threat actors are a reality for today's scribes

Journalists investigating the downing of the MH17 flight over eastern Ukraine in 2014 have been hacked by Russia, according to security intelligence outfit ThreatConnect.…

Fingerprint tech makes ATMs super secure, say banks. Crims: Bring it on, suckers

Thu, 29 Sep 2016 12:29:08 GMT

All those unchangeable PINs, up for easy swiping

Cybercriminals are hawking their claimed ability to exploit newly introduced biometric-based ATM authentication technologies.…

Yahoo! Answers used to cloak command and control networks

Thu, 29 Sep 2016 06:18:04 GMT

VXer wordsmiths demo novel stealth tricks

Two malware instances have converted numbers to words in a novel attempt to cloak the IP addresses of command and control servers.…

Researchers crack Oz Govt medical data in 'easy' attack with PCs

Thu, 29 Sep 2016 05:14:02 GMT

White hat efforts show up Govt's proposed laws to criminalise research

Australian researchers have laid waste to the Federal Government's plan to criminalise the decryption of anonymised state data sets, just a day after it was announced, by 'easily' cracking government-held medical data.…

D-Link DWR-932 B owner? Trash it, says security bug-hunter

Thu, 29 Sep 2016 01:57:12 GMT

More than 20 vulns in SOHOpeless LTE gateway

If you've got a D-Link DWR-932 B LTE router, you might want to fire it into the sun – or hope that a firmware upgrade lands soon.…

How to create a security startup and bag VC millions – step one: Containers, AI or cloud

Wed, 28 Sep 2016 20:20:55 GMT

Step two: Keep doing that

While venture capitalists have been tightening their belts over the past year, there’s still a lot of love and funding for security startups – especially if you’re working in the right areas.…

Microsoft preps defence against the dark arts for enterprise customers

Wed, 28 Sep 2016 14:17:11 GMT

Application Guard aims to defeat malware served up from web sites

Microsoft is developing a technology for Windows 10 designed to combat the threat of malware served up from web pages penetrating corporate defences and slurping sensitive data.…

How do you approach continuous security?

Wed, 28 Sep 2016 12:55:32 GMT

In application development, build it in

Promo Earlier this week we ran a live broadcast looking at how to build security into your application development process. You can watch it here.…

Urgent! Log in for spear-phisher survey or your account will be deleted

Wed, 28 Sep 2016 11:46:10 GMT

Europol: Cybercrims getting more devious

Europol’s annual cyber-crime survey warns that the quality of spearphishing and other "CEO fraud" is continuing to improve and "cybercrime-as-a-service" means an ever larger group of fraudsters can easily commit online attacks.…

Google, Dropbox the latest US tech giants to sign up to the Privacy Shield

Wed, 28 Sep 2016 08:08:08 GMT

Queued up to self-certify

Internet giant Google has signed up to the Privacy Shield, a framework designed to facilitate the transfer of personal data between the EU and US by businesses.…

Yahoo! Mail! down?! Great! timing! as! more! US! senators! dogpile! hacked! web! giant!

Tue, 27 Sep 2016 18:40:58 GMT

Enjoy the sounds of a thousand heads at Verizon slamming into a thousand desks

Yahoo!'s embattled mail service was dealt another blow Tuesday when an outage hit users worldwide.…

No wonder we're being hit by Internet of Things botnets. Ever tried patching a Thing?

Tue, 27 Sep 2016 13:46:24 GMT

Akamai CSO laments pisspoor security design practices

Internet of Things devices are starting to pose a real threat to security for the sensible part of the web, Akamai's chief security officer Andy Ellis has told The Register.…

152k cameras in 990Gbps record-breaking dual DDoS

Tue, 27 Sep 2016 09:18:05 GMT

Hacked low-powered cameras and internet-of-things things

The world's largest distributed denial of service (DDoS) attack has been clocked from the same network of 152,463 compromised low-powered cameras and internet-of-things devices which punted a media outlet off the internet.…

Don't let banks fool you, the blockchain really does have other uses

Tue, 27 Sep 2016 08:03:09 GMT

Gov.UK missing out on the real value? We're shocked, we tell you... Shocked!

Analysis It is a truth universally acknowledged that executives in the financial sector are capable of making the most exciting innovations boring, and in this respect their approach to the blockchain has been exemplary.…

Google tries to cross out XSS attacks by releasing its own test tool

Tue, 27 Sep 2016 07:44:10 GMT

Just about every content security policy does it wrong

Google has spent more than US$1.2 million (£920,400, A$1.6 million) in the last two years paying researchers for reporting cross-site scripting (XSS) attacks and has kicked off an effort to help crush the threat.…

It's open season for bug hunting – on Microsoft's Azure cloud

Tue, 27 Sep 2016 07:21:04 GMT

Project Springfield offers fuzzing, which isn't nearly as titillating as it sounds

Ignite Microsoft's conviction that "fuzzing in the cloud will revolutionize security testing," voiced in a research paper six years ago, has taken form with the debut of Project Springfield: an Azure-based service for identifying software flaws by automatically subjecting the code to bad input.…

Daesh-bag hacker gets 20 years for harvesting US military kill list

Tue, 27 Sep 2016 06:41:12 GMT

Cross-border Kosovan cuffing leads to long stretch inside

A student who hacked into corporate servers to build a kill list for medieval terror bastards Daesh has been sentenced to 20 years in prison after admitting his guilt.…

Mozilla wants woeful WoSign certs off the list

Tue, 27 Sep 2016 03:58:07 GMT

Backdating SHA-1 certs is just not on

Mozilla wants to kick Chinese certificate authority (CA) WoSign out of its trust program.…

Suspected Russian DNC hackers brew Mac trojan

Tue, 27 Sep 2016 03:30:47 GMT

Ruskie space program doc used as spear phish payload.

Suspected Russian hackers fingered for hacking the United States Democratic National Committee (DNC) have brewed a trojan targeting Mac OS X machines in the aerospace sector, says Palo Alto researcher Ryan Olson.…

Fax machines' custom Linux allows dial-up hack

Tue, 27 Sep 2016 00:55:31 GMT

Don't laugh. Epson printer/fax machines dating back to 1999 have this problem

Party like it's 1999, phreakers: a bug in Epson multifunction printer firmware creates a vector to networks that don't have their own Internet connection.…

Patch AGAIN: OpenSSL security fixes now need their own security fixes

Mon, 26 Sep 2016 21:49:06 GMT

Recursion (n): See recursion

Sysadmins and devs, fresh from a weekend spoiled by last week's OpenSSL emergency patch, have another emergency patch to install.…

Intel, Lenovo officially gone to the dogs – with FIDO fingerprint logins

Mon, 26 Sep 2016 17:47:45 GMT

New authentication for PCs gives passwords the middle finger

Lenovo, Intel and others are aiming to make online payments more secure by bringing the Fast Identity Online (FIDO) biometric authentication standard to PCs.…

Security man Krebs' website DDoS was powered by hacked Internet of Things botnet

Mon, 26 Sep 2016 13:15:06 GMT

Internet of Amazingly Insecure Tat? That's the one

The huge distributed denial of service (DDoS) attack which wiped security journalist Brian Krebs' website from the internet came from a million-device-strong Internet of Things botnet.…

Apple to crunch iOS 10 local backup password brute force hole

Mon, 26 Sep 2016 07:38:13 GMT

Research finds faster cracking flaw

Apple is brewing a fix to patch an iOS password flaw that allows credentials to be stolen from backups.…

Dev teaches bot to talk spammers' ears off

Mon, 26 Sep 2016 07:23:38 GMT

Crims are so keen to chat they respond to random hipsterisms and send legit discount codes

Brian Weinreich has been trolling spammers for two years using a bot that fires realistic and ridiculous replies to the pervasive online salespeople.…

Google rushes in where Akamai fears to tread, shields Krebs after world's-worst DDoS

Mon, 26 Sep 2016 04:15:07 GMT

600 Gbps traffic flood overwhelmed CDN

Google has provided free distributed denial of service attack (DDoS) mitigation services to security publication Krebs on Security, stepping in after Akamai withdrew support.…

And! it! begins! Yahoo! sued! over! ultra-hack! of! 500m! accounts!

Sat, 24 Sep 2016 19:21:08 GMT

Class-action lawsuit in California expected to be first of many in the US

Just two days after Yahoo! admitted hackers had raided its database of at least 500 million accounts, the Purple Palace is being dragged into court.…

IBM botched geo-block designed to save Australia's census

Fri, 23 Sep 2016 22:29:08 GMT

Bureau of Stats says spooks signed off IBM's plan, but Big Blue mucked something up

Australia's Bureau of Statistics has heavily criticised IBM for the security it applied to the nation's failed online census, which was taken offline after a distributed denial of service (DDoS) attack that battered a curiously flimsy defensive shield.…

Uni student cuffed for 'hacking professor's PC to change his grades'

Fri, 23 Sep 2016 19:12:20 GMT

Someone has been watching Wargames too much

A student at Kennesaw State University in Georgia is accused of hacking into his professor's computer to improve his grades.…

Woo hoo, has unveiled yet another tech creche – for infosec

Fri, 23 Sep 2016 08:34:07 GMT

This one's in Cheltenham. Makes a change from hipsterville East London

Plans are afoot in Westminster to burn even more taxpayers' cash by launching a new cyber-security startup accelerator in Cheltenham.…

OpenSSL swats a dozen bugs, one notable nasty

Fri, 23 Sep 2016 08:15:11 GMT

Denial of service dross dead.

A dozen flaws have been patched in OpenSSL, including one high severity hole that allows denial of service attacks.…

Report: NSA hushed up zero-day spyware tool losses for three years

Fri, 23 Sep 2016 07:38:05 GMT

Investigation shows staffer screw-up over leak

Sources close to the investigation into how NSA surveillance tools and zero-day exploits ended up in the hands of hackers has found that the agency knew about the loss for three years but didn’t want anyone to know.…

Sad reality: It's cheaper to get hacked than build strong IT defenses

Fri, 23 Sep 2016 06:34:05 GMT

PHBs are applying the Ford Pinto formula to your data

Whenever mega-hacks like the Yahoo! fiasco hit the news, inevitably the question gets asked as to why the IT security systems weren't good enough. The answer could be that it's not in a company's financial interest to be secure.…

Cops blasted for relying on IP addresses to hunt down suspects

Fri, 23 Sep 2016 06:02:10 GMT

Numerical addresses too vague to be relied on, say activists

A new white paper from the Electronic Frontier Foundation argues that police rely too heavily on IP addresses when conducting criminal investigations.…

Safe browsing checks fail as 16,000 WordPress sites hacked this year

Fri, 23 Sep 2016 05:54:49 GMT

Google's red screen of death marks half of malcious sites, McAfee only 11 per cent

At least 15,769 WordPress websites - and probably more - have been compromised this year, half slipping past Google's Safe Browsing checks, says security researcher Daniel Cid.…

Malware figures out it's running on VMs and refuses to execute

Fri, 23 Sep 2016 05:07:26 GMT

If a PC has just a couple of Word files, crooks figure it's a White-Hat's attack machine

Malware writers are looking for the absence of documents to figure out which PCs are potential victims and which are virtual machines being used by white hats.…

Valid logins to your workplace are on the net, right now

Fri, 23 Sep 2016 02:11:54 GMT

Mega-breaches and spiking smartphones malware mean crims can crack you, yesterday

Enterprises are almost universally open to intrusion attempts with stolen credentials, and are at increased risk from compromised smartphones thanks to a spike in device malware.…

US Homeland Security launches IoT willy-waving campaign

Thu, 22 Sep 2016 22:25:31 GMT

Our policies are gonna be the best, ignore all the rest

The US Department of Homeland Security has announced plans to make the internet-of-things just a bit more complicated – by trying to shove itself into the market with a new security framework.…

Half! a! billion! Yahoo! email! accounts! raided! by! 'state! hackers!'

Thu, 22 Sep 2016 19:20:40 GMT

Email addresses, phone numbers, hashed passwords, DoBs, security Q&As swiped

Updated Hackers strongly believed to be state-sponsored swiped account records for 500 million or more Yahoo! webmail users. And who knew there were that many people using its email?…

DDoS attacks: For the hell of it or targeted – how do you see them off?

Thu, 22 Sep 2016 08:02:06 GMT

Cloud-based DDoS defences introduce delays

Distributed Denial of Service (DDoS) attacks can be painful and debilitating. How can you defend against them? Originally, out-of-band or scrubbing-centre DDoS protection was the only show in town, but another approach, inline mitigation, provides a viable and automatic alternative.…

SWIFT warns of more 'sophisticated' attacks, readies anti-fraud tool

Thu, 22 Sep 2016 07:19:08 GMT

Haven't hardened? You're still gunna get hacked, says CISO

The chief information security officer for global money transfer network SWIFT says banks are still under attack from fraudsters hoping to cash in on identified security gaps to steal millions of dollars.…