Subscribe: The Register - Security: Malware
http://www.theregister.co.uk/security/virus/headlines.rss
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
code  crypto  cyber  don  flaws  hackers  meltdown spectre  meltdown  microsoft  security  spectre  websites  windows     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security: Malware

The Register - Security



Biting the hand that feeds IT



Copyright: Copyright 2018, Situation Publishing
 



Global security crackdown, a host of code nasties, Brit cops mocked, and more

Sat, 17 Feb 2018 11:52:10 GMT

It's the week in security

Roundup Here's a summary of this week's security news beyond what we've already reported.…




Hands up who HASN'T sued Intel over Spectre, Meltdown chip flaws

Sat, 17 Feb 2018 00:42:46 GMT

Chipzilla says class-action lawsuit tally stands at 32

Intel says it is facing 32 separate class-action lawsuits following the revelations it shipped millions of processors with security design flaws dubbed Meltdown and Spectre.…




Mueller bombshell: 13 Russian 'troll factory' staffers charged with allegedly meddling in US presidential election

Fri, 16 Feb 2018 20:03:13 GMT

Ruskies stole citizen IDs to spread discord – indictment

Robert Mueller, the special prosecutor investigating foreign agents tampering with the 2016 US presidential election, has criminally charged 13 Russian nationals with conspiring against the United States.…




PM urged to protect data flows post-Brexit ahead of Munich speech

Fri, 16 Feb 2018 15:05:06 GMT

Security services facing 'curtailed' EU info sharing if UK doesn't agree terms

Security experts have warned that Brexit could lead to data flows between the UK and European Union being "substantially curtailed".…




UK.gov: Psst. Belgium. Buy these Typhoon fighter jets from us, will you?

Fri, 16 Feb 2018 13:39:07 GMT

And have some cyber goodness too – just don't mention the Belgacom hack

Great Britain, which is buying the US-made F-35 fighter jet, is urging European neighbour Belgium not to buy the US-made F-35 fighter jet.…




Russians behind bars in US after nicking $300m+ in credit-card hacks

Fri, 16 Feb 2018 02:54:12 GMT

Pair partly responsible for largest bank-card theft ring in American history

Two Russian criminals have been sent down in America after pleading guilty to helping run the largest credit-card hacking scam in US history.…




Techno-senator tells Tinder to hook up its app with better security

Fri, 16 Feb 2018 02:03:04 GMT

Swipe-a-shag tool gets the dreaded sternly-worded-letter treatment from Wyden

Cyber-senator Ron Wyden (D-OR) is asking execs from the parent company of Tinder to please use protection when spreading the love around.…




Former ICE top lawyer raided US govt database to steal aliens' identities

Thu, 15 Feb 2018 23:19:28 GMT

While kicking folks out of 'Murica, Raphael A. Sanchez committed fraud in their names

Yet again an insider has been caught misusing a workplace computer system to conduct identity theft and fraud.…




That terrifying 'unfixable' Microsoft Skype security flaw: THE TRUTH

Thu, 15 Feb 2018 19:58:45 GMT

Oh yeah, we patched that in October, Windows giant yawns

Microsoft has poured a bucket of cold water on people freaking out over a supposedly unfixable security flaw in Skype.…




Dell EMC squashes pair of VMAX virtual appliance bugs

Thu, 15 Feb 2018 15:58:05 GMT

vApp Manager contained undocumented default account

Dell EMC has patched two serious flaws in the management interface for its VMAX enterprise storage systems, one of which could potentially allow a remote attacker to gain unauthorised access to systems.…




Essex black hat behind Cryptex and reFUD gets two years behind bars

Thu, 15 Feb 2018 15:03:11 GMT

Goncalo Esteves sobbed as he was sentenced

A 24-year-old Essex man behind the reFUD.me antivirus evasion site, who made an estimated half a million pounds from Bitcoin, has been jailed for two years.…




UK names Russia as source of NotPetya, USA follows suit

Thu, 15 Feb 2018 08:33:09 GMT

'Almost certain' assessment enough for official blast from Foreign Office

Updated The United Kingdon's Foreign and Commonwealth Office has formally "attributed the NotPetya cyber-attack to the Russian Government", specifically the nation's military.…




PCI Council and X9 Committee to combine PIN security standards

Thu, 15 Feb 2018 07:29:09 GMT

One PIN to rule them all, one PIN to find them, one PIN to rule them all and in the darkness bind them

The PCI Security Standards Council (PCI SSC) and financial services standards outfit the Accredited Standards Committee X9 have decided to combine forces on personal-identification-number-handling-rules.…




Hate to ruin your day, but... Boffins cook up fresh Meltdown, Spectre CPU design flaw exploits

Wed, 14 Feb 2018 23:50:50 GMT

And upcoming hardware changes may not be enough to kill off these security bugs

When details of the Meltdown and Spectre CPU security vulnerabilities emerged last month, the researchers involved hinted that further exploits may be developed beyond the early proof-of-concept examples.…




US govt staffers use personal gear on work networks, handle biz docs on the reg – study

Wed, 14 Feb 2018 22:33:09 GMT

As in on the regular, not... oh never mind

Employees of US government agencies are largely ignoring basic security measures.…




Hua-no-wei! NSA, FBI, CIA bosses put Chinese mobe makers on blast

Wed, 14 Feb 2018 22:14:20 GMT

No probs, says Huawei: It's a big world, we don't need America

Don't trust the Chinese – that seemed to be the theme at Tuesday's open US Senate Intelligence Committee hearings on Capitol Hill.…




Crypto-gurus: Which idiots told the FBI that Feds-only backdoors in encryption are possible?

Wed, 14 Feb 2018 20:06:05 GMT

Brilliant boffins back bullsh*tting bureau bollocking

Four cryptography experts have backed a US Senator's campaign to force the FBI to explain how exactly a Feds-only backdoor can be added to strong and secure encryption.…




Three in hospital after NSA cops open fire on campus ram-raid SUV

Wed, 14 Feb 2018 19:29:31 GMT

Roses are red, spy agencies are black, US g-men don't fsck around when under attack

Three people are in hospital after a car rammed a barrier at the NSA headquarters in Fort Meade, Maryland, today at around 0655 ET (0355 PT, 1155 UTC).…




Roses are red, Kaspersky is blue: 'That ban's unconstitutional!' Boo hoo hoo

Wed, 14 Feb 2018 14:05:11 GMT

New front opens in Russian firm's legal fight with US gov

Kaspersky Lab, the antivirus house, now claims that the US government's ban on its products amounts to punishment without trial.…




From tomorrow, Google Chrome will block crud ads. Here's how it'll work

Wed, 14 Feb 2018 12:00:05 GMT

Consider it a wakeup call for websites – it's time to end the scourge of awful banners

Starting tomorrow, Google, which makes most of its money from online advertising, will begin blocking egregious ads in its Chrome browser under limited circumstances – though it would really rather not.…




South China waters are red, Brit warships are blue, HMS Sutherland's sailing there

Wed, 14 Feb 2018 11:32:12 GMT

And Queen Lizzie will too

A British warship has set sail for the South China Sea, paving the way for aircraft carrier HMS Queen Elizabeth to do the same thing in three years’ time.…




Microsoft working to scale Blockchain for grand distributed ID scheme

Wed, 14 Feb 2018 06:29:05 GMT

Someone's got to get it scaling!

Microsoft's wanted a really good federated identity scheme ever since the early 2000s, when it gave the world Project Hailstorm, aka ".Net My Services", to let a web of online services know a little about you and the information you are happy to share with others.…




OpenSSL alpha adds TLS 1.3 support

Wed, 14 Feb 2018 06:01:06 GMT

Shambling corpse of ancient, shoddy, buggy, crypto shoved towards the grave

Developers working with OpenSSL can finally start to work with TLS 1.3, thanks to the alpha version of OpenSSL 1.1.1 that landed yesterday.…




Meltdown-and-Spectre-detector comes to Windows Analytics

Wed, 14 Feb 2018 05:02:07 GMT

After flubbing its early responses, Microsoft's thrown sysadmins a bone

Microsoft's added a Meltdown-and-Spectre detector to Windows Analytics, the company's telemetry analysis tool for sysadmins.…




Roses are red, Windows error screens are blue. It's 2018, and an email can still pwn you

Wed, 14 Feb 2018 01:01:04 GMT

Here's a bumper crop of security fixes you do not want to miss

Patch Tuesday Serious security flaws in Outlook and Edge are headlining a busy Microsoft Patch Tuesday.…




While Western Union wired customers' money, hackers transferred their personal deets

Tue, 13 Feb 2018 21:40:09 GMT

Outside storage outfit blamed for data leak blunder

Western Union has confirmed one of its IT suppliers was hacked, and that customer information was exposed to miscreants.…




Shock horror! Telegram messaging app proves insecure yet again!

Tue, 13 Feb 2018 21:05:50 GMT

Unicode clumsiness allowed months of malware installations

Telegram has fixed a security flaw in its desktop app that hackers spent several months exploiting to install remote-control malware and cryptocurrency miners on vulnerable Windows PCs.…




UK Home Sec Amber Rudd unveils extremism blocking tool

Tue, 13 Feb 2018 10:48:53 GMT

Brought to you by those who 'understand necessary hashtags'

UK Home Secretary Amber Rudd has announced a tool that purports to detect and block jihadist content online, and tech companies may end up being legally required to use it.…




The strange case of the data breach that stayed online for a month

Tue, 13 Feb 2018 08:25:12 GMT

Your security is only as good as your partners' ability to fix messes and flush caches

A couple of weeks ago Jeff* quit his job at the Singaporean branch of a major enterprise technology vendor that is, if not quite a household name, certainly known to most IT professionals.…




Equifax hack worse than previously thought: Biz kissed goodbye to card expiry dates, tax IDs etc

Tue, 13 Feb 2018 02:13:38 GMT

Pwned credit-score biz quietly admits more info lost

Last year, Equifax admitted hackers stole sensitive personal records on 145 million Americans and hundreds of thousands in the UK and Canada.…




Still not on Windows 10? Fine, sighs Microsoft, here are its antivirus tools for Windows 7, 8.1

Mon, 12 Feb 2018 20:40:46 GMT

Redmond extends ATP to older builds, adds third-party links

Microsoft has back-ported its Windows Defender Advanced Threat Protection (ATP) security toolkit from Windows 10 to Windows 7 and 8.1.…




Until last week, you could pwn KDE Linux desktop with a USB stick

Mon, 12 Feb 2018 15:56:12 GMT

Tweak VFAT volume to execute arbitrary code

A recently resolved flaw in the KDE Linux desktop environment meant that files held on a USB stick could be executed as soon as they were plugged into a vulnerable device.…




See that over Heathrow? It's not an airliner – it's a Predator drone

Mon, 12 Feb 2018 15:17:13 GMT

If you can fly bombs through there, you can fly parcels, too

Military efforts to approve the flying of Predator military drones through Britain’s skies could pave the way for point-to-point drone deliveries, newly disclosed correspondence has revealed.…




Cryakl ransomware antidote released after servers seized

Mon, 12 Feb 2018 12:43:10 GMT

Don't pay the miscreants – don't even fix a price

Free decryption keys for the Cryakl ransomware were released last Friday – the fruit of an ongoing cybercrime investigation.…




If you haven't already killed Lotus Notes, IBM just gave you the perfect reason to do it now, fast

Mon, 12 Feb 2018 02:58:12 GMT

Also: Big Blue's Meltdown, Spectre status updated, and a mystery bug in AIX

IBM has warned that bugs in its Notes auto-updater mean the service can be tricked into running malicious code.…




Winter Olympics website downed by cyber attack

Sun, 11 Feb 2018 23:19:34 GMT

There was nothing to see here, but please move along, nothing to see here...

Updated The Pyeongchang 2018 Winter Olympics' website went down just before the event's Friday opening ceremony in South Korea, thanks to a cyber-attack, and stayed down for about 12 hours.…




UK ICO, USCourts.gov... Thousands of websites hijacked by hidden crypto-mining code after popular plugin pwned

Sun, 11 Feb 2018 15:41:56 GMT

Biz scrambles to shut down crafty coin crafting operation

Thousands of websites around the world – from the UK's NHS and ICO to the US government's court system – were today secretly mining crypto-coins on netizens' web browsers for miscreants unknown.…




NSA code backported, crims cuffed, leaky AWS S3 buckets, and more

Sat, 10 Feb 2018 04:27:11 GMT

But it's not all good news!

Roundup Here's a roundup of this week's security news, beyond what we've already covered, to kickstart your weekend.…




Corpse! of! Yahoo! drags! emails! of! the! dead! case! to! US! Supreme! Court!

Fri, 09 Feb 2018 14:26:44 GMT

'Pon their Oath, they're not having this

Should a court-appointed lawyer be allowed to rifle through your email account after you die? The artist formerly known as Yahoo! has asked the US Supreme Court to answer that question for users in the United States.…




VMware sticks finger in Meltdown/Spectre dike for virtual appliances

Fri, 09 Feb 2018 03:58:04 GMT

Proper patches under way, but for now - to your command lines, vAdmins!

VMware has advised on how to mitigate the Meltdown and Spectre chip design flaws in several of its products.…




Wish you could log into someone's Netgear box without a password? Summon a &genie=1

Fri, 09 Feb 2018 00:34:38 GMT

Get patching – there's this auth bypass and loads of other bugs

If you're using a Netgear router at home, it's time to get patching. The networking hardware maker has just released a tsunami of patches for a couple of dozen models of its kit.…




Now that's taking the p... Sewage plant 'hacked' to craft crypto-coins

Thu, 08 Feb 2018 19:51:13 GMT

Mining Monero on SCADA networks? Why can't you kids be normal and just DDoS

Updated Infosec bods say they have uncovered what's thought to be the first case of a major industrial control system network infected with cryptocurrency-mining malware.…




From July, Chrome will name and shame insecure HTTP websites

Thu, 08 Feb 2018 18:00:05 GMT

Shame! Shame! says carrot-dangling Google

Three years ago, Google's search engine began favoring in its results websites that use encrypted HTTPS connections.…




CyberThreat18: 2 days of bughunting, techie chat and code lockdown

Thu, 08 Feb 2018 11:11:07 GMT

New event for infosec pros

Promo Are you confident you could defend your IT systems against an unexpected attack? Could you spot the early signs of an incursion coming from any direction, as roving bands of hackers, data thieves and other miscreants grow ever more ingenious and determined?…




Apple's top-secret iBoot firmware source code spills onto GitHub for some insane reason

Thu, 08 Feb 2018 09:28:11 GMT

If you want a crash course in learning Arm code, now's your – hm, maybe not

The confidential source code to Apple's iBoot firmware in iPhones, iPads and other iOS devices has leaked into a public GitHub repo.…




Intel adopts Orwellian irony with call for fast Meltdown-Spectre action after slow patch delivery

Thu, 08 Feb 2018 08:03:12 GMT

For now, have some code that won't crash Skylakes and stay close to your Telescreens

Intel's offered the world some helpful advice about how to handle the Meltdown and Spectre chip design flaws it foisted on the world.…




New strife for Strava: Location privacy feature can be made transparent

Thu, 08 Feb 2018 04:03:02 GMT

Circles within circles make it easy to find the midpoint

Analysis by mobile device management outfit Wandera has suggested that newly notorious exercise-tracking app Strava's “location privacy” feature isn't very good at hiding users' homes.…




PSA: If your security starts and ends with bug bounties, you're gonna have a bad time

Thu, 08 Feb 2018 03:16:43 GMT

US Senate probes Uber's hacker hush-hushing

Analysis Remember when Uber tried to cover up the fact its AWS datastore containing records on 57 million riders and drivers had been hacked? And that it bunged the hackers $100,000 to shut them up, and then disguised the expense as a bug bounty payout?…




Unlucky 13 collared by cops hunting cyber-crew who stole up to $2.2bn

Thu, 08 Feb 2018 01:27:25 GMT

Wait, this bank-card-stealing ring is called Infraud? Infraud? Not exactly subtle, people

Thirteen out of 36 individuals indicted for their alleged involvement in a transnational cybercrime group know as Infraud have been arrested, the US Department of Justice announced on Wednesday.…




Boffins crack smartphone location tracking – even if you've turned off the GPS

Wed, 07 Feb 2018 11:55:05 GMT

Permission? Who needs it?

Religiously turning off location services may not save you from having your smartphone tracked: a group of IEEE researchers have demonstrated it's possible to track mobes even when GPS and Wi-Fi are turned off.…