Subscribe: The Register - Security: ID
http://www.theregister.co.uk/security/identity/headlines.rss
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
app  attack  bug  chrome  code  data  google  hackers  malware  new  ransomware  security  service  systems  windows  year     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security: ID

The Register - Security



Biting the hand that feeds IT



Copyright: Copyright 2017, Situation Publishing
 



Western Union coughs up $586m for turning a blind eye to fraudsters

Mon, 23 Jan 2017 23:39:52 GMT

Helping internet scammers proved profitable, for a while

Western Union will forfeit more than half a billion dollars after admitting it broke money laundering laws.…




Cisco's WebEx Chrome plugin will execute evil code, install malware via secret 'magic URL'

Mon, 23 Jan 2017 23:19:00 GMT

Just get rid of it – bin it now

Malicious websites can remotely execute commands on Windows systems that have Cisco WebEx's Chrome extension installed. About 20 million people actively use this broken software.…




What links macOS, iOS, Safari, tvOS, watchOS? They all need patching

Mon, 23 Jan 2017 22:54:31 GMT

Apple squashes a bunch of security bugs, so get installing

Apple has emitted a set of software security updates for all of its major operating systems.…




China's Great Firewall to crack down on unofficial VPNs – state-approved net connections only

Mon, 23 Jan 2017 21:21:38 GMT

良藥苦口

The Chinese government has started an 18-month crackdown that will require all VPN providers to seek government approval for their activities if they want to stay in business.…




IBM stuffs visualization tech into its bulging, uh, security portfolio

Mon, 23 Jan 2017 19:06:58 GMT

San Francisco's Agile 3 Solutions acquired

IBM has announced a deal to buy data visualization firm Agile 3 Solutions, a San Francisco-based privately held company. The terms of the deal, announced Monday, were not disclosed.…




Head of GCHQ Robert Hannigan steps down for 'personal reasons'

Mon, 23 Jan 2017 15:29:33 GMT

Cites demand on his family, will be replaced by 2019

The Director General of GCHQ, Robert Hannigan, has announced his intention to step down as leader of the UK signals intelligence agency.…




Lloyds Bank outage: DDoS is prime suspect

Mon, 23 Jan 2017 13:52:40 GMT

But it is keeping schtum

A DDoS attack was reportedly behind online outages at Lloyds Bank a fortnight ago.…




Protected US military server poked via army recruitment website

Mon, 23 Jan 2017 08:30:07 GMT

SNAFU reported via bug bounty program

Beads of sweat must have surely run down the face of one hacker who, while trying to score a bug bounty, inadvertently infiltrated an "internal US Department of Defence website that requires special credentials to access."…




It's 2017 and 200,000 services still have unpatched Heartbleeds

Mon, 23 Jan 2017 07:27:05 GMT

What does it take to get people patching? Not Reg readers, obviously. Other, silly people

Some 200,000 systems are still susceptible to Heartbleed more than two years and 9 months after the huge vulnerability was disclosed.…




Go dark with the flow: Lavabit lives again

Mon, 23 Jan 2017 07:03:13 GMT

Another shot at spook-proofing email

It's taken longer than first expected, but the first fruits of Lavabit founder Ladar Levison's Dark Mail Technical Alliance have landed with the relaunch of the encrypted mail service he closed in 2013.…




Satan enters roll-your-own ransomware game

Mon, 23 Jan 2017 06:02:10 GMT

Code named for Prince of Darkness offers commissions for spreading evil

Satan is infecting computers, encrypting files and demanding ransoms.…




Symantec carpeted over dodgy certificates, again

Mon, 23 Jan 2017 02:58:12 GMT

You had one job ... and it wasn't letting test certs escape into the wild and then revoking them

Symantec has confirmed that it's revoked another bunch of wrongly-issued certificates.…




Mozilla wants infosec activism to be the next green movement

Mon, 23 Jan 2017 00:57:04 GMT

Chief Mozillan calls for grass roots movement akin to 1960s' environmental awakenings

Mozilla has issued a prototype of its first internet health report in a bid to make humans give security and privacy the same level of attention they devote to climate change.…




350,000 Twitter bot sleeper cell betrayed by love of Star Wars and Windows Phone

Fri, 20 Jan 2017 21:35:12 GMT

Computer researchers uncover yuuuge dormant army

Computer boffins Juan Echeverria and Shi Zhou at University College London have chanced across a dormant Twitter botnet made up of more than 350,000 accounts with a fondness for quoting Star Wars novels.…




Rap for crap WhatsApp trap flap: Yack yack app claptrap slapped

Fri, 20 Jan 2017 20:08:12 GMT

Security gurus condemn sensational reporting of encryption backdoor-that-wasn't

Computer security experts and cryptographers have accused The Guardian of overblowing what was reported to be a backdoor in WhatsApp's encryption.…




General Electric plays down industrial control plant vulnerabilities

Fri, 20 Jan 2017 17:30:12 GMT

Only a local hacker in a facility would be able to run an attack

General Electric (GE) has pushed out an update to its industrial control systems following the discovery of vulnerabilities that create a way for hackers to steal SCADA system passwords.…




Trump's 'cyber tsar' Giuliani among creds leaked in mass hacks

Fri, 20 Jan 2017 16:33:39 GMT

We've got four more years, people

Passwords used by Donald Trump's incoming cybersecurity advisor Rudy Giuliani and 13 other top staffers have been leaked in mass hacks, according to a Channel 4 investigation.…




Unbreakable Locky ransomware is on the march again

Fri, 20 Jan 2017 08:41:11 GMT

Necurs botnet wakes up and starts fresh malware-cano

Cisco is warning of possible return of a massive ransomware spam campaign after researchers noticed traces of traffic from the hitherto dormant Necurs botnet.…




Shocking crime surge – THE TRUTH: England, Wales stats now include hacking and fraud

Fri, 20 Jan 2017 07:19:06 GMT

'More realistic picture' we're told

Crime stats for England and Wales have shown a huge year-on-year increase. Don't panic, though: it's due to the inclusion of fraud and computer misuse offences for the first time.…




Viral Chinese selfie app Meitu phones home with personal data

Fri, 20 Jan 2017 06:02:10 GMT

Reg man submits self to invasive sparkly-unicorn androgyny transformation

PIC The Meitu selfie horrorshow app going viral through Western audiences is a privacy nightmare, researchers say.…




Operator of DDoS protection service named as Mirai author

Fri, 20 Jan 2017 03:02:13 GMT

Krebs says he's fingered author of epic IoT web assault code

The author of the massive distributed denial-of-service attack malware Mirai, which ropes infected routers and internet of things devices into remotely controlled armies, is a New Jersey man, according to journo Brian Krebs.…




'Beeeellion-dollar' mastercrooks in hotel, restaurant blitzkrieg

Thu, 19 Jan 2017 15:52:48 GMT

Carbanak: It's not just a caramel-flavoured choc-trocity. It's also malware

The Carbanak cyber criminal gang is abusing Google’s infrastructure as a conduit for botnet control.…




Trump inauguration DDoS protest is 'illegal', warn securobods

Thu, 19 Jan 2017 12:06:02 GMT

Whitehouse.gov down?

A software engineer is calling on netizens opposed to Donald Trump to visit the Whitehouse.gov site and overload it with traffic tomorrow.…




ProtonMail launches Tor hidden service to dodge totalitarian censorship

Thu, 19 Jan 2017 09:33:10 GMT

Known oppressive regimes including Egypt, and er... the UK? Oh, the IP Act is law...

ProtonMail, the privacy-focused email business, has launched a Tor hidden service to combat the censorship and surveillance of its users.…




What's the biggest danger to the power grid? Hackers? Terrorists? Er, squirrels

Thu, 19 Jan 2017 07:57:07 GMT

Turns out Mother Nature is a killer for power and people

Video For decades now people have been claiming that the power grid could be taken down by terrorists. However, simple statistical analysis shows that the biggest danger isn't online hackers, but squirrels – aka rats with good PR.…




Chrome dev explains how modern browsers make secure UI just about impossible

Thu, 19 Jan 2017 06:00:12 GMT

The 'LINE OF DEATH' between safe content and untrustworthy stuff is receding every year

Google Chrome engineer Eric Lawrence has described the battle of browser barons against the 'line of death', an ever-diminishing demarcation between trusted content and the no-man's land where phishers dangle their poison.…




Insecure Hadoop installs next in 'net scum crosshairs

Thu, 19 Jan 2017 04:03:04 GMT

Because MongoDB, Elasticsearch ransomware attacks are sooo last week

Rinse-and-repeat ransomware attacks on data services left unsecured by dozy sysadmins are now hitting Hadoop instances.…




Adobe's naughty Chrome telemetry code had XSS problem

Thu, 19 Jan 2017 01:27:07 GMT

Since patched, but a bad look for Adobe when it can't even get snoopware right

Adobe's pushed out a fix for its already-controversial Chrome telemetry extension after Project Zero's Tavis Ormandy found an egregious bug.…




Silence is golden: How Google hunts Android malware in the wild

Wed, 18 Jan 2017 22:29:14 GMT

When mobes and gadgets stop verifying app installations, you're gonna have a bad time

To determine whether a mobile app is potentially harmful, Google listens for the sound of silence.…




College fires IT admin, loses access to Google email, successfully sues IT admin for $250,000

Wed, 18 Jan 2017 19:50:18 GMT

Sacked techie claims school retaliated over race complaint

Shortly after the American College of Education (ACE) in Indiana fired IT administrator Triano Williams in April, 2016, it found that it no longer had any employees with admin access to the Google email service used by the school.…




'Ancient' Mac backdoor discovered that targets medical research firms

Wed, 18 Jan 2017 15:35:13 GMT

More secure than PC? Ha!

Security researchers at Malwarebytes have discovered a Mac backdoor using antiquated code that targets biomedical research facilities.…




Ooooh, that's NASty. Security-watchers warn over man-in-the-middle risk

Wed, 18 Jan 2017 13:21:49 GMT

Small flaws, but they add up

Vulnerabilities in a network attached storage (NAS) devices made by QNAP Systems create a potential means for hackers to steal data and passwords, execute commands or drop malware on vulnerable kit, say security researchers.…




Hacker cracks Facebook with remote code execution bug

Wed, 18 Jan 2017 05:28:06 GMT

ImageMagick exploit earns chap US$40k bug bounty

Facebook has paid US$40,000 to vulnerability hunter Andrew Leonov for disclosing how the hacker gained remote code execution on its servers through the widely-reported ImageMagick flaw.…




Ransomware scum infect cancer non-profit

Wed, 18 Jan 2017 04:58:04 GMT

Cyber-bastards lower bar

Ransomware scum have hit a new low by infecting a not-for-profit cancer support organization in Muncie, Indianapolis, US.…




SOHOpeless routers offer hard-coded credentials and command injection bugs

Wed, 18 Jan 2017 04:01:12 GMT

Researcher says Zyxel and Billion kit in Thailand, and probably beyond, are rotten

Yet again, home routers are the home of SOHOpelessness: Zyxel and Billion units distributed in Thailand by TrueOnline have backdoors, and the researcher who found the flaw says the vendors have ignored his attempts to notify them.…




Kill it with fire: US-CERT urges admins to firewall off Windows SMB

Wed, 18 Jan 2017 01:58:13 GMT

Shadow Brokers may have loosed a zero-day so you're better safe than sorry

The US computer emergency readiness team is recommending organisations ditch old versions of the Windows SMB protocol and firewall off access to file servers – after a potential zero-day exploit was released by the Shadow Brokers hacking group.…




Credential-stuffers enjoy up to 2% attack success rate – report

Tue, 17 Jan 2017 16:29:12 GMT

It's kinda easy when all the passwords are 1234567

Hackers achieve a success rate of 0.1 to 2 per cent when reusing stolen credentials to access other sites, according to a new study by Shape Security.…




Mega UK hospitals trust Barts says IT borkage was due to trojan – not ransomware

Tue, 17 Jan 2017 16:03:39 GMT

Oh, well, that's all right then

Barts Health NHS Trust has blamed the disruption of its IT systems last Friday on a trojan horse infection and not ransomware.…




Ransomware brutes smacked 1 in 3 NHS trusts last year

Tue, 17 Jan 2017 12:27:11 GMT

One was hit 19 times over 12 months

A third (30 per cent) of NHS trusts have been infected by ransomware, with one – the Imperial College Healthcare in London – suffering 19 attacks in just 12 months.…




Devs reverse-engineer 16,000 Android apps, find secrets and keys to AWS accounts

Tue, 17 Jan 2017 07:20:14 GMT

It's 2017 and developers are still doing really dumb things

A security firm has reverse engineered 16,000 Android apps on Google's Play store and found that over 304 contain sensitive secret keys.…




Dodgy Dutch developer built backdoors into thousands of sites

Tue, 17 Jan 2017 06:54:13 GMT

Then hoovered out users' personal data, stole identities galore and spent up big

Update Dutch police are this week warning 20,000 users that their email accounts were hacked after a malicious web developer left backdoors in the sites he built.…




911 app is a joke, says security researcher Randy Westergren

Tue, 17 Jan 2017 03:02:42 GMT

'Panic Button' could be pressed by miscreants, repeatedly

The Rave Panic Button app, designed to allow businesses to summon emergency services, allows miscreants to easily 'swat' targets by making false reports of emergencies says security researcher Randy Westergren.…




Dovecot mailserver graded 'nearly impenetrable'

Tue, 17 Jan 2017 01:58:13 GMT

Security audit of popular-with-service-providers package produces surprised smiles

POP and IMAP mailserver suite Dovecot has passed an extensive audit by hackers, who were able to find only three minor vulnerabilities.…




French spies warn politicians of hack risk as election draws near

Mon, 16 Jan 2017 12:52:10 GMT

Authorities uneasy in wake of alleged Russian interference in US presidential race

French authorities are warning political parties about the increased threat of cyber attacks as the country prepares to elect a new president in May.…




Windows 10 Anniversary Update crushed exploits without need of patches

Mon, 16 Jan 2017 08:01:11 GMT

Microsoft security boffins throw fresh CVEs at unpatched OS, emerge smiling

Microsoft says its Windows 10 Anniversary Update squashes more exploit delivery chains than ever.…




Google reveals its servers all contain custom security silicon

Mon, 16 Jan 2017 07:28:07 GMT

Even the servers it colocates (!) says new doc detailing Alphabet sub's security secrets

Google has published a Infrastructure Security Design Overview that explains how it secures the cloud it uses for its own operations and for public cloud services.…




Brilliant phishing attack probes sent mail, sends fake attachments

Mon, 16 Jan 2017 06:02:14 GMT

Strategy_Doc.PDF from the next cubicle is actually a portal to p0wnage

UPDATE An newly-detected Gmail phishing attack sees criminals hack and then rifle through inboxes to target account owners' contacts with thoroughly convincing fake emails.…




Just give up: 123456 is still the world's most popular password

Mon, 16 Jan 2017 01:55:58 GMT

Data diggers' dumpster dive demonstrates dumb and dumberer defences

The security industry's ongoing efforts to educate users about strong passwords appears to be for naught, with a new study finding the most popular passwords last year were 123456 and 123456789.…




Promising compsci student sold key-logger, infects 16,000 machines, pleads guilty, faces jail

Sat, 14 Jan 2017 01:50:32 GMT

What a Shames

A 21-year-old computer science student, who won a Programmer of the Year Award in high school, has admitted selling key-logging malware out of his college dorm room.…




US Marines seek more than a few good men (3,000 men and women, actually) for cyber-war

Sat, 14 Jan 2017 00:45:09 GMT

From the phones of Montezuma to the servers of Tripoli

The head of the US Marines wants to recruit about 3,000 troops skilled in online warfare and espionage to make sure the Corps is ready for 21st-century battle.…