Subscribe: The Register - Security: Malware
http://www.theregister.co.uk/security/spyware/headlines.rss
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
aircraft  apple  carry  cia  cops  court  data  fears  google  hand  network  new  researcher  security  software  users  web     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security: Malware

The Register - Security



Biting the hand that feeds IT



Copyright: Copyright 2017, Situation Publishing
 



Ever visited a land now under Islamic State rule? And you want to see America? Hand over that Facebook, Twitter, pal

Sat, 25 Mar 2017 01:01:30 GMT

Uncle Sam turns up the heat on visa hopefuls

US embassies have been told to examine social media accounts of visa applicants who have ever set foot in Islamic-State-controlled areas.…




GiftGhostBot scares up victims' gift-card cash with brute-force attacks

Fri, 24 Mar 2017 19:08:00 GMT

Software nasty can burn through 1.7 million account numbers per hour

Cybercrooks are using a bot to automate the process of breaking into and draining online gift card accounts.…




UK.gov confirms it won't be buying V-22 Ospreys for new aircraft carriers

Fri, 24 Mar 2017 14:11:05 GMT

Also confirms earlier operational date for HMS Queen Elizabeth

Britain is not buying V-22 Osprey aircraft to fly from its new aircraft carriers, the government has confirmed.…




Did you know: Crimelords behind DDoS attacks offer customer loyalty points?

Fri, 24 Mar 2017 10:51:09 GMT

Tweaking business models for greater 404 kerching

The DDoS attack business has advanced to the point that running an attack can cost as little as $7 an hour, while the targeted company can end up losing thousands, if not millions of dollars.…




Inside OpenSSL's battle to change its license: Coders' rights, tech giants, patents and more

Fri, 24 Mar 2017 07:32:12 GMT

Devs who fail to respond to call for change will count as 'yes' votes for ASL 2.0

Analysis The OpenSSL project, possibly the most widely used open-source cryptographic software, has a license to kill – specifically its own. But its effort to obtain permission to rewrite contributors' rights runs the risk of alienating the community that sustains it.…




Google slaps Symantec for sloppy certs, slow show of SNAFUs

Fri, 24 Mar 2017 04:58:05 GMT

Certs will keep working, but Chrome will be suspicious, soon

Updated Google's Chrome development team has posted a stinging criticism of Symantec's certificate-issuance practices, saying it has lost confidence in the company's practices and therefore in the safety of sessions hopefully-secured by Symantec-issued certificates.…




Amazing new WikiLeaks CIA bombshell: Agents can install software on Apple Macs, iPhones right in front of them

Thu, 23 Mar 2017 22:39:07 GMT

And in 2009 – just 8 years ago

Startling leaked documents show the CIA could purchase Apple Macs and iPhones, install spyware onto them, and give them to targets.…




If you were cuffed during Trump's inauguration, cops are trying to crack your smartphone

Thu, 23 Mar 2017 19:55:07 GMT

More than 100 mobes will only take a week to access

Vid The inauguration of President Donald Trump in the US capital was marked by protests, with cops collaring more than 200 people on the day. Now court documents reveal the US government's efforts to crack the arrestees' locked phones and slurp their contents.…




Android Forums resets passwords after hack

Thu, 23 Mar 2017 16:19:09 GMT

Only 2.5 per cent of userbase affected

Add Android Forums to the growing list of web properties that have suffered a security breach.…




eBay dumps users into insecure authentication mechanism

Thu, 23 Mar 2017 07:33:12 GMT

Dump dongles and move to SMS, says tat bazaar, oblivious to deprecation advice

Web tat bazaar eBay appears to be suggesting its readers adopt known-to-be-insecure practices when logging on to the service.…




Fake mobile base stations spreading malware in China

Thu, 23 Mar 2017 05:02:11 GMT

'Swearing Trojan' pushes phishing texts around carriers' controls

Chinese phishing scum are deploying fake mobile base stations to spread malware in text messages that might otherwise get caught by carriers.…




It's happening! It's happening! W3C erects DRM as web standard

Wed, 22 Mar 2017 20:39:12 GMT

World has until April 19 to make its views known on latest draft

The World Wide Web Consortium has formally put forward highly controversial digital rights management as a new web standard.…




Russian mastermind of $500m bank-raiding Citadel coughs to crimes

Wed, 22 Mar 2017 20:23:02 GMT

Chap's code infected 11m PCs, helped crooks make off with half a billion bucks, say Feds

The Russian programmer who built the bank-acount-raiding Citadel Trojan has admitted his crimes.…




Error prone, insecure, inevitable: Say hello to today's facial recog tech

Wed, 22 Mar 2017 19:45:10 GMT

If you want a picture of the future, imagine a database with every human visage

Facial recognition technology represents a valuable, and likely inevitable, method of identification for cops and Feds. Unfortunately, it's largely unregulated, error prone, and insecure.…




Malware 'disguised as Siemens software drills into 10 industrial plants'

Wed, 22 Mar 2017 19:34:35 GMT

Four years of active infection, claims security biz Dragos

Malware posing as legitimate software for Siemens control gear has apparently infected industrial equipment worldwide over the past four years.…




Bloke, 48, accused of whaling two US tech leviathans out of $100m

Wed, 22 Mar 2017 16:13:19 GMT

Lithuanian cuffed and charged

Evaldas Rimasauskas, a 48-year-old Lithuanian man, has been charged with defrauding two major US-based internet companies for more than $100m through whaling attacks.…




Gift cards or the iPhone gets it: Hackers threaten Apple with millions of remote wipes

Wed, 22 Mar 2017 15:26:07 GMT

'Turkish crime family' says Bitcoin's also OK

Updated Hackers who claim to have gained access to over 300 million iCloud and Apple email accounts are threatening to wipe user data unless Apple pays a ransom.…




Coppers 'persistently' breach data protection laws with police tech

Wed, 22 Mar 2017 12:57:09 GMT

Staff association warns that systems 'increasingly' being used for personal reasons

Coppers in England and Wales are "persistently" committing data breaches, according to the Police Federation's head of misconduct.…




Gemalto profits hit by crummy US card sales, dials back expectations by, oh, €100m

Wed, 22 Mar 2017 12:27:08 GMT

PINs hopes on some good news next year

Gemalto warned on Wednesday that its first-quarter revenues will be between 7 to 9 per cent lower compared to the same period of 2016.…




UK vuln 'fessing pilot's great but who's going to give a FoI?

Wed, 22 Mar 2017 09:35:08 GMT

Too many ppl, amirite? Poor old Brit govt ...

A security researcher has welcomed the UK's launch of a vulnerability co-ordination pilot while cautioning that a strategy for handling Freedom of Information requests needs to be developed.…




Web smut seekers take resurgent Ramnit malware from behind

Wed, 22 Mar 2017 07:02:04 GMT

♪ Botnet knocked down, but it gets up again ♪

Aficionados of salacious smut sites in the UK and Canada are picking up some nasty software that infects systems by using corrupted pop-under adverts.…




Mac OS IM tool Adium lagging on library security vulnerability

Wed, 22 Mar 2017 04:02:12 GMT

libpurple is a 'binary blob of unknown provenance' says researcher

A developer is warning Adium users to pick a different messaging app because of an exploitable vulnerability in its underlying libpurple version.…




Microsoft's 'Application Verifier' bug-finder is easily pwnable

Wed, 22 Mar 2017 01:56:05 GMT

Undocumented feature allows installation of persistent malware

Updated “Don't create undocumented features” should be tattooed in the corner of every developer's eye: there's one in the Microsoft Application Verifier Provider that provides attack vectors on everything Windows since XP.…




What should password managers not do? Leak your passwords? What a great idea, LastPass

Tue, 21 Mar 2017 19:54:02 GMT

Critical bugs found in Chrome, Firefox add-ons

Updated Password vault LastPass is scrambling to patch critical security flaws that malicious websites can exploit to steal millions of victims' passphrases.…




Now UK bans carry-on lappies, phones, slabs on flights from six nations amid bomb fears

Tue, 21 Mar 2017 18:14:32 GMT

Hit list: Turkey, Lebanon, Egypt, Jordan, Tunisia, Saudi Arabia

The UK has banned airline passengers on direct inbound flights from six countries in the Middle East and North Africa from taking a range of electronic devices into the cabin due to fears of a terrorist attack.…




World's worst botnet fiends switch from ransomware to stock scam spam

Tue, 21 Mar 2017 17:29:08 GMT

IT LIVES!

Cybercriminals behind the Necurs botnet have reactivated the zombie network and returned to their original business of using compromised machines as conduits for spam distribution.…




Three cops to data breach

Tue, 21 Mar 2017 12:56:11 GMT

Customers able to view account details of other users

Mobile operator Three has admitted that some customers were able to view the mobile account details of other Three users via their accounts yesterday.…




Airplane bomb fears spark America's laptop, tablet carry-on ban

Tue, 21 Mar 2017 10:00:08 GMT

Mid-East airports, airlines hit by tough luggage crackdown amid terror intel

Updated Fears of terrorists smuggling bombs disguised as laptops onto airplanes has triggered a fresh crackdown on carry-on luggage.…




Tip for darknet drug lords: Don't wear latex gloves to the post office

Tue, 21 Mar 2017 06:02:11 GMT

Fentanyl merchant was good at Tor, rubbish in meatspace and at deleting browser history

Delivery is the weakest link in the “dark web” drug trade: the postal habits of a large-scale trader have led to his undoing.…




DNS lookups can reveal every web page you visit, says German boffin

Tue, 21 Mar 2017 04:08:12 GMT

The fix is simple: turn your modem on and off again to get a new IP address. Or ask your ISP to assign them more often

Domain-name lookups only reveal websites visited, not individual pages viewed, right? Wrong: the interaction between a user and the DNS is more revealing than previously believed, according to a paper from German postdoc researcher Dominik Herrmann.…




Nest cameras can be easily blacked out by Bluetooth burglars

Tue, 21 Mar 2017 01:05:21 GMT

So far, no patch available to the public

Updated Nest's Dropcam and Dropcam Pro security cameras can be wirelessly attacked via Bluetooth to crash and stop recording footage. This is perfect for burglars and other crooks who want to knock out the cams moments before robbing a joint.…




Confirmed: TSA bans gear bigger than phones from airplane cabins

Mon, 20 Mar 2017 23:11:55 GMT

Air travel to the US from eight countries appears to be affected

People traveling by air to America from an undisclosed list of countries will no longer be allowed to carry devices larger than a mobile phone in carry-on baggage.…




FBI, NSA top brass: We've seen jack squat to back up Trump's claims of Obama wiretaps

Mon, 20 Mar 2017 20:29:29 GMT

Meanwhile, potential Russian campaign links probed

Vid Monday mornings are never pleasant, are they? Take FBI director James Comey and head of the NSA Admiral Mike Rogers, for example, who kicked off their week by being grilled by the US House Select Intelligence Committee.…




'Sorry, I've forgotten my decryption password' is contempt of court, pal – US appeal judges

Mon, 20 Mar 2017 19:51:33 GMT

Claiming you can't remember your passphrase to unlock data is willful defiance

The US Third Circuit Court of Appeals today upheld a lower court ruling of contempt against an ex-cop who claimed he couldn't remember the password to decrypt his computer's hard drives.…




WWE star's swiped sex snaps survey spam snares selfie sickos

Mon, 20 Mar 2017 19:43:09 GMT

Click here to see her stolen nudes, and then here, and here, and again here, and...

Scammers are exploiting a new batch of leaked celebrity nudes, using the stolen selfies to lure in gawpers and make a fast buck.…




Dr Hannah Fry: We need to be wary of algorithms behind closed doors

Mon, 20 Mar 2017 15:08:05 GMT

UCL researcher on the tragedy of the age of data

Interview Sure, algorithms are insanely useful, but we need to watch we don't become complacent and unable to question them, University College London's Dr Hannah Fry warned in an interview with The Register.…




Norfolk County Council sent filing cabinet filled with kids' info to a second-hand shop

Mon, 20 Mar 2017 11:25:13 GMT

And all it got in return was a £60k fine

Updated Norfolk County Council left files containing sensitive information about children in a cabinet that was dispatched to a second-hand shop.…




Atlassian admins, your Struts 2 patch has landed

Mon, 20 Mar 2017 04:02:10 GMT

HipChat, Bamboo, and Crowd get fix

Atlassian has joined the growing list of vendors to patch its products against the Apache Struts 2 vulnerability.…




Git sprints carefully towards SHA-1 deprecation

Mon, 20 Mar 2017 00:57:07 GMT

The sky still isn't falling

Following the February controversy over whether or not Google's SHA-1 collision broke Git, its community has taken the first small steps towards replacing the ancient hash function.…




Cisco reports bug disclosed in WikiLeaks' Vault 7 CIA dump

Sun, 19 Mar 2017 21:00:09 GMT

More than 300 Borg switches carry critical IOS Telnet vuln the CIA knew about before Cisco

It looks like Cisco won't be chasing up a partnership with WikiLeaks: it's combing the "Vault7" documents itself, and has turned up an IOS / IOS XE bug in more than 300 of its switch models.…




McDonalds India's delivery app was a golden honeypot

Sun, 19 Mar 2017 19:58:12 GMT

Would you like data on 2.2 MEELLION users with that API query?

McDonald's India has 'fessed up that its app spaffed personal data to all and sundry and has urged users to install an update.…




Friday security roundup: Secret Service laptop bungle, hackers win prizes, websites leak

Sat, 18 Mar 2017 00:06:38 GMT

And light shed on WikiLeaks' CIA tools handover

Updated Friday is usually a good day to bury bad news and there are a number of stories bubbling under before we all head out for the weekend.…




The priest, the coder, the Bitcoin drug deals – and today's guilty verdicts

Fri, 17 Mar 2017 20:02:48 GMT

What would Jesus do? Jump on Tor and blow cryptocurrency on blow, apparently

A New Jersey pastor and a Florida software engineer were today found guilty of bribery, wire fraud, bank fraud, and fraud conspiracy.…




An under-appreciated threat to your privacy: Security software

Fri, 17 Mar 2017 16:02:08 GMT

Also, yes, we can handle the CIA, says F-Secure lead researcher Jarno Niemelä

Interview The very software that is supposed to protect your security is an under-appreciated threat to privacy because of the massive amount of data many products secretly gather on customers, according to F-Secure's Jarno Niemelä.…




Brit firm lands £58m EU spy drone 'copter contract

Fri, 17 Mar 2017 15:30:10 GMT

Who needs humans to gaze over the seas anyway?

A British firm has won a contract with the EU to supply border control surveillance helicopter drones.…




National Audit Office: Brit aircraft carrier project is fine and dandy... for now

Fri, 17 Mar 2017 14:02:10 GMT

Small matter of an ongoing personnel shortage, though

The National Audit Office has confirmed that F-35 fighter jets should be flying from new British aircraft carrier HMS Queen Elizabeth by the year 2020, if all goes to plan.…




Shameless crooks fling Star Trek-themed ransomware at world

Fri, 17 Mar 2017 12:26:11 GMT

Live long and (don't) prosper

Audacious cybercriminals have created an Star Trek-themed strain of ransomware.…




Are you undermining your web security by checking on it with the wrong tools?

Fri, 17 Mar 2017 07:05:10 GMT

Probably yes, warns US-CERT in HTTPS interception advisory

Your antivirus and network protection efforts may actually be undermining network security, a new paper and subsequent US-CERT advisory have warned.…




Ubiquiti network gear can be 'hijacked by an evil URL' – thanks to its 20-year-old PHP build

Thu, 16 Mar 2017 21:56:04 GMT

And, nope, no patch

Updated Security researchers have gone public with details of an exploitable flaw in Ubiquiti's wireless networking gear – after the manufacturer allegedly failed to release firmware patches.…




Judge issues search warrant for anyone who Googled a victim's name

Thu, 16 Mar 2017 21:01:00 GMT

US court order casts really, really, really wide net

Updated A judge in Minnesota, America, has granted cops a search warrant to direct Google to provide personal details about anyone searching for a specific name.…