Subscribe: The Register - Security: Malware
Added By: Feedage Forager Feedage Grade B rated
Language: English
alphabay hansa  alphabay  bug  crypto  cyber  dark web  dark  day  million  mobile  new  numbers  police  security  web     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security: Malware

The Register - Security

Biting the hand that feeds IT

Copyright: Copyright 2017, Situation Publishing

Pathetic patching leaves over 70,000 Memcached servers still up for grabs

Mon, 24 Jul 2017 21:19:42 GMT

And that’s months after patches released and warning emails sent – sort it out!

If you're running the caching service Memcached, and particularly if you're exposing it to the public internet for some reason, please make sure you've patched it. Tens of thousands of vulnerable systems haven't.…

China crams spyware on phones in Muslim-majority province

Mon, 24 Jul 2017 19:19:04 GMT

On-the-spot checks by cops to ensure creepy mass surveillance tool is installed

The Chinese government is requiring citizens in Xinjiang province to install spyware on their mobile phones and is enforcing the policy with police spot-checks, according to several online reports.…

Crims snatch 5.5 million social security numbers from Kansas govt box

Mon, 24 Jul 2017 18:53:37 GMT

A server where there isn't any trouble. Do you suppose there is such a server, Toto?

Hackers have lifted not only the social security numbers and personal information of half a million jobseekers in Kansas – but also records on more than five million people from nine other US states.…

Cyber arm of UK spy agency left without PGP for four months

Mon, 24 Jul 2017 15:27:04 GMT

Meanwhile Huawei gets green light, despite failure to verify source code

UK spy agency GCHQ’s cyber security arm, CESG, was left without PGP encryption for more than four months, according to a government report.…

Briton admits to router hack that DDoSed Deutsche Telekom

Mon, 24 Jul 2017 15:07:05 GMT

Tells German court it was unintentional

An as yet unnamed 29-year-old pleaded guilty on Friday to charges relating to the hijacking of more than 1.25 million Deutsche Telekom routers, according to reports in the German press.…

AlphaBay and Hansa: About those dark web marketplaces takedowns

Mon, 24 Jul 2017 11:51:25 GMT

Sellers using AlphaBay vendor 'trust' ratings on new dodgy agoras

Analysis A US Federal Bureau of Investigation veteran has spoken out on the international police ops that led to the takedown of dark web drug souks AlphaBay and Hansa, giving an insider's look at the process.…

Sweden leaked every car owners' details last year, then tried to hush it up

Sun, 23 Jul 2017 22:31:27 GMT

Another day, another botched government contract

In a slowly-unfolding scandal in Sweden, it's emerged that the country's transport agency bungled an outsourcing deal with IBM, putting both individuals and national security at risk.…

But how does our ransomware make you feel?

Fri, 21 Jul 2017 12:58:08 GMT

Psychology of ransomware threats unpicked

Ransomware crooks have become skilled psychological manipulators in their attempts to fleece victims of file-encrypting malware.…

Moneysupermarket fined £80,000 for spamming seven million customers

Fri, 21 Jul 2017 05:32:05 GMT

Go compare the original opt-out request, firm told

Price-comparison darling has been fined £80,000 for sending 7.1 million emails to customers who had opted out of receiving direct marketing emails.…

So, FCC, how about that massive DDoS? Hello? Hello...? You still there?

Thu, 20 Jul 2017 22:27:12 GMT

Like trying to get blood out of a stone

Updated America's broadband watchdog, the FCC, has declined to share any more details on the cyber-assault that apparently downed its website shortly after it announced its intent to kill net neutrality.…

US Homeland Sec boss has snazzy new laptop bomb scanning tech – but admits he doesn't know what it's called

Thu, 20 Jul 2017 22:01:03 GMT

Fscking nerds, Secretary John Kelly sighs

Flying into America? Don't worry about that crackdown on laptops and similar gear in your carry-on luggage. It's no longer happening. No, instead, the US has something else up its sleeve.…

Alphabay shutdown: Bad boys, bad boys, what you gonna do? Not use your Hotmail...

Thu, 20 Jul 2017 20:28:44 GMT

...or the Feds will get you ♪

Analysis The alleged owner of dark-web marketplace AlphaBay was tracked down by FBI because he was stupid enough to include his real Hotmail address in the content management system used to run the site.…

UK uni warns students of phishers trying to nick their tuition fees

Thu, 20 Jul 2017 19:18:10 GMT

♪ You shall have a phishy on a little dishy when the hack comes in

Foreign students looking to experience the stochastic joys of a year at Newcastle University in England are being warned that phishers are after their cash – using an unusually well-crafted attack.…

Cops harpoon two dark net whales in megabust: AlphaBay and Hansa

Thu, 20 Jul 2017 15:38:23 GMT

Tor won't shield you, warn Feds

Two of the largest dark net marketplaces - AlphaBay and Hansa - have been shut down following an international police operation.…

The eyes have IT: TSB to roll out iris-scanning tech for mobile banking

Thu, 20 Jul 2017 14:56:06 GMT

Biometrics, certificates combo to shore up security

TSB has announced plans to roll out iris-scanning technology for its mobile banking app from September.…

No one still thinks iOS is invulnerable to malware, right? Well, knock it off

Thu, 20 Jul 2017 11:07:58 GMT

As platform's popularity rose, so did its allure to miscreants

The comforting notion that iOS devices are immune to malicious code attacks has taken a knock following the release of a new study by mobile security firm Skycure.…

HMS Frigatey Mcfrigateface given her official name

Thu, 20 Jul 2017 10:42:25 GMT

It's Glasgow, before you lot get too excited

The first of the Royal Navy's new Type 26 frigates has been named HMS Glasgow, recycling the name for the fourth time in the last 100 years.…

Yeah, WannaCry hit Windows, but what about the WannaCry of apps?

Thu, 20 Jul 2017 09:12:07 GMT

Patching done proper

WannaCrypt crippled 230,000 Windows PCs internationally, hitting unpatched Windows 7 and Windows Server 2008 and computers still running Microsoft's seriously old Windows XP, though the latter wasn't responsible for its spread.…

Crazy bug of the week: Gnome Files' .MSI parser runs evil VBScripts

Thu, 20 Jul 2017 06:30:04 GMT

Grab a fix now

Gnome developers, take a bow: a bug in your image thumbnailer has opened up a (not too scary, thankfully) hole for script injection.…

Remember that Citadel bank-slurping malware? Its main man was just jailed for five years

Thu, 20 Jul 2017 05:37:12 GMT

Trojan was used to swipe $500m from victims' accounts

Russian programmer Mark Vartanyan has been sentenced to five years in US federal prison for developing and spreading the Citadel malware that stole $500m (£383m) from bank accounts around the world.…

Dahua cameras stung by Web interface bug

Thu, 20 Jul 2017 01:55:14 GMT

Long paassssswwwwwoooorrrd risks remote code execution

Chinese camera-maker Dahua has flicked out a patch to fix a possible remote code execution vulnerability in its Web admin interface.…

$30 million below Parity: Ethereum wallet bug fingered in mass heist

Thu, 20 Jul 2017 00:55:12 GMT

Crypto-cash leak made possible by software stuff-up

A vulnerability in Parity's Ethereum wallet software has been exploited by thieves to rob victims on a massive scale.…

Apple hurls out patches for dozens of security holes in iOS, macOS

Wed, 19 Jul 2017 23:24:37 GMT

Project Zero, GCHQ, and city of Mishawaka, Indiana among credited bug-hunters

Apple has today released patches addressing roughly four dozen exploitable security vulnerabilities in iOS, macOS, and WatchOS.…

School of card knocks: Russophone criminals offered online courses in credit card fraud

Wed, 19 Jul 2017 13:25:11 GMT

Обратите внимание на спину!

Cyber crime lords have come up with a new money-spinner – Russian-language e-learning courses geared towards teaching the skills necessary to rip off consumers and card companies.…

Targeted, custom ransomware menace rears its ugly head

Wed, 19 Jul 2017 09:52:00 GMT

No spraying and praying here, just precise, exorbitant attacks

Attackers are manually deploying ransomware directly into target networks to maximise the damage and potential payout.…

Solaris, Java have vulns that let users run riot

Wed, 19 Jul 2017 04:03:03 GMT

What's big, red and has 308 patches, 30 of them critical? Oracle's quarterly patch dump

Oracle's emitted its quarterly patch dump. As usual it's a whopper, with 308 security fixes to consider.…

Let's harden Internet crypto so quantum computers can't crack it

Tue, 18 Jul 2017 23:59:58 GMT

Draft blends asymmetric public/private key encryption and one-time pad analogs

In case someone manages to make a general purpose quantum computer one day, a group of IETF authors have put forward a proposal to harden Internet key exchange.…

Iranian duo charged with hacking US missile simulation software biz

Tue, 18 Jul 2017 22:03:29 GMT

Blokes allegedly lifted, cracked export-restricted rocketry design app to tout it in Iran

Two Iranian nationals have been charged with hacking a US defense technology maker to steal and sell its rocketry simulation software.…

Google G-Suite spotted erecting stiff member vetting tool

Tue, 18 Jul 2017 21:46:50 GMT

App verification signage aims to give phishing the finger

Stung by phishing attacks aimed at G Suite users earlier this year, Google has armored its cloud with extra security layers.…

China's censorship cyber-missiles shoot down pics flying through WhatsApp, chat apps

Tue, 18 Jul 2017 19:34:20 GMT

Death of Nobel laureate Liu Xiaobo reveals new powers

China has expanded its censorship tools to strip out images from chat messages in transit through its networks.…

CoinDash crowdfunding hack further dents trust in crypto-trading world

Tue, 18 Jul 2017 18:13:05 GMT

$7m pilfered from investors, white hats on the trail

More than $7m was stolen by hackers on Monday from folks investing in a cryptocurrency startup.…

Air, sea drones put through their paces on Solent testing range

Tue, 18 Jul 2017 14:17:14 GMT

Roboat firms and pals pile in

More roboats and autonomous flying machines will be tested around the Solent after a consortium of companies was handed £1.5m to set up a drone test range.…

Insurers claim cyber calamities could cost more than Hurricane Sandy

Tue, 18 Jul 2017 10:52:14 GMT

But then again they would say that, wouldn't they?

Analysis A study aiming to raise the profile of cyber insurance claims that cloud outages and ransomware outbreaks on the WannaCry scale could cost companies $81.7bn – more than natural disasters like 2012's Hurricane Sandy. That's an awful lot of money, but wait – before you fish out the wallet – how did the authors arrive at these numbers?…

Dow Jones index – of customers, not prices – leaks from AWS repo

Tue, 18 Jul 2017 03:58:08 GMT

S3 bucket was set to authenticate all AWS users, not just Dow Jones users

Dow Jones has emulated Verizon by saving various internal databases (including Wall Street Journal subscribers) in the cloud without properly securing it.…

FreeRADIUS fragged by fuzzer – by invitation – and fifteen fails found

Tue, 18 Jul 2017 01:29:11 GMT

Bug fixes shipped for all supported versions

The folks over at FreeRADIUS took a look at Guido Vranken's work with OpenSSL, liked what they saw, asked him to fuzz the famous login/security server ... and then didn't like what they saw.…

Dev to El Reg: Making web pages pretty is harder than building crypto

Mon, 17 Jul 2017 23:01:10 GMT

'' secures messages with APIs and 445 lines of JavaScript, so good luck with crypto-cracking laws!

+Comment An Australian computer scientist working in Thailand has offered his contribution to Australia's cryptography debate by creating a public-key crypto demonstrator in less than a day, using public APIs and JavaScript.…

Cisco plugs command-injection hole in WebEx Chrome, Firefox plugins

Mon, 17 Jul 2017 18:44:30 GMT

Make sure you've updated if you're using Windows

Cisco has patched its Chrome and Firefox WebEx plugins to kill a bug that allows evil webpages to execute commands on computers.…

Forgotten your Myspace password? Just a name, username, DoB will get you in – and into anyone else's, too

Mon, 17 Jul 2017 18:06:26 GMT

Blast from the past blasted

Myspace's account recovery process is hopelessly flawed, according to a security researcher.…

Facebook users pwnd by phone with account recovery vulnerability

Mon, 17 Jul 2017 10:32:10 GMT

Another lonely day, with no one but FB, oh... I'll send an SMS to the world

Facebook account recovery using pre-registered mobile numbers is poorly implemented and open to abuse, according to critic James Martindale.…

Ashley Madison throws US$11.2m on the bed to mop up leak affair

Mon, 17 Jul 2017 04:58:05 GMT

Life is short, have a quick buck

Dating site for cheaters Ashley Madison has thrown US$11.2 million on the bed to make its 2015 data leak go away.…

Burglary in mind? Easy, just pwn the home alarm

Mon, 17 Jul 2017 02:58:05 GMT

'Have to admit, it's getting better' ... no, actually, it's not

It's Monday, and infosec-watchers are showing their age by calling internet of things security disclosures “a broken record”. This time, it's a home security system that's remotely p0wnable.…

Beware, sheep rustlers of the South West of England! Police drone spy unit gets to work

Fri, 14 Jul 2017 14:03:13 GMT

Devon and Cornwall plod start using RC quadcopters

+Comment Devon and Cornwall Police is launching its drone-equipped aerial surveillance team today.…

Dark web souk AlphaBay shuts for good after police raids

Fri, 14 Jul 2017 12:44:07 GMT

Server update

Dark web marketplace AlphaBay's closure last week followed an international law enforcement operation and multiple raids, it has emerged. It has also been reported that a key suspect who was arrested in the raids has died in custody.…

Want to kill your IT security team? Put the top hacker in charge

Fri, 14 Jul 2017 07:01:04 GMT

BSides spills the beans on how to manage white hats at work

Managing an IT department at the best of times can be a struggle, and managing a security team has its own special challenges.…

Kerberos bypass, login theft bug slain by Microsoft, Linux slingers

Thu, 13 Jul 2017 23:28:09 GMT

Only took two decades to spot dodgy authentication mechanisms

A vulnerability hidden in Kerberos code for more than 20 years met its end in patches issued this week by Microsoft and several Linux vendors.…

Another day, another mass domain hijacking

Thu, 13 Jul 2017 21:52:11 GMT

Gandi admits logins stolen, 750 web addresses pointed to malware

More than 750 domain names were hijacked through the internet's own systems, registrar Gandi has admitted.…

No big deal. You can defeat Kaspersky's ATM antivirus with a really fat executable

Thu, 13 Jul 2017 18:27:14 GMT

After you've gained arbitrary execution on the cash machine, natch

Flaws have been found and fixed in Kaspersky Lab's security software for cash machines and other embedded systems. Hackers can exploit the bugs to circumvent anti-malware defenses in ATMs.…

Bupa: Rogue staffer stole health insurance holders' personal deets

Thu, 13 Jul 2017 15:03:08 GMT

Names, phone numbers, emails released into the wild

Healthcare firm Bupa suffered a data breach when an employee of its international health insurance division inappropriately copied and removed some customer information.…

Dutch Senate votes to grant intel agencies new surveillance powers

Thu, 13 Jul 2017 13:02:12 GMT

Privacy groups concerned by data-slurping 'tapping' law

Plans by the Dutch government to increase surveillance powers are likely to face opposition from privacy activists.…

Barracuda's so solid crew: We got three more quarters to go

Thu, 13 Jul 2017 11:47:10 GMT

Strong opening by backup and security shipper

Ransomware helped backup and security firm Barracuda to a solid first fiscal 2018 quarter, with revenues and subscribers both growing.…