Subscribe: The Register - Security: Malware
Added By: Feedage Forager Feedage Grade A rated
Language: English
attack  data  hackers  hit  malware  might  new  ransomware  security  wannacrypt outbreak  wannacrypt  week  windows     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security: Malware

The Register - Security

Biting the hand that feeds IT

Copyright: Copyright 2017, Situation Publishing

Domains tainted by RoughTed malvertising reap half a billion hits

Thu, 25 May 2017 16:38:04 GMT

Some of which comes from Alexa top 500 websites

A strain of adblocker-aware malvertising is responsible for a range of scams, exploits and general skulduggery.…

NHS Digital stopped short of advising against paying off WannaCrypt

Thu, 25 May 2017 14:04:07 GMT

Trusts may have had corrupted backups... or none at all

NHS Digital stopped short of advising health organisations in England not to cough up for the WannaCrypt ransom attack because it couldn't be certain that all hospitals had backed up patient records.…

'Cloak and dagger' vuln rolls critical hit against latest Android versions

Thu, 25 May 2017 11:08:00 GMT

Malicious combination of legitimate permissions

Updated A distinct class of Android vulnerability has been unearthed by computer scientists at the Georgia Institute of Technology in Atlanta.…

Ransomware hits Australian hospitals after botched patch

Thu, 25 May 2017 03:18:47 GMT

WannaCry? Minister says data is safe, so save your tears for now

Hospitals connected to Australian State of Queensland's integrated electronic medical record system (ieMR) are suffering outages attributed to patching against a ransomware attack.…

Fat-thumbed dev slashes Samba security

Thu, 25 May 2017 01:03:08 GMT

Remote code execution in all versions since 3.5.0, so it's patching time!

Sysadmins tending Samba need to get patching.…

Democracy-minded DEF CON hackers promise punishing probe on US election computers

Wed, 24 May 2017 22:36:23 GMT

Voting machine hacking could turn very ugly

Organizers at the DEF CON hacking conference in July are planning a mass cracking of US electronic election machines.…

Feeling Locky, punk? Ransomware grew eight-fold last year

Wed, 24 May 2017 21:04:03 GMT

Days of future past

Ransomware saw a more than eight-fold (752 per cent) increase as a mode of attack in 2016, according to Trend Micro.…

64-bit malware threat may be itty-bitty now, but it's only set to grow

Wed, 24 May 2017 13:00:10 GMT

Upgrade and they will come

The volume of 64-bit malware in the wild remains low even though computers running 64-bit operating systems became ubiquitous years ago.…

Speaking in Tech: Depressing WannaCrypt postmortem edition

Wed, 24 May 2017 11:34:06 GMT

Podcast At least we'll always have #catsinteslas

Network-sniffing, automation, machine learning: How to get better threat intel

Wed, 24 May 2017 08:39:12 GMT

When two 'innocent' events on the network are anything but

IT teams can get away with poor service management, outdated software development methods and outdated apps running on legacy tin, but they might want to think twice before skimping on cybersecurity. If you don't stay on top of this stuff, while you might not be found out today or tomorrow, eventually, your customers’ personal details might just turn up on Pastebin.…

What's got a vast attack surface and runs on Linux? Windows Defender, of course

Wed, 24 May 2017 01:58:06 GMT

Penguinistas, rejoice: Tavis Ormandy lets you fuzz Windows

Google Project Zero's Windows bug-hunter and fuzz-boffin Tavis Ormandy has given the world an insight into how he works so fast: he works on Linux, and with the release of a personal project on GitHub, others can too.…

How good are selfies these days? Good enough to fool Samsung Galaxy S8 biometrics

Wed, 24 May 2017 01:32:04 GMT

Iris-scanner defeated with a camera in night mode, a contact lens, and a printer

Chaos Computer Club's "Starbug" has taken a look at the Samsung Galaxy S8's iris-scanning authentication feature and found you can beat it with a photograph.…

Last week: 'OpenVPN client is secure!'
This week: 'Unpatched bug in OpenVPN server'

Wed, 24 May 2017 00:44:09 GMT

And it's a nasty one if the user you crack has admin rights

French security outfit Sysdream has gone public with a vulnerability in the admin interface for OpenVPN's server.…

Target inks $18.5m deal with US states to settle 2013 data breach

Tue, 23 May 2017 23:25:14 GMT

Fines equal around 8 hours of profit, that'll teach them

Target, the shopping behemoth for people who are too classy to go to Walmart, has today reached a settlement with 47 states and the District of Columbia over the 2013 hacking incident that saw 70 million customers lose their personal information.…

Media players wide open to malware fired from booby-trapped subtitles

Tue, 23 May 2017 14:35:08 GMT

VLC, Kodi, Popcorn Time and Stremio were all vulnerable

Hackers have gone back to the future by attempting to infect targets with booby-trapped subtitle files.…

.Science and .study: Domains of the bookish? More like domains of the JERKS!

Tue, 23 May 2017 10:34:06 GMT

Only few bad apples at internet badness hotspots, though

The .science domain has become a “hotspots” of malicious or abusive activity on the internet, according to a new study out Tuesday.…

EU security think tank ENISA looks for IoT security, can't find any

Tue, 23 May 2017 05:02:07 GMT

Proposes baseline security spec, plus stickers to prove thing-makers have complied

European network and infosec agency ENISA has taken a look at Internet of Things security, and doesn't much like what it sees.…

Russian raids sweep up 20 malware scum

Tue, 23 May 2017 03:37:05 GMT

Cron job aborted after crims scoop ₽50m and share it to 6,000 bank accounts

The Russian Interior Ministry has announced the arrest of 20 people following raids related to a malware campaign dubbed “Cron” which had been emptying victims' bank accounts.…

7 NSA hack tool wielding follow-up worm oozes onto scene: Hello, no need for any phish!

Mon, 22 May 2017 15:01:13 GMT

Why can't you be like a cheerful HHGTTG dolphin overlord?

Miscreants have created a strain of malware that targets the same vulnerability as the infamous WannaCrypt worm.…

Quick, better lock down that CISO role. Salaries have apparently hit €1m

Mon, 22 May 2017 14:02:56 GMT

Thanks WannaCrypt... Hey, about our new security budget. Oh, you've cut it

Salaries for chief information security officers (CISOs) at leading European firms have hit €1m (£850,000) as the threat of data breaches grows, City AM reports.…

Yahoo! retires! bleeding! ImageMagick! to! kill! 0-day! vulnerability!

Sun, 21 May 2017 23:58:43 GMT

Purple Palace pays researcher US$778 bounty per byte

How would you like US$778 per byte for your exploit?…

Netgear 'fixes' router by adding phone-home features that record your IP and MAC address

Sun, 21 May 2017 22:43:16 GMT

Yeah, that'll be secure for sure

Netgear NightHawk R7000 users who ran last week's firmware upgrade need to check their settings, because the company added a remote data collection feature to the units.…

Wannacry: Everything you still need to know because there were so many unanswered Qs

Sat, 20 May 2017 03:37:49 GMT

How it first spread, Win XP wasn't actually hit, and more

Vid It has been a week since the Wannacry ransomware burst onto the world's computers – and security researchers think they have figured out how it all started.…

LastPass now supports 2FA auth, completely undermines 2FA auth

Fri, 19 May 2017 22:38:34 GMT

Just keep putting those eggs in the one basket, friends

Password manager LastPass has added a new feature to its software: the ability to store two-factor authentication codes. This is great news. For hackers.…

Comodo database glitch causes billing problems

Fri, 19 May 2017 16:36:09 GMT

Enter the snag-dragon

Updated While the rest of the world had its eyes firmly on the WannaCrypt outbreak, digital certificate firm Comodo suffered an unrelated but protracted database problem that affected its billing systems.…

Biz overlords need to give a stuff about what they're told by IT crowd

Fri, 19 May 2017 16:03:05 GMT

Data breaches smack bottom line, cautions survey

Companies that suffer a data breach can expect to see their share price fall by five per cent and watch two to three per cent of customers take their business elsewhere.…

Crooks use WannaCrypt hysteria as hook for BT-branded phishing emails

Fri, 19 May 2017 15:03:06 GMT

Confusingly, ISPs are also sending out genuine warnings

Scoundrels have latched on to the WannaCrypt outbreak as a theme for scam emails. Coincidentally some consumers are receiving seemingly genuine warnings from their ISPs related to suspected infection during last week's worldwide ransomware outbreak.…

Blighty's buying another 17 F-35s, confirms the American government

Fri, 19 May 2017 14:44:07 GMT

All F-35Bs for the Navy – but, oddly, isn't set in stone

The UK will buy a grand total of 17 F-35B fighter jets between 2020 and 2022 – and acquiring the A model of the supersonic stealth fighter hasn’t been ruled out.…

WannaCrypt: Roots, reasons and why scramble patching won't save you now

Fri, 19 May 2017 13:28:06 GMT

Watch your backup

I became a Solaris system administrator in the 1990s: first proper job out of university. I read a lot about the Morris Worm – believed to be the first of its type, and of interest to me because the Sun-3 kit I looked after was vulnerable.…

‪There's a ransom-free fix for WannaCry‬pt. Oh snap, you've rebooted your XP box

Fri, 19 May 2017 11:27:11 GMT

Sooo... that's not gonna work for you mate

Windows XP PCs infected by WannaCrypt can be decrypted without paying ransom by using a new utility dubbed Wannakey.…

Phishing scum going legit to beat browser warnings

Fri, 19 May 2017 05:30:04 GMT

Now that Chrome and Firefox call out HTTP, phisherpholk are getting certified

Browser-makers' decision to put big red warning lights in the faces of users when they hit sites too slack to use HTTPS is backfiring a little, as crooks are accelerating their use of encryption.…

Don't gripe if you hand your PC to Geek Squad and they rat you out to the Feds – judge

Thu, 18 May 2017 22:37:23 GMT

But FBI blunder may let alleged pedo walk free from court

A judge has ruled that people who give their knackered computers to Best Buy's Geek Squad for repairs have no comeback if technicians find and report any illegal material to the Feds.…

Proposed PATCH Act forces US snoops to quit hoarding code exploits

Thu, 18 May 2017 20:06:28 GMT

Bipartisan bill wants to stave off another WannaCry

Two US senators have proposed a law limiting American intelligence agencies' secret stockpiles of vulnerabilities found in products.…

Three home security systems found to be vulnerable – if hackers were hiding in bushes

Thu, 18 May 2017 15:08:35 GMT

Pointblank weaknesses have since been patched

Three home security systems were riddled with bugs, according to new research made public this week.…

Banking association calls for end of 'screen-scraping'

Thu, 18 May 2017 12:37:11 GMT

Fintech firms not that thrilled about the idea

The European Banking Federation (EBF) has asked the EU Commission to support a ban on "screen scraping".…

No laptop ban on Euro flights to US... yet

Thu, 18 May 2017 09:55:09 GMT

Pilots: Um, you want all those lithium batteries in the hold?

The European Commission (EC) and the US have pushed back against moves for a wider ban on laptops on aircraft but talks on the subject will continue in Washington next week.…

Great Ormond Street children's hospital still offline after WannaCrypt omnishambles

Thu, 18 May 2017 08:35:22 GMT

Precautionary disconnect – patients still being looked after

Updated The internationally famous Great Ormond Street Hospital has been taken offline as a safety measure following last week's catastrophic WannaCrypt outbreak.…

Bloke charged under UK terror law for refusing to cough up passwords

Thu, 18 May 2017 05:57:09 GMT

First they came for the activists and I did nothing…

British police have charged a man under antiterror laws after he refused to hand over his phone and laptop passwords.…

Azure users told they're not WannaCrypt-proof

Thu, 18 May 2017 05:01:13 GMT

Microsoft advises how to harden cloudy Windows, cos it runs a cloud not your OS

Microsoft Windows users already know what to do to defeat WannaCrypt (unless they've been asleep for a week). Now the company's published its advice for its Azure customers.…

HP Inc wireless mouse can be spoofed

Thu, 18 May 2017 02:34:17 GMT

By our reckoning this means a mouse could let a RAT into your computer

If you're using an HP Inc wireless keyboard/mouse combo and the cursor starts behaving badly, someone might be pranking you.…

Gotcha, Tatcha! Thieves hide in servers to hoover up victims' bank card numbers mid-order

Wed, 17 May 2017 22:35:37 GMT

Beauty website suffers ugly IT security breach

Cosmetics peddler Tatcha is warning customers after hackers were able to compromise its website and harvest payment card details as orders poured in.…

Backup crack-up: Fasthosts locks people out of data storage for days amid WCry panic

Wed, 17 May 2017 20:04:16 GMT

Windows Server 2k3 kit yanked, replacement slow to arrive

Fasthosts left some customers without access to their backups for roughly six days – after it tore down systems it feared were vulnerable to the WannaCry malware.…

Ransomware fear-flinger Uiwix fails to light

Wed, 17 May 2017 14:27:08 GMT

Stand down, folks. Back to Defcon none

A ransomware variant, dubbed Uiwix, that abuses the same vulnerability as WannaCrypt has turned out to be something of a damp squib.…

Police anti-ransomware warning is hotlinked to 'ransomware.pdf'

Wed, 17 May 2017 12:40:47 GMT

This (probably) isn't a spear phishing attack but we were too afraid to verify

Official anti-ransomware advice issued by UK police to businesses can only be read by clicking on a link titled "Ransomware" which leads direct to a file helpfully named "Ransomware.pdf".…

Yo, patch that because scum still wanna exploit WannaCrypt-linked vuln

Wed, 17 May 2017 10:56:09 GMT

Significant number of devices continue to expose Windows SMB on port 445

Vulnerable Windows Server Message Block (SMB) shares central to last week's WannaCrypt outbreak are still widely deployed and frequently hunted, security researchers warn.…

IoT needs security, says Microsoft without even a small trace of irony

Wed, 17 May 2017 04:58:04 GMT

Sysadmins, don't hurt your necks shaking your heads

Still reeling from criticism over the WannaCrypt attack, Microsoft has stuck its hat on a stick and raised it out of the trench to see how its proposals for Internet of Things security might be received.…

Chrome on Windows has credential theft bug

Wed, 17 May 2017 02:09:21 GMT

.SCF files present ID, password to fetch icons for attack file

Google's Chrome team is working to fix a credential theft bug that strikes if the browser is running on Microsoft Windows.…

Cisco warns: Some products might have WannaCrypt vuln

Wed, 17 May 2017 00:10:57 GMT

To other vendors using embedded Windows: where are your warnings and patches?

Here's why infosec needs to quit yelling “if you didn't patch it's your fault” about WannaCrypt: Cisco has announced it's investigating which of its products can't be patched against the ransomware.…

Bell Canada hacked: 2m account details swiped by mystery miscreants

Tue, 16 May 2017 21:26:55 GMT

Don't worry, no bank card info taken, eh

Bell Canada said Tuesday 1.9 million customer account details were swiped by hackers – although stressed no payment card numbers or passwords were slurped.…

French fling fun-sized fine at Facebook for freakin' following folk

Tue, 16 May 2017 18:26:56 GMT

And it's going to get a whole lot worse for Zuckerberg and pals

Facebook has been fined the maximum possible amount – €150,000 ($166,000) – by France's data protection watchdog for gathering information on internet users without their permission.…