Subscribe: The Register - Security
http://www.theregister.com/security/headlines.rss
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
apple  attack  bug  carry  cent  data  malware  mobile  new  security  software  today  users  vulnerability  web  world     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security

The Register - Security



Biting the hand that feeds IT



Copyright: Copyright 2017, Situation Publishing
 



RIP: Antivirus veteran Raimund Genes, 54

Tue, 28 Mar 2017 15:17:15 GMT

Trend Micro CTO suffered fatal heart attack

Colleagues and friends are mourning the sudden death of distinguished antivirus industry veteran Raimund Genes last Friday.…




Apple squashes cert-handling bug affecting macOS and iOS

Tue, 28 Mar 2017 13:38:06 GMT

Flaw posed remote code execution risk

Apple has resolved a certification validation vulnerability affecting both macOS and iOS users.…




World+dog had 1.4 BEEEELLION of its data records exposed last year

Tue, 28 Mar 2017 11:25:10 GMT

That's 86% up on 2015... and it's mostly identity theft

Almost 1.4 billion data records were compromised worldwide during 2016, a whopping increase of 86 per cent compared to the year before.…




As of today, iThings are even harder for police to probe

Tue, 28 Mar 2017 07:02:09 GMT

iOS 10.3 lands, complete with heavily encrypted Apple File System

Apple today released iOS 10.3, watchOS 3.2 and tvOS 10.2 (14W265), the first two of all of which bring some pleasing extra functionality to iThings, But the main attraction in the new release is Apple File System, because it adds comprehensive encryption to the iPhone and Apple Watch.…




CompSci boffins propose scheme to protect privacy in database searches

Tue, 28 Mar 2017 05:02:09 GMT

Queries indicate your intentions, so they're worth hiding

From stock searches to map directions, any time a user queries a database, they tell the database owner something valuable.…




FYI Docs.com users: You may have leaked passwords, personal info – thousands have

Mon, 27 Mar 2017 21:56:53 GMT

Just call it Doxx.com

Thousands of netizens inadvertently shared passwords and other highly private information with the rest of the planet – via Microsoft's publicly searchable Docs.com service.…




LastPass scrambles to fix another major flaw – once again spotted by Google's bugfinders

Mon, 27 Mar 2017 19:42:16 GMT

Ormandy sets snowflakes off over disclosure

For most of us, Saturday morning is a time for a lie in, a leisurely brunch, or maybe taking the kids to the park. But for some it's bug-hunting time.…




Ex-military and security firms oppose Home Sec in WhatsApp crypto row

Mon, 27 Mar 2017 16:30:14 GMT

'We are in real trouble if we apply blunt weapons to this'

UK government ministers calling for increased surveillance abilities in the wake of last Wednesday's terrorist attack have encountered opposition from a somewhat unexpected quarter.…




iPhone-havers think they're safe. But they're not

Mon, 27 Mar 2017 12:18:37 GMT

Growing mobile threats affect iOS

Mobile malware is at the highest level yet recorded, infecting 1.35 per cent of all mobile devices in October, according to a study by Nokia out today. The high water mark in October compares to figures of 1.06 per cent in April 2016.…




USA can afford golf for Trump. Can't afford .com for FBI infosec service

Mon, 27 Mar 2017 08:55:09 GMT

So guess what spoofers are doing with the fake site? Yup – getting dupes to log in

InfraGard.org is supposed to be one of the United States' defences against online criminals. But the FBI-led service is currently the subject of a typosquatting and email attack that could see organisations seeking protection instead send their personal data straight to parties unknown.…




Dishwasher has directory traversal bug

Sun, 26 Mar 2017 23:08:45 GMT

Thanks a Miele-on for making everything dangerous, Internet of Things firmware slackers

Don't say you weren't warned: Miele went full Internet-of-Things with a network-connected dishwasher, gave it a web server, and now finds itself on the wrong end of a security bug report – and it's accused of ignoring the warning.…




Ever visited a land now under Islamic State rule? And you want to see America? Hand over that Facebook, Twitter, pal

Sat, 25 Mar 2017 01:01:30 GMT

Uncle Sam turns up the heat on visa hopefuls

US embassies have been told to examine social media accounts of visa applicants who have ever set foot in Islamic-State-controlled areas.…




GiftGhostBot scares up victims' gift-card cash with brute-force attacks

Fri, 24 Mar 2017 19:08:00 GMT

Software nasty can burn through 1.7 million account numbers per hour

Cybercrooks are using a bot to automate the process of breaking into and draining online gift card accounts.…




UK.gov confirms it won't be buying V-22 Ospreys for new aircraft carriers

Fri, 24 Mar 2017 14:11:05 GMT

Also confirms earlier operational date for HMS Queen Elizabeth

Britain is not buying V-22 Osprey aircraft to fly from its new aircraft carriers, the government has confirmed.…




Did you know: Crimelords behind DDoS attacks offer customer loyalty points?

Fri, 24 Mar 2017 10:51:09 GMT

Tweaking business models for greater 404 kerching

The DDoS attack business has advanced to the point that running an attack can cost as little as $7 an hour, while the targeted company can end up losing thousands, if not millions of dollars.…




Inside OpenSSL's battle to change its license: Coders' rights, tech giants, patents and more

Fri, 24 Mar 2017 07:32:12 GMT

Devs who fail to respond to call for change will count as 'yes' votes for AL 2.0

Analysis The OpenSSL project, possibly the most widely used open-source cryptographic software, has a license to kill – specifically its own. But its effort to obtain permission to rewrite contributors' rights runs the risk of alienating the community that sustains it.…




Google slaps Symantec for sloppy certs, slow show of SNAFUs

Fri, 24 Mar 2017 04:58:05 GMT

Certs will keep working, but Chrome will be suspicious, soon

Updated Google's Chrome development team has posted a stinging criticism of Symantec's certificate-issuance practices, saying it has lost confidence in the company's practices and therefore in the safety of sessions hopefully-secured by Symantec-issued certificates.…




Amazing new WikiLeaks CIA bombshell: Agents can install software on Apple Macs, iPhones right in front of them

Thu, 23 Mar 2017 22:39:07 GMT

And in 2009 – just 8 years ago

Startling leaked documents show the CIA could purchase Apple Macs and iPhones, install spyware onto them, and give them to targets.…




If you were cuffed during Trump's inauguration, cops are trying to crack your smartphone

Thu, 23 Mar 2017 19:55:07 GMT

More than 100 mobes will only take a week to access

Vid The inauguration of President Donald Trump in the US capital was marked by protests, with cops collaring more than 200 people on the day. Now court documents reveal the US government's efforts to crack the arrestees' locked phones and slurp their contents.…




Android Forums resets passwords after hack

Thu, 23 Mar 2017 16:19:09 GMT

Only 2.5 per cent of userbase affected

Add Android Forums to the growing list of web properties that have suffered a security breach.…




eBay dumps users into insecure authentication mechanism

Thu, 23 Mar 2017 07:33:12 GMT

Dump dongles and move to SMS, says tat bazaar, oblivious to deprecation advice

Web tat bazaar eBay appears to be suggesting its readers adopt known-to-be-insecure practices when logging on to the service.…




Fake mobile base stations spreading malware in China

Thu, 23 Mar 2017 05:02:11 GMT

'Swearing Trojan' pushes phishing texts around carriers' controls

Chinese phishing scum are deploying fake mobile base stations to spread malware in text messages that might otherwise get caught by carriers.…




It's happening! It's happening! W3C erects DRM as web standard

Wed, 22 Mar 2017 20:39:12 GMT

World has until April 19 to make its views known on latest draft

The World Wide Web Consortium has formally put forward highly controversial digital rights management as a new web standard.…




Russian mastermind of $500m bank-raiding Citadel coughs to crimes

Wed, 22 Mar 2017 20:23:02 GMT

Chap's code infected 11m PCs, helped crooks make off with half a billion bucks, say Feds

The Russian programmer who built the bank-acount-raiding Citadel Trojan has admitted his crimes.…




Error prone, insecure, inevitable: Say hello to today's facial recog tech

Wed, 22 Mar 2017 19:45:10 GMT

If you want a picture of the future, imagine a database with every human visage

Facial recognition technology represents a valuable, and likely inevitable, method of identification for cops and Feds. Unfortunately, it's largely unregulated, error prone, and insecure.…




Malware 'disguised as Siemens software drills into 10 industrial plants'

Wed, 22 Mar 2017 19:34:35 GMT

Four years of active infection, claims security biz Dragos

Malware posing as legitimate software for Siemens control gear has apparently infected industrial equipment worldwide over the past four years.…




Bloke, 48, accused of whaling two US tech leviathans out of $100m

Wed, 22 Mar 2017 16:13:19 GMT

Lithuanian cuffed and charged

Evaldas Rimasauskas, a 48-year-old Lithuanian man, has been charged with defrauding two major US-based internet companies for more than $100m through whaling attacks.…




Gift cards or the iPhone gets it: Hackers threaten Apple with millions of remote wipes

Wed, 22 Mar 2017 15:26:07 GMT

'Turkish crime family' says Bitcoin's also OK

Updated Hackers who claim to have gained access to over 300 million iCloud and Apple email accounts are threatening to wipe user data unless Apple pays a ransom.…




Coppers 'persistently' breach data protection laws with police tech

Wed, 22 Mar 2017 12:57:09 GMT

Staff association warns that systems 'increasingly' being used for personal reasons

Coppers in England and Wales are "persistently" committing data breaches, according to the Police Federation's head of misconduct.…




Gemalto profits hit by crummy US card sales, dials back expectations by, oh, €100m

Wed, 22 Mar 2017 12:27:08 GMT

PINs hopes on some good news next year

Gemalto warned on Wednesday that its first-quarter revenues will be between 7 to 9 per cent lower compared to the same period of 2016.…




UK vuln 'fessing pilot's great but who's going to give a FoI?

Wed, 22 Mar 2017 09:35:08 GMT

Too many ppl, amirite? Poor old Brit govt ...

A security researcher has welcomed the UK's launch of a vulnerability co-ordination pilot while cautioning that a strategy for handling Freedom of Information requests needs to be developed.…




Web smut seekers take resurgent Ramnit malware from behind

Wed, 22 Mar 2017 07:02:04 GMT

♪ Botnet knocked down, but it gets up again ♪

Aficionados of salacious smut sites in the UK and Canada are picking up some nasty software that infects systems by using corrupted pop-under adverts.…




Mac OS IM tool Adium lagging on library security vulnerability

Wed, 22 Mar 2017 04:02:12 GMT

libpurple is a 'binary blob of unknown provenance' says researcher

A developer is warning Adium users to pick a different messaging app because of an exploitable vulnerability in its underlying libpurple version.…




Microsoft's 'Application Verifier' bug-finder is easily pwnable

Wed, 22 Mar 2017 01:56:05 GMT

Undocumented feature allows installation of persistent malware

Updated “Don't create undocumented features” should be tattooed in the corner of every developer's eye: there's one in the Microsoft Application Verifier Provider that provides attack vectors on everything Windows since XP.…




What should password managers not do? Leak your passwords? What a great idea, LastPass

Tue, 21 Mar 2017 19:54:02 GMT

Critical bugs found in Chrome, Firefox add-ons

Updated Password vault LastPass is scrambling to patch critical security flaws that malicious websites can exploit to steal millions of victims' passphrases.…




Now UK bans carry-on lappies, phones, slabs on flights from six nations amid bomb fears

Tue, 21 Mar 2017 18:14:32 GMT

Hit list: Turkey, Lebanon, Egypt, Jordan, Tunisia, Saudi Arabia

The UK has banned airline passengers on direct inbound flights from six countries in the Middle East and North Africa from taking a range of electronic devices into the cabin due to fears of a terrorist attack.…




World's worst botnet fiends switch from ransomware to stock scam spam

Tue, 21 Mar 2017 17:29:08 GMT

IT LIVES!

Cybercriminals behind the Necurs botnet have reactivated the zombie network and returned to their original business of using compromised machines as conduits for spam distribution.…




Three cops to data breach

Tue, 21 Mar 2017 12:56:11 GMT

Customers able to view account details of other users

Mobile operator Three has admitted that some customers were able to view the mobile account details of other Three users via their accounts yesterday.…




Airplane bomb fears spark America's laptop, tablet carry-on ban

Tue, 21 Mar 2017 10:00:08 GMT

Mid-East airports, airlines hit by tough luggage crackdown amid terror intel

Updated Fears of terrorists smuggling bombs disguised as laptops onto airplanes has triggered a fresh crackdown on carry-on luggage.…




Tip for darknet drug lords: Don't wear latex gloves to the post office

Tue, 21 Mar 2017 06:02:11 GMT

Fentanyl merchant was good at Tor, rubbish in meatspace and at deleting browser history

Delivery is the weakest link in the “dark web” drug trade: the postal habits of a large-scale trader have led to his undoing.…




DNS lookups can reveal every web page you visit, says German boffin

Tue, 21 Mar 2017 04:08:12 GMT

The fix is simple: turn your modem on and off again to get a new IP address. Or ask your ISP to assign them more often

Domain-name lookups only reveal websites visited, not individual pages viewed, right? Wrong: the interaction between a user and the DNS is more revealing than previously believed, according to a paper from German postdoc researcher Dominik Herrmann.…




Nest cameras can be easily blacked out by Bluetooth burglars

Tue, 21 Mar 2017 01:05:21 GMT

So far, no patch available to the public

Updated Nest's Dropcam and Dropcam Pro security cameras can be wirelessly attacked via Bluetooth to crash and stop recording footage. This is perfect for burglars and other crooks who want to knock out the cams moments before robbing a joint.…




Confirmed: TSA bans gear bigger than phones from airplane cabins

Mon, 20 Mar 2017 23:11:55 GMT

Air travel to the US from eight countries appears to be affected

People traveling by air to America from an undisclosed list of countries will no longer be allowed to carry devices larger than a mobile phone in carry-on baggage.…




FBI, NSA top brass: We've seen jack squat to back up Trump's claims of Obama wiretaps

Mon, 20 Mar 2017 20:29:29 GMT

Meanwhile, potential Russian campaign links probed

Vid Monday mornings are never pleasant, are they? Take FBI director James Comey and head of the NSA Admiral Mike Rogers, for example, who kicked off their week by being grilled by the US House Select Intelligence Committee.…




'Sorry, I've forgotten my decryption password' is contempt of court, pal – US appeal judges

Mon, 20 Mar 2017 19:51:33 GMT

Claiming you can't remember your passphrase to unlock data is willful defiance

The US Third Circuit Court of Appeals today upheld a lower court ruling of contempt against an ex-cop who claimed he couldn't remember the password to decrypt his computer's hard drives.…




WWE star's swiped sex snaps survey spam snares selfie sickos

Mon, 20 Mar 2017 19:43:09 GMT

Click here to see her stolen nudes, and then here, and here, and again here, and...

Scammers are exploiting a new batch of leaked celebrity nudes, using the stolen selfies to lure in gawpers and make a fast buck.…




Dr Hannah Fry: We need to be wary of algorithms behind closed doors

Mon, 20 Mar 2017 15:08:05 GMT

UCL researcher on the tragedy of the age of data

Interview Sure, algorithms are insanely useful, but we need to watch we don't become complacent and unable to question them, University College London's Dr Hannah Fry warned in an interview with The Register.…




Norfolk County Council sent filing cabinet filled with kids' info to a second-hand shop

Mon, 20 Mar 2017 11:25:13 GMT

And all it got in return was a £60k fine

Updated Norfolk County Council left files containing sensitive information about children in a cabinet that was dispatched to a second-hand shop.…




Atlassian admins, your Struts 2 patch has landed

Mon, 20 Mar 2017 04:02:10 GMT

HipChat, Bamboo, and Crowd get fix

Atlassian has joined the growing list of vendors to patch its products against the Apache Struts 2 vulnerability.…




Git sprints carefully towards SHA-1 deprecation

Mon, 20 Mar 2017 00:57:07 GMT

The sky still isn't falling

Following the February controversy over whether or not Google's SHA-1 collision broke Git, its community has taken the first small steps towards replacing the ancient hash function.…