Subscribe: The Register - Security
http://www.theregister.com/security/headlines.rss
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
alphabay hansa  alphabay  bug  crypto  cyber  make  million  mobile  new  police  ransomware  security  software  web  year     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security

The Register - Security



Biting the hand that feeds IT



Copyright: Copyright 2017, Situation Publishing
 



Beijing police quench scum allegedly behind 'Fireball' fraudware

Wed, 26 Jul 2017 06:30:48 GMT

Eleven arrested over malicious browser plug-in that netted nearly US$12 million

Chinese police have moved on the developers of the Fireball adware that infected millions of computers earlier this year.…




US spies hacked our phones over the air, claim pipeline protesters

Wed, 26 Jul 2017 06:02:04 GMT

Targeting oil demo may have been training exercise for snoops, it is feared

For the past year or so, protesters in North Dakota, America, have been trying to prevent an oil pipeline from being built through Native Americans’ sacred land.…




Crap gift card security helps crims spend your birthday pressie cash

Wed, 26 Jul 2017 05:32:14 GMT

These blokes spent two years studying and warning retail giants of fraud danger

Gift cards' lousy security makes it easy for crooks to spend marks' money, researchers said Tuesday night.…




Las Vegas locks down ahead of DEF CON hacking conference

Tue, 25 Jul 2017 21:42:35 GMT

Trust the hookers, don’t trust the Wi-Fi

DEF CON Businesses in Las Vegas are locking down their systems as hackers fly into the fetid hell of Sin City for a trio of security conferences.…




Adobe will kill Flash by 2020: No more updates, support, tears, pain...

Tue, 25 Jul 2017 16:43:24 GMT

Buggy multimedia nightmare won't see President Zuckerberg's inauguration

Adobe has officially set a kill date for its beleaguered Flash.…




ALIS in Blunderland: Lockheed says F-35 Block 3F software to be done by year's end

Tue, 25 Jul 2017 14:57:04 GMT

... which is absolutely not what US gov audit-type folk expect

F-35 software development will be finished by the end of this year, Lockheed Martin has said – which contradicts the view of various American government audit agencies.…




Crappy hacker crew fingered for Bundestag snooping operation

Tue, 25 Jul 2017 14:22:10 GMT

CopyKittens persistent but easy to find, monitor and counter

Security researchers have lifted the lid on a new cyber-espionage crew that has targeted the German Bundestag and Turkish diplomats.…




Kid found a way to travel for free in Budapest. He filed a bug report. And was promptly arrested

Tue, 25 Jul 2017 05:03:10 GMT

Protests sparked after web security hole reported

The arrest of a Hungarian bloke after he discovered a massive flaw in the website of Budapest's transport authority – and reported it – has sparked a wave of protests.…




Ubiquiti firmware patch stomps nasty redirect bug from login screen

Tue, 25 Jul 2017 03:03:12 GMT

If you skipped the fix, fair enough - it landed before the vulnerability report

Popular wireless networking hardware vendor Ubiquiti patched a couple of serious vulnerabilities back in March and April – without telling the people who reported the bugs.…




G Suite admins have just one button to secure their sites, but don't

Tue, 25 Jul 2017 02:01:11 GMT

Another day, another cloudy data leak, as admins fail to get one setting right

G Suite business users: go and check your configuration, and make sure you're not publishing enterprise information to the whole world.…




Pathetic patching leaves over 70,000 Memcached servers still up for grabs

Mon, 24 Jul 2017 21:19:42 GMT

And that’s months after patches released and warning emails sent – sort it out!

If you're running the caching service Memcached, and particularly if you're exposing it to the public internet for some reason, please make sure you've patched it. Tens of thousands of vulnerable systems haven't.…




China crams spyware on phones in Muslim-majority province

Mon, 24 Jul 2017 19:19:04 GMT

On-the-spot checks by cops to ensure creepy mass surveillance tool is installed

The Chinese government is requiring citizens in Xinjiang province to install spyware on their mobile phones and is enforcing the policy with police spot-checks, according to several online reports.…




Crims snatch 5.5 million social security numbers from Kansas govt box

Mon, 24 Jul 2017 18:53:37 GMT

A server where there isn't any trouble. Do you suppose there is such a server, Toto?

Hackers have lifted not only the social security numbers and personal information of half a million jobseekers in Kansas – but also records on more than five million people from nine other US states.…




Cyber arm of UK spy agency left without PGP for four months

Mon, 24 Jul 2017 15:27:04 GMT

Meanwhile Huawei gets green light, despite failure to verify source code

UK spy agency GCHQ’s cyber security arm, CESG, was left without PGP encryption for more than four months, according to a government report.…




Briton admits to router hack that DDoSed Deutsche Telekom

Mon, 24 Jul 2017 15:07:05 GMT

Tells German court it was unintentional

An as yet unnamed 29-year-old pleaded guilty on Friday to charges relating to the hijacking of more than 1.25 million Deutsche Telekom routers, according to reports in the German press.…




AlphaBay and Hansa: About those dark web marketplaces takedowns

Mon, 24 Jul 2017 11:51:25 GMT

Sellers using AlphaBay vendor 'trust' ratings on new dodgy agoras

Analysis A US Federal Bureau of Investigation veteran has spoken out on the international police ops that led to the takedown of dark web drug souks AlphaBay and Hansa, giving an insider's look at the process.…




Sweden leaked every car owners' details last year, then tried to hush it up

Sun, 23 Jul 2017 22:31:27 GMT

Another day, another botched government contract

In a slowly-unfolding scandal in Sweden, it's emerged that the country's transport agency bungled an outsourcing deal with IBM, putting both individuals and national security at risk.…




But how does our ransomware make you feel?

Fri, 21 Jul 2017 12:58:08 GMT

Psychology of ransomware threats unpicked

Ransomware crooks have become skilled psychological manipulators in their attempts to fleece victims of file-encrypting malware.…




Moneysupermarket fined £80,000 for spamming seven million customers

Fri, 21 Jul 2017 05:32:05 GMT

Go compare the original opt-out request, firm told

Price-comparison darling Moneysupermarket.com has been fined £80,000 for sending 7.1 million emails to customers who had opted out of receiving direct marketing emails.…




So, FCC, how about that massive DDoS? Hello? Hello...? You still there?

Thu, 20 Jul 2017 22:27:12 GMT

Like trying to get blood out of a stone

Updated America's broadband watchdog, the FCC, has declined to share any more details on the cyber-assault that apparently downed its website shortly after it announced its intent to kill net neutrality.…




US Homeland Sec boss has snazzy new laptop bomb scanning tech – but admits he doesn't know what it's called

Thu, 20 Jul 2017 22:01:03 GMT

Fscking nerds, Secretary John Kelly sighs

Flying into America? Don't worry about that crackdown on laptops and similar gear in your carry-on luggage. It's no longer happening. No, instead, the US has something else up its sleeve.…




Alphabay shutdown: Bad boys, bad boys, what you gonna do? Not use your Hotmail...

Thu, 20 Jul 2017 20:28:44 GMT

...or the Feds will get you ♪

Analysis The alleged owner of dark-web marketplace AlphaBay was tracked down by FBI because he was stupid enough to include his real Hotmail address in the content management system used to run the site.…




UK uni warns students of phishers trying to nick their tuition fees

Thu, 20 Jul 2017 19:18:10 GMT

♪ You shall have a phishy on a little dishy when the hack comes in

Foreign students looking to experience the stochastic joys of a year at Newcastle University in England are being warned that phishers are after their cash – using an unusually well-crafted attack.…




Cops harpoon two dark net whales in megabust: AlphaBay and Hansa

Thu, 20 Jul 2017 15:38:23 GMT

Tor won't shield you, warn Feds

Two of the largest dark net marketplaces - AlphaBay and Hansa - have been shut down following an international police operation.…




The eyes have IT: TSB to roll out iris-scanning tech for mobile banking

Thu, 20 Jul 2017 14:56:06 GMT

Biometrics, certificates combo to shore up security

TSB has announced plans to roll out iris-scanning technology for its mobile banking app from September.…




No one still thinks iOS is invulnerable to malware, right? Well, knock it off

Thu, 20 Jul 2017 11:07:58 GMT

As platform's popularity rose, so did its allure to miscreants

The comforting notion that iOS devices are immune to malicious code attacks has taken a knock following the release of a new study by mobile security firm Skycure.…




HMS Frigatey Mcfrigateface given her official name

Thu, 20 Jul 2017 10:42:25 GMT

It's Glasgow, before you lot get too excited

The first of the Royal Navy's new Type 26 frigates has been named HMS Glasgow, recycling the name for the fourth time in the last 100 years.…




Yeah, WannaCry hit Windows, but what about the WannaCry of apps?

Thu, 20 Jul 2017 09:12:07 GMT

Patching done proper

WannaCrypt crippled 230,000 Windows PCs internationally, hitting unpatched Windows 7 and Windows Server 2008 and computers still running Microsoft's seriously old Windows XP, though the latter wasn't responsible for its spread.…




Crazy bug of the week: Gnome Files' .MSI parser runs evil VBScripts

Thu, 20 Jul 2017 06:30:04 GMT

Grab a fix now

Gnome developers, take a bow: a bug in your image thumbnailer has opened up a (not too scary, thankfully) hole for script injection.…




Remember that Citadel bank-slurping malware? Its main man was just jailed for five years

Thu, 20 Jul 2017 05:37:12 GMT

Trojan was used to swipe $500m from victims' accounts

Russian programmer Mark Vartanyan has been sentenced to five years in US federal prison for developing and spreading the Citadel malware that stole $500m (£383m) from bank accounts around the world.…




Dahua cameras stung by Web interface bug

Thu, 20 Jul 2017 01:55:14 GMT

Long paassssswwwwwoooorrrd risks remote code execution

Chinese camera-maker Dahua has flicked out a patch to fix a possible remote code execution vulnerability in its Web admin interface.…




$30 million below Parity: Ethereum wallet bug fingered in mass heist

Thu, 20 Jul 2017 00:55:12 GMT

Crypto-cash leak made possible by software stuff-up

A vulnerability in Parity's Ethereum wallet software has been exploited by thieves to rob victims on a massive scale.…




Apple hurls out patches for dozens of security holes in iOS, macOS

Wed, 19 Jul 2017 23:24:37 GMT

Project Zero, GCHQ, and city of Mishawaka, Indiana among credited bug-hunters

Apple has today released patches addressing roughly four dozen exploitable security vulnerabilities in iOS, macOS, and WatchOS.…




School of card knocks: Russophone criminals offered online courses in credit card fraud

Wed, 19 Jul 2017 13:25:11 GMT

Обратите внимание на спину!

Cyber crime lords have come up with a new money-spinner – Russian-language e-learning courses geared towards teaching the skills necessary to rip off consumers and card companies.…




Targeted, custom ransomware menace rears its ugly head

Wed, 19 Jul 2017 09:52:00 GMT

No spraying and praying here, just precise, exorbitant attacks

Attackers are manually deploying ransomware directly into target networks to maximise the damage and potential payout.…




Solaris, Java have vulns that let users run riot

Wed, 19 Jul 2017 04:03:03 GMT

What's big, red and has 308 patches, 30 of them critical? Oracle's quarterly patch dump

Oracle's emitted its quarterly patch dump. As usual it's a whopper, with 308 security fixes to consider.…




Let's harden Internet crypto so quantum computers can't crack it

Tue, 18 Jul 2017 23:59:58 GMT

Draft blends asymmetric public/private key encryption and one-time pad analogs

In case someone manages to make a general purpose quantum computer one day, a group of IETF authors have put forward a proposal to harden Internet key exchange.…




Iranian duo charged with hacking US missile simulation software biz

Tue, 18 Jul 2017 22:03:29 GMT

Blokes allegedly lifted, cracked export-restricted rocketry design app to tout it in Iran

Two Iranian nationals have been charged with hacking a US defense technology maker to steal and sell its rocketry simulation software.…




Google G-Suite spotted erecting stiff member vetting tool

Tue, 18 Jul 2017 21:46:50 GMT

App verification signage aims to give phishing the finger

Stung by phishing attacks aimed at G Suite users earlier this year, Google has armored its cloud with extra security layers.…




China's censorship cyber-missiles shoot down pics flying through WhatsApp, chat apps

Tue, 18 Jul 2017 19:34:20 GMT

Death of Nobel laureate Liu Xiaobo reveals new powers

China has expanded its censorship tools to strip out images from chat messages in transit through its networks.…




CoinDash crowdfunding hack further dents trust in crypto-trading world

Tue, 18 Jul 2017 18:13:05 GMT

$7m pilfered from investors, white hats on the trail

More than $7m was stolen by hackers on Monday from folks investing in a cryptocurrency startup.…




Air, sea drones put through their paces on Solent testing range

Tue, 18 Jul 2017 14:17:14 GMT

Roboat firms and pals pile in

More roboats and autonomous flying machines will be tested around the Solent after a consortium of companies was handed £1.5m to set up a drone test range.…




Insurers claim cyber calamities could cost more than Hurricane Sandy

Tue, 18 Jul 2017 10:52:14 GMT

But then again they would say that, wouldn't they?

Analysis A study aiming to raise the profile of cyber insurance claims that cloud outages and ransomware outbreaks on the WannaCry scale could cost companies $81.7bn – more than natural disasters like 2012's Hurricane Sandy. That's an awful lot of money, but wait – before you fish out the wallet – how did the authors arrive at these numbers?…




Dow Jones index – of customers, not prices – leaks from AWS repo

Tue, 18 Jul 2017 03:58:08 GMT

S3 bucket was set to authenticate all AWS users, not just Dow Jones users

Dow Jones has emulated Verizon by saving various internal databases (including Wall Street Journal subscribers) in the cloud without properly securing it.…




FreeRADIUS fragged by fuzzer – by invitation – and fifteen fails found

Tue, 18 Jul 2017 01:29:11 GMT

Bug fixes shipped for all supported versions

The folks over at FreeRADIUS took a look at Guido Vranken's work with OpenSSL, liked what they saw, asked him to fuzz the famous login/security server ... and then didn't like what they saw.…




Dev to El Reg: Making web pages pretty is harder than building crypto

Mon, 17 Jul 2017 23:01:10 GMT

'Brandis.io' secures messages with APIs and 445 lines of JavaScript, so good luck with crypto-cracking laws!

+Comment An Australian computer scientist working in Thailand has offered his contribution to Australia's cryptography debate by creating a public-key crypto demonstrator in less than a day, using public APIs and JavaScript.…




Cisco plugs command-injection hole in WebEx Chrome, Firefox plugins

Mon, 17 Jul 2017 18:44:30 GMT

Make sure you've updated if you're using Windows

Cisco has patched its Chrome and Firefox WebEx plugins to kill a bug that allows evil webpages to execute commands on computers.…




Forgotten your Myspace password? Just a name, username, DoB will get you in – and into anyone else's, too

Mon, 17 Jul 2017 18:06:26 GMT

Blast from the past blasted

Myspace's account recovery process is hopelessly flawed, according to a security researcher.…




Facebook users pwnd by phone with account recovery vulnerability

Mon, 17 Jul 2017 10:32:10 GMT

Another lonely day, with no one but FB, oh... I'll send an SMS to the world

Facebook account recovery using pre-registered mobile numbers is poorly implemented and open to abuse, according to critic James Martindale.…




Ashley Madison throws US$11.2m on the bed to mop up leak affair

Mon, 17 Jul 2017 04:58:05 GMT

Life is short, have a quick buck

Dating site for cheaters Ashley Madison has thrown US$11.2 million on the bed to make its 2015 data leak go away.…