Subscribe: The Register - Security: Crime
http://www.theregister.com/security/crime/headlines.rss
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
app  cyber  data  donald trump  google  hackers  malware  new  ransomware  rudy giuliani  security  servers  trump  windows     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security: Crime

The Register - Security



Biting the hand that feeds IT



Copyright: Copyright 2017, Situation Publishing
 



350,000 Twitter bot sleeper cell betrayed by love of Star Wars and Windows Phone

Fri, 20 Jan 2017 21:35:12 GMT

Computer researchers uncover yuuuge dormant army

Computer boffins Juan Echeverria and Shi Zhou at University College London have chanced across a dormant Twitter botnet made up of more than 350,000 accounts with a fondness for quoting Star Wars novels.…




Rap for crap WhatsApp trap flap: Yack yack app claptrap slapped

Fri, 20 Jan 2017 20:08:12 GMT

Security gurus condemn sensational reporting of encryption backdoor-that-wasn't

Computer security experts and cryptographers have accused The Guardian of overblowing what was reported to be a backdoor in WhatsApp's encryption.…




General Electrics plays down industrial control plant vulnerabilities

Fri, 20 Jan 2017 17:30:12 GMT

Only a local hacker in a facility would be able to run an attack

General Electric (GE) has pushed out an update to its industrial control systems following the discovery of vulnerabilities that create a way for hackers to steal SCADA system passwords.…




Trump's 'cyber tsar' Giuliani among creds leaked in mass hacks

Fri, 20 Jan 2017 16:33:39 GMT

We've got four more years, people

Passwords used by Donald Trump's incoming cybersecurity advisor Rudy Giuliani and 13 other top staffers have been leaked in mass hacks, according to a Channel 4 investigation.…




Unbreakable Locky ransomware is on the march again

Fri, 20 Jan 2017 08:41:11 GMT

Necrus botnet wakes up and starts fresh malware-cano

Cisco is warning of possible return of a massive ransomware spam campaign after researchers noticed traces of traffic from the hitherto dormant Necrus botnet.…




Shocking crime surge – THE TRUTH: England, Wales stats now include hacking and fraud

Fri, 20 Jan 2017 07:19:06 GMT

'More realistic picture' we're told

Crime stats for England and Wales have shown a huge year-on-year increase. Don't panic, though: it's due to the inclusion of fraud and computer misuse offences for the first time.…




Viral Chinese selfie app Meitu phones home with personal data

Fri, 20 Jan 2017 06:02:10 GMT

Reg man submits self to invasive sparkly-unicorn androgyny transformation

PIC The Meitu selfie horrorshow app going viral through Western audiences is a privacy nightmare, researchers say.…




Operator of DDoS protection service named as Mirai author

Fri, 20 Jan 2017 03:02:13 GMT

Krebs says he's fingered author of epic IoT web assault code

The author of the massive distributed denial-of-service attack malware Mirai, which ropes infected routers and internet of things devices into remotely controlled armies, is a New Jersey man, according to journo Brian Krebs.…




'Beeeellion-dollar' mastercrooks in hotel, restaurant blitzkrieg

Thu, 19 Jan 2017 15:52:48 GMT

Carbanak: It's not just a caramel-flavoured choc-trocity. It's also malware

The Carbanak cyber criminal gang is abusing Google’s infrastructure as a conduit for botnet control.…




Trump inauguration DDoS protest is 'illegal', warn securobods

Thu, 19 Jan 2017 12:06:02 GMT

Whitehouse.gov down?

A software engineer is calling on netizens opposed to Donald Trump to visit the Whitehouse.gov site and overload it with traffic tomorrow.…




ProtonMail launches Tor hidden service to dodge totalitarian censorship

Thu, 19 Jan 2017 09:33:10 GMT

Known oppressive regimes including Egypt, and er... the UK? Oh, the IP Act is law...

ProtonMail, the privacy-focused email business, has launched a Tor hidden service to combat the censorship and surveillance of its users.…




What's the biggest danger to the power grid? Hackers? Terrorists? Er, squirrels

Thu, 19 Jan 2017 07:57:07 GMT

Turns out Mother Nature is a killer for power and people

Video For decades now people have been claiming that the power grid could be taken down by terrorists. However, simple statistical analysis shows that the biggest danger isn't online hackers, but squirrels – aka rats with good PR.…




Chrome dev explains how modern browsers make secure UI just about impossible

Thu, 19 Jan 2017 06:00:12 GMT

The 'LINE OF DEATH' between safe content and untrustworthy stuff is receding every year

Google Chrome engineer Eric Lawrence has described the battle of browser barons against the 'line of death', an ever-diminishing demarcation between trusted content and the no-man's land where phishers dangle their poison.…




Insecure Hadoop installs next in 'net scum crosshairs

Thu, 19 Jan 2017 04:03:04 GMT

Because MongoDB, Elasticsearch ransomware attacks are sooo last week

Rinse-and-repeat ransomware attacks on data services left unsecured by dozy sysadmins are now hitting Hadoop instances.…




Adobe's naughty Chrome telemetry code had XSS problem

Thu, 19 Jan 2017 01:27:07 GMT

Since patched, but a bad look for Adobe when it can't even get snoopware right

Adobe's pushed out a fix for its already-controversial Chrome telemetry extension after Project Zero's Tavis Ormandy found an egregious bug.…




Silence is golden: How Google hunts Android malware in the wild

Wed, 18 Jan 2017 22:29:14 GMT

When mobes and gadgets stop verifying app installations, you're gonna have a bad time

To determine whether a mobile app is potentially harmful, Google listens for the sound of silence.…




College fires IT admin, loses access to Google email, successfully sues IT admin for $250,000

Wed, 18 Jan 2017 19:50:18 GMT

Sacked techie claims school retaliated over race complaint

Shortly after the American College of Education (ACE) in Indiana fired IT administrator Triano Williams in April, 2016, it found that it no longer had any employees with admin access to the Google email service used by the school.…




'Ancient' Mac backdoor discovered that targets medical research firms

Wed, 18 Jan 2017 15:35:13 GMT

More secure than PC? Ha!

Security researchers at Malwarebytes have discovered a Mac backdoor using antiquated code that targets biomedical research facilities.…




Ooooh, that's NASty. Security-watchers warn over man-in-the-middle risk

Wed, 18 Jan 2017 13:21:49 GMT

Small flaws, but they add up

Vulnerabilities in a network attached storage (NAS) devices made by QNAP Systems create a potential means for hackers to steal data and passwords, execute commands or drop malware on vulnerable kit, say security researchers.…




Hacker cracks Facebook with remote code execution bug

Wed, 18 Jan 2017 05:28:06 GMT

ImageMagick exploit earns chap US$40k bug bounty

Facebook has paid US$40,000 to vulnerability hunter Andrew Leonov for disclosing how the hacker gained remote code execution on its servers through the widely-reported ImageMagick flaw.…




Ransomware scum infect cancer non-profit

Wed, 18 Jan 2017 04:58:04 GMT

Cyber-bastards lower bar

Ransomware scum have hit a new low by infecting a not-for-profit cancer support organization in Muncie, Indianapolis, US.…




SOHOpeless routers offer hard-coded credentials and command injection bugs

Wed, 18 Jan 2017 04:01:12 GMT

Researcher says Zyxel and Billion kit in Thailand, and probably beyond, are rotten

Yet again, home routers are the home of SOHOpelessness: Zyxel and Billion units distributed in Thailand by TrueOnline have backdoors, and the researcher who found the flaw says the vendors have ignored his attempts to notify them.…




Kill it with fire: US-CERT urges admins to firewall off Windows SMB

Wed, 18 Jan 2017 01:58:13 GMT

Shadow Brokers may have loosed a zero-day so you're better safe than sorry

The US computer emergency readiness team is recommending organisations ditch old versions of the Windows SMB protocol and firewall off access to file servers – after a potential zero-day exploit was released by the Shadow Brokers hacking group.…




Credential-stuffers enjoy up to 2% attack success rate – report

Tue, 17 Jan 2017 16:29:12 GMT

It's kinda easy when all the passwords are 1234567

Hackers achieve a success rate of 0.1 to 2 per cent when reusing stolen credentials to access other sites, according to a new study by Shape Security.…




Mega UK hospitals trust Barts says IT borkage was due to trojan – not ransomware

Tue, 17 Jan 2017 16:03:39 GMT

Oh, well, that's all right then

Barts Health NHS Trust has blamed the disruption of its IT systems last Friday on a trojan horse infection and not ransomware.…




Ransomware brutes smacked 1 in 3 NHS trusts last year

Tue, 17 Jan 2017 12:27:11 GMT

One was hit 19 times over 12 months

A third (30 per cent) of NHS trusts have been infected by ransomware, with one – the Imperial College Healthcare in London – suffering 19 attacks in just 12 months.…




Devs reverse-engineer 16,000 Android apps, find secrets and keys to AWS accounts

Tue, 17 Jan 2017 07:20:14 GMT

It's 2017 and developers are still doing really dumb things

A security firm has reverse engineered 16,000 Android apps on Google's Play store and found that over 304 contain sensitive secret keys.…




Dodgy Dutch developer built backdoors into thousands of sites

Tue, 17 Jan 2017 06:54:13 GMT

Then hoovered out users' personal data, stole identities galore and spent up big

Update Dutch police are this week warning 20,000 users that their email accounts were hacked after a malicious web developer left backdoors in the sites he built.…




911 app is a joke, says security researcher Randy Westergren

Tue, 17 Jan 2017 03:02:42 GMT

'Panic Button' could be pressed by miscreants, repeatedly

The Rave Panic Button app, designed to allow businesses to summon emergency services, allows miscreants to easily 'swat' targets by making false reports of emergencies says security researcher Randy Westergren.…




Dovecot mailserver graded 'nearly impenetrable'

Tue, 17 Jan 2017 01:58:13 GMT

Security audit of popular-with-service-providers package produces surprised smiles

POP and IMAP mailserver suite Dovecot has passed an extensive audit by hackers, who were able to find only three minor vulnerabilities.…




French spies warn politicians of hack risk as election draws near

Mon, 16 Jan 2017 12:52:10 GMT

Authorities uneasy in wake of alleged Russian interference in US presidential race

French authorities are warning political parties about the increased threat of cyber attacks as the country prepares to elect a new president in May.…




Windows 10 Anniversary Update crushed exploits without need of patches

Mon, 16 Jan 2017 08:01:11 GMT

Microsoft security boffins throw fresh CVEs at unpatched OS, emerge smiling

Microsoft says its Windows 10 Anniversary Update squashes more exploit delivery chains than ever.…




Google reveals its servers all contain custom security silicon

Mon, 16 Jan 2017 07:28:07 GMT

Even the servers it colocates (!) says new doc detailing Alphabet sub's security secrets

Google has published a Infrastructure Security Design Overview that explains how it secures the cloud it uses for its own operations and for public cloud services.…




Brilliant phishing attack probes sent mail, sends fake attachments

Mon, 16 Jan 2017 06:02:14 GMT

Strategy_Doc.PDF from the next cubicle is actually a portal to p0wnage

UPDATE An newly-detected Gmail phishing attack sees criminals hack and then rifle through inboxes to target account owners' contacts with thoroughly convincing fake emails.…




Just give up: 123456 is still the world's most popular password

Mon, 16 Jan 2017 01:55:58 GMT

Data diggers' dumpster dive demonstrates dumb and dumberer defences

The security industry's ongoing efforts to educate users about strong passwords appears to be for naught, with a new study finding the most popular passwords last year were 123456 and 123456789.…




Promising compsci student sold key-logger, infects 16,000 machines, pleads guilty, faces jail

Sat, 14 Jan 2017 01:50:32 GMT

What a Shames

A 21-year-old computer science student, who won a Programmer of the Year Award in high school, has admitted selling key-logging malware out of his college dorm room.…




US Marines seek more than a few good men (3,000 men and women, actually) for cyber-war

Sat, 14 Jan 2017 00:45:09 GMT

From the phones of Montezuma to the servers of Tripoli

The head of the US Marines wants to recruit about 3,000 troops skilled in online warfare and espionage to make sure the Corps is ready for 21st-century battle.…




Playpen child sex abuse archive admin gets 20 years in the Big House

Fri, 13 Jan 2017 22:26:12 GMT

49 kids rescued so far

An administrator of Playpen – the notorious dark-web trading post of child sex abuse material – has been jailed for 20 years and faces a lifetime of parole.…




UK's largest hospital trust battles Friday 13th malware outbreak

Fri, 13 Jan 2017 18:46:51 GMT

Plug pulled on Barts Health computer gear to prevent cyber-disease spread

Malware has infected hospital computers at the UK’s biggest NHS trust.…




Google floats prototype Key Transparency to tackle secure swap woes

Fri, 13 Jan 2017 17:36:13 GMT

♪ I've got the key, I've got the secreeeee-eeet ♪

Google has released an open-source technology dubbed Key Transparency, which is designed to offer an interoperable directory of public encryption keys.…




Pirates, pirates, whatchu gonna do? Advertisers cop a visit from PIPCU

Fri, 13 Jan 2017 17:02:13 GMT

Someone's keeping the neckbeards in Doritos

Knock knock. Who's there? This Wednesday, officers from the City of London Police's Intellectual Property Crime Unit (PIPCU) trying to get your advertising agency to stop helping pirate sites generate revenue.…




Oh, for F...acebook: WhatsApp, critics spar over alleged 'backdoor'

Fri, 13 Jan 2017 15:21:48 GMT

Don't panic, there's nothing to fear, insists green messenger

Updated A vulnerability in WhatsApp’s end-to-end encryption can be potentially exploited by determined snoops to intercept and read encrypted messages, it was claimed today. Essentially, if an attacker can reroute an undelivered encrypted message to another phone, it is possible to decrypt the text.…




EU policy makers consider FRAND licensing of machine-generated data

Fri, 13 Jan 2017 09:01:07 GMT

Anonymised app data silos impede movement

EU policy makers are considering introducing a new licensing regime for anonymised "machine-generated data".…




WordPress plugs eight holes in latest release

Fri, 13 Jan 2017 06:30:03 GMT

Cross-site scripting, request forgery, and more!

WordPress has patched a series of vulnerabilities in its content management system shuttering bugs affecting more than 10 million users.…




MongoDB hackers now sacking ElasticSearch

Fri, 13 Jan 2017 04:56:11 GMT

Open season on open services

It is open season on open services as net scum migrate from sacking MongoDB databases to insecure ElasticSearch instances.…




Trump's cyber-guru Giuliani runs ancient 'easily hackable website'

Fri, 13 Jan 2017 02:07:43 GMT

Stunned security experts tear strips off president-elect pick hours after announcement

US president-elect Donald Trump's freshly minted cyber-tsar Rudy Giuliani runs a website with a content management system years out of date and potentially utterly hackable.…




ISC squishes BIND packet-of-death bugs

Fri, 13 Jan 2017 01:56:12 GMT

DNS servers are crashable until they're patched

BIND administrators, get patching: there are three irritating flaws you need to splat.…




Donald Trump will take cybersecurity advice from, um, Rudy Giuliani

Thu, 12 Jan 2017 23:15:32 GMT

♪ Stop your messin' around, better think of your future ♪

The transition team for US president-elect Donald Trump has announced that former New York City mayor Rudy Giuliani will advise the incoming administration on how to secure America's digital infrastructure.…




Thanks, Obama: NSA to stream raw intelligence into FBI, DEA and pals

Thu, 12 Jan 2017 20:52:08 GMT

Gee, what a lovely parting gift by outgoing US prez

A last-minute rule change signed off by the outgoing Obama administration has made it much easier for the NSA to share raw surveillance data with more than a dozen government agencies.…




Shadow Brokers spew Windows hack tools after exploit auction flop

Thu, 12 Jan 2017 19:58:53 GMT

Screw you, guys, we're going home

Security exploit peddlers Shadow Brokers announced their retirement on Thursday – and released 58 tools for hacking Windows PCs for free by way of a parting gift.…