Subscribe: The Register - Security: Enterprise Security
http://www.theregister.com/security/network/headlines.rss
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
alphabay hansa  alphabay  bug  card  hack  hackers  malware  million  new  police  researchers  security  web  windows  year     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security: Enterprise Security

The Register - Security



Biting the hand that feeds IT



Copyright: Copyright 2017, Situation Publishing
 



Wallet-snatch hack: ApplePay 'vulnerable to attack', claim researchers

Fri, 28 Jul 2017 15:06:07 GMT

Are you using payment system over public Wi-Fi?

BlackHat USA Security researchers say they have come up with two separate "attacks" against ApplePay, highlighting what they claim are weaknesses in the mobile payment method.…




Flaws in web-connected, radiation-monitoring kit? What could go wrong?

Fri, 28 Jul 2017 14:00:10 GMT

Ripe target for ne'er-do-wells...

Black Hat Vulnerabilities in widely deployed Radiation Monitoring Devices (RDMs) present a potential mechanism for triggering false alarms and worse, according to research unveiled at Black Hat on Wednesday.…




Should you stay awake at night worrying about hackers on the grid?

Fri, 28 Jul 2017 09:33:10 GMT

Watt's all this about cyberspy threat leaks... Analysts weigh in

Analysis The energy sector across multiple Western countries is under intensified assault by hackers. Security experts warn that industrial systems are wide open to potential exploit once hackers secure a foothold, the most difficult part of the hacking process, using targeted phishing or similar tactics.…




Ransomware scum straighten ties, invest in good customer service

Fri, 28 Jul 2017 06:31:09 GMT

Word of mouth matters when you're taking users' cash

Ransomware scum are investing in customer service processes to get more people paying, according to McAfee's lead scientist and principal engineer Christiaan Beek.…




Inside the ongoing fight to stamp out govt-grade Android spyware

Fri, 28 Jul 2017 06:01:07 GMT

Chrysaor, Lipizzan are state surveillance tools, not Pokemon, surprisingly

Black Hat A study into government-grade Android spyware led researchers to a new strain of surveillance malware lurking in the Google Play app store – a strain that has now been unceremoniously booted out of the software marketplace.…




Enumeration bug offers five-finger discount on shopping loyalty points

Fri, 28 Jul 2017 01:04:49 GMT

Woolworths Australia is off its trolley - points redemption apps accept random card numbers

The Register has been alerted that Australian retailer Woolworths' customer loyalty points can be filched thanks to a user enumeration bug.…




Hackers can turn web-connected car washes into horrible death traps

Thu, 27 Jul 2017 20:24:13 GMT

Yeah, boss, I took care of him. I had him waxed. Literally

Black Hat Forget hijacking smart light bulbs. Researchers claim they can hack into internet-connected car wash machines from the other side of the world and potentially turn them into death traps.…




The opsec blunders that landed a Russian politician's fraudster son in the clink for 27 years

Thu, 27 Jul 2017 18:34:49 GMT

Pro tip from the US DoJ: Don’t reuse passwords

Black Hat Uncle Sam's lawyers have revealed the catalog of operational security mistakes that led to the cuffing of one of the world’s most prolific credit-card crooks.…




Strong and stable, my arse. UK wobbles when coping with ransomware

Thu, 27 Jul 2017 12:01:39 GMT

Even worse than France. FRANCE!

A third of businesses have suffered a ransomware attack in the last 12 months, according to a new survey sponsored by Malwarebytes.…




'SambaCry' malware scum return with a Windows encore

Thu, 27 Jul 2017 04:56:05 GMT

CowerSnail' opens garden variety backdoors rather than mining BTC

Malware authors continue to chip away at Samba bugs similar to those that helped spread WannaCry/WannaCrypt.…




Microsoft adds all of Windows – including Server – to extended bug bounty program

Thu, 27 Jul 2017 04:04:09 GMT

Hyper-V tops the Most Wanted list with $250k price on its head

Microsoft has extended its bug bounty program for Windows Insider to include the whole of the OS, extended its operation indefinitely and added Windows Server Insider to the eligibility list.…




Greek police arrest chap accused of laundering $4bn of Bitcoin

Thu, 27 Jul 2017 02:01:09 GMT

Russian Alexander Vinnik thought to be handling proceeds of Mt Gox bust

Police in Greece have arrested a Russian national they accuse of running the BTC-e Bitcoin exchange to launder more than US$4bn worth of the cryptocurrency.…




Reminder: Spies, cops don't need to crack WhatsApp. They'll just hack your smartphone

Wed, 26 Jul 2017 21:58:53 GMT

Need to snoop on chatter? Forget math, just exploit a bug

Police in Germany will forego seeking decryption keys for secure messaging apps, like WhatsApp, and instead simply hack devices to snoop on suspects.…




Details of 400,000 loan applicants spilled in UniCredit bank breach

Wed, 26 Jul 2017 16:02:10 GMT

And it only took them 10 months to realise

Italian bank UniCredit admitted on Wednesday that a series of breaches, undetected for nearly a year, exposed the personal data of 400,000 loan applicants.…




Revealed: 779 cases of data misuse across 34 British police forces

Wed, 26 Jul 2017 15:17:06 GMT

Probe finds widespread abuse of cop IT systems by personnel

A freedom-of-information request by Huntsman Security has discovered that UK police forces detected and investigated at least 779 cases of potential data misuse by personnel between January 2016 and April 2017.…




Time-rich netizens marshall ballot-stuffing bots against... Radio Times contest

Wed, 26 Jul 2017 13:04:16 GMT

Really?

Internet ballot-stuffing has existed for as long as Rickrolling, if not longer, but it used to be a serious endeavour requiring a certain level of commitment, however misguided.…




Beijing police quench scum allegedly behind 'Fireball' fraudware

Wed, 26 Jul 2017 06:30:48 GMT

Eleven arrested over malicious browser plug-in that netted nearly US$12 million

Chinese police have moved on the developers of the Fireball adware that infected millions of computers earlier this year.…




US spies hacked our phones over the air, claim pipeline protesters

Wed, 26 Jul 2017 06:02:04 GMT

Targeting oil demo may have been training exercise for snoops, it is feared

For the past year or so, protesters in North Dakota, America, have been trying to prevent an oil pipeline from being built through Native Americans’ sacred land.…




Crap gift card security helps crims spend your birthday pressie cash

Wed, 26 Jul 2017 05:32:14 GMT

These blokes spent two years studying and warning retail giants of fraud danger

Gift cards' lousy security makes it easy for crooks to spend marks' money, researchers said Tuesday night.…




Las Vegas locks down ahead of DEF CON hacking conference

Tue, 25 Jul 2017 21:42:35 GMT

Trust the hookers, don’t trust the Wi-Fi

DEF CON Businesses in Las Vegas are locking down their systems as hackers fly into the fetid hell of Sin City for a trio of security conferences.…




Adobe will kill Flash by 2020: No more updates, support, tears, pain...

Tue, 25 Jul 2017 16:43:24 GMT

Buggy multimedia nightmare won't see President Zuckerberg's inauguration

Adobe has officially set a kill date for its beleaguered Flash.…




ALIS in Blunderland: Lockheed says F-35 Block 3F software to be done by year's end

Tue, 25 Jul 2017 14:57:04 GMT

... which is absolutely not what US gov audit-type folk expect

F-35 software development will be finished by the end of this year, Lockheed Martin has said – which contradicts the view of various American government audit agencies.…




Crappy hacker crew fingered for Bundestag snooping operation

Tue, 25 Jul 2017 14:22:10 GMT

CopyKittens persistent but easy to find, monitor and counter

Security researchers have lifted the lid on a new cyber-espionage crew that has targeted the German Bundestag and Turkish diplomats.…




Kid found a way to travel for free in Budapest. He filed a bug report. And was promptly arrested

Tue, 25 Jul 2017 05:03:10 GMT

Protests sparked after web security hole reported

The arrest of a Hungarian bloke after he discovered a massive flaw in the website of Budapest's transport authority – and reported it – has sparked a wave of protests.…




Ubiquiti firmware patch stomps nasty redirect bug from login screen

Tue, 25 Jul 2017 03:03:12 GMT

If you skipped the fix, fair enough - it landed before the vulnerability report

Popular wireless networking hardware vendor Ubiquiti patched a couple of serious vulnerabilities back in March and April – without telling the people who reported the bugs.…




G Suite admins have just one button to secure their sites, but don't

Tue, 25 Jul 2017 02:01:11 GMT

Another day, another cloudy data leak, as admins fail to get one setting right

G Suite business users: go and check your configuration, and make sure you're not publishing enterprise information to the whole world.…




Pathetic patching leaves over 70,000 Memcached servers still up for grabs

Mon, 24 Jul 2017 21:19:42 GMT

And that’s months after patches released and warning emails sent – sort it out!

If you're running the caching service Memcached, and particularly if you're exposing it to the public internet for some reason, please make sure you've patched it. Tens of thousands of vulnerable systems haven't.…




China crams spyware on phones in Muslim-majority province

Mon, 24 Jul 2017 19:19:04 GMT

On-the-spot checks by cops to ensure creepy mass surveillance tool is installed

The Chinese government is requiring citizens in Xinjiang province to install spyware on their mobile phones and is enforcing the policy with police spot-checks, according to several online reports.…




Crims snatch 5.5 million social security numbers from Kansas govt box

Mon, 24 Jul 2017 18:53:37 GMT

A server where there isn't any trouble. Do you suppose there is such a server, Toto?

Hackers have lifted not only the social security numbers and personal information of half a million jobseekers in Kansas – but also records on more than five million people from nine other US states.…




Cyber arm of UK spy agency left without PGP for four months

Mon, 24 Jul 2017 15:27:04 GMT

Meanwhile Huawei gets green light, despite failure to verify source code

UK spy agency GCHQ’s cyber security arm, CESG, was left without PGP encryption for more than four months, according to a government report.…




Briton admits to router hack that DDoSed Deutsche Telekom

Mon, 24 Jul 2017 15:07:05 GMT

Tells German court it was unintentional

An as yet unnamed 29-year-old pleaded guilty on Friday to charges relating to the hijacking of more than 1.25 million Deutsche Telekom routers, according to reports in the German press.…




AlphaBay and Hansa: About those dark web marketplaces takedowns

Mon, 24 Jul 2017 11:51:25 GMT

Sellers using AlphaBay vendor 'trust' ratings on new dodgy agoras

Analysis A US Federal Bureau of Investigation veteran has spoken out on the international police ops that led to the takedown of dark web drug souks AlphaBay and Hansa, giving an insider's look at the process.…




Sweden leaked every car owners' details last year, then tried to hush it up

Sun, 23 Jul 2017 22:31:27 GMT

Another day, another botched government contract

In a slowly-unfolding scandal in Sweden, it's emerged that the country's transport agency bungled an outsourcing deal with IBM, putting both individuals and national security at risk.…




But how does our ransomware make you feel?

Fri, 21 Jul 2017 12:58:08 GMT

Psychology of ransomware threats unpicked

Ransomware crooks have become skilled psychological manipulators in their attempts to fleece victims of file-encrypting malware.…




Moneysupermarket fined £80,000 for spamming seven million customers

Fri, 21 Jul 2017 05:32:05 GMT

Go compare the original opt-out request, firm told

Price-comparison darling Moneysupermarket.com has been fined £80,000 for sending 7.1 million emails to customers who had opted out of receiving direct marketing emails.…




So, FCC, how about that massive DDoS? Hello? Hello...? You still there?

Thu, 20 Jul 2017 22:27:12 GMT

Like trying to get blood out of a stone

Updated America's broadband watchdog, the FCC, has declined to share any more details on the cyber-assault that apparently downed its website shortly after it announced its intent to kill net neutrality.…




US Homeland Sec boss has snazzy new laptop bomb scanning tech – but admits he doesn't know what it's called

Thu, 20 Jul 2017 22:01:03 GMT

Fscking nerds, Secretary John Kelly sighs

Flying into America? Don't worry about that crackdown on laptops and similar gear in your carry-on luggage. It's no longer happening. No, instead, the US has something else up its sleeve.…




Alphabay shutdown: Bad boys, bad boys, what you gonna do? Not use your Hotmail...

Thu, 20 Jul 2017 20:28:44 GMT

...or the Feds will get you ♪

Analysis The alleged owner of dark-web marketplace AlphaBay was tracked down by FBI because he was stupid enough to include his real Hotmail address in the content management system used to run the site.…




UK uni warns students of phishers trying to nick their tuition fees

Thu, 20 Jul 2017 19:18:10 GMT

♪ You shall have a phishy on a little dishy when the hack comes in

Foreign students looking to experience the stochastic joys of a year at Newcastle University in England are being warned that phishers are after their cash – using an unusually well-crafted attack.…




Cops harpoon two dark net whales in megabust: AlphaBay and Hansa

Thu, 20 Jul 2017 15:38:23 GMT

Tor won't shield you, warn Feds

Two of the largest dark net marketplaces - AlphaBay and Hansa - have been shut down following an international police operation.…




The eyes have IT: TSB to roll out iris-scanning tech for mobile banking

Thu, 20 Jul 2017 14:56:06 GMT

Biometrics, certificates combo to shore up security

TSB has announced plans to roll out iris-scanning technology for its mobile banking app from September.…




No one still thinks iOS is invulnerable to malware, right? Well, knock it off

Thu, 20 Jul 2017 11:07:58 GMT

As platform's popularity rose, so did its allure to miscreants

The comforting notion that iOS devices are immune to malicious code attacks has taken a knock following the release of a new study by mobile security firm Skycure.…




HMS Frigatey Mcfrigateface given her official name

Thu, 20 Jul 2017 10:42:25 GMT

It's Glasgow, before you lot get too excited

The first of the Royal Navy's new Type 26 frigates has been named HMS Glasgow, recycling the name for the fourth time in the last 100 years.…




Yeah, WannaCry hit Windows, but what about the WannaCry of apps?

Thu, 20 Jul 2017 09:12:07 GMT

Patching done proper

WannaCrypt crippled 230,000 Windows PCs internationally, hitting unpatched Windows 7 and Windows Server 2008 and computers still running Microsoft's seriously old Windows XP, though the latter wasn't responsible for its spread.…




Crazy bug of the week: Gnome Files' .MSI parser runs evil VBScripts

Thu, 20 Jul 2017 06:30:04 GMT

Grab a fix now

Gnome developers, take a bow: a bug in your image thumbnailer has opened up a (not too scary, thankfully) hole for script injection.…




Remember that Citadel bank-slurping malware? Its main man was just jailed for five years

Thu, 20 Jul 2017 05:37:12 GMT

Trojan was used to swipe $500m from victims' accounts

Russian programmer Mark Vartanyan has been sentenced to five years in US federal prison for developing and spreading the Citadel malware that stole $500m (£383m) from bank accounts around the world.…




Dahua cameras stung by Web interface bug

Thu, 20 Jul 2017 01:55:14 GMT

Long paassssswwwwwoooorrrd risks remote code execution

Chinese camera-maker Dahua has flicked out a patch to fix a possible remote code execution vulnerability in its Web admin interface.…




$30 million below Parity: Ethereum wallet bug fingered in mass heist

Thu, 20 Jul 2017 00:55:12 GMT

Crypto-cash leak made possible by software stuff-up

A vulnerability in Parity's Ethereum wallet software has been exploited by thieves to rob victims on a massive scale.…




Apple hurls out patches for dozens of security holes in iOS, macOS

Wed, 19 Jul 2017 23:24:37 GMT

Project Zero, GCHQ, and city of Mishawaka, Indiana among credited bug-hunters

Apple has today released patches addressing roughly four dozen exploitable security vulnerabilities in iOS, macOS, and WatchOS.…




School of card knocks: Russophone criminals offered online courses in credit card fraud

Wed, 19 Jul 2017 13:25:11 GMT

Обратите внимание на спину!

Cyber crime lords have come up with a new money-spinner – Russian-language e-learning courses geared towards teaching the skills necessary to rip off consumers and card companies.…