Subscribe: The Register - Security: Malware
http://www.theregister.com/security/virus/headlines.rss
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
bug  data  hackers  internet  investigatory powers  malware  network  patch  powers act  ransomware  security  vulnerability     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security: Malware

The Register - Security



Biting the hand that feeds IT



Copyright: Copyright 2016, Situation Publishing
 



Russia accuses hostile foreign powers of plot to undermine its banks

Fri, 02 Dec 2016 16:31:25 GMT

Let's get ready to rouble

Russia has accused unnamed foreign spies of launching a concerted effort to undermine its domestic banking system.…




Sh... IoT just got real: Mirai botnet attacks targeting multiple ISPs

Fri, 02 Dec 2016 12:19:08 GMT

Now ZyXEL and D-Link routers from Post Office and TalkTalk under siege

Analysis The Mirai botnet has struck again, with hundreds of thousands of TalkTalk and Post Office broadband customers affected. The two ISPs join a growing casualty list from a wave of assaults that have also affected customers at Deutsche Telekom, KCOM and Irish telco Eir over the last two weeks or so.…




Microsoft's 'Samaritan' refuses help to hackers doing Win 10 recon

Fri, 02 Dec 2016 08:27:07 GMT

'SAMRi10' script hides the creds hackers crave, making box-to-box jumps harder

Microsoft hacker Itai Grady has created a tool to help prevent blackhat scouts from stealing Windows credentials, an effort the firm hopes will make network compromises harder to achieve.…




Hackers waste Xbox One, PS4, MacBook, Pixel, with USB zapper

Fri, 02 Dec 2016 04:58:13 GMT

What would happen if someone sticks this USBBQ into an airplane seat socket?

VIDS Hackers are destroying everything from the latest gaming systems, phones, and even cars with a dangerous circuit-frying USB device that could put critical systems at risk.…




Shamoon malware returns to again wipe Saudi-owned computers

Fri, 02 Dec 2016 01:58:12 GMT

Iran suspected as likely source of re-vamped nastyware

Thousands of computers in Saudi Arabia's civil aviation agency and other Gulf State organisations have been wiped by the Shamoon malware after it resurfaced some four years after wiping thousands of Saudi Aramco workstations.…




Online criminals iced as cops bury malware-spewing Avalanche

Thu, 01 Dec 2016 23:57:11 GMT

Four-year op by US and EU culminates in arrests, server seizures

On November 30, simultaneous raids in five countries by the FBI, Europol, and the UK's National Crime Agency (NCA) finally shuttered the Avalanche criminal network that has been spewing malware and money laundering campaigns for the past seven years.…




Europol cop took terror dossier home, flashed it to the web accidentally

Thu, 01 Dec 2016 19:37:34 GMT

Europe's FBI sheds light on security bungle

An investigator at Europe's FBI Europol took home a USB stick packed with terror probe documents and accidentally spilled the files on the internet.…




Hull surfers cut off by router attack

Thu, 01 Dec 2016 15:01:10 GMT

Routers scooted, says KCOM

Thousands of broadband customers in the Hull area have been left without reliable internet access following a cyber attack.…




RAF Club members emailed fake invoices. Has it been hacked?

Thu, 01 Dec 2016 14:33:05 GMT

Military personnel's social centre scratches its head

The Royal Air Force Club appears to have been the victim of a hack, following members being sent fake invoices for staying at the club's London HQ.…




Clients say they'll take their money and run if service hacked – poll

Thu, 01 Dec 2016 10:57:11 GMT

Data breaches could cost firms business, Brits tell survey

Further evidence has emerged that hacked firms might subsequently suffer a customer exodus. After TalkTalk's famous data breach, 101,000 of its customers walked.…




Fatal flaws in ten pacemakers make for Denial of Life attacks

Thu, 01 Dec 2016 06:02:14 GMT

Brit/Belgian research team decipher signals and devise wounding wireless attacks

A global research team has hacked 10 different types of implantable medical devices and pacemakers finding exploits that could allow wireless remote attackers to kill victims.…




SHIFT + F10, Linux gets you Windows 10's cleartext BitLocker key

Thu, 01 Dec 2016 05:00:01 GMT

Don't panic, because this one's a bit esoteric. Do feel free to face-palm anyway

Microsoft is working on a patch for a bug or feature in Windows 10 that allowed access to the command line and, using a live Linux .ISO, made it possible steal BitLocker keys during OS updates.…




UCam247 tells El Reg most of its cams aren't vulnerable to GET vuln

Thu, 01 Dec 2016 03:01:06 GMT

IoT vendor in prompt, polite, sensible, security shocker

IoT security camera vendor UCam247 has contacted The Register to say most devices in the wild aren't vulnerable to the “single URL pwnage” vulnerability.…




Google's Project Zero tweaking Microsoft, because it did fix a bug

Thu, 01 Dec 2016 02:03:04 GMT

Redmond said it wouldn't fix a flaw, then did it on the sly

For once, a Google Project Zero bug report to Microsoft has resulted in a fix without a public spat. Indeed, this fix happened without any public announcement at all.…




Wow. What a shock. The FBI will get its bonus hacking powers after all

Wed, 30 Nov 2016 23:04:55 GMT

Rule 41 makes life easier for Feds, cops to target Tor, VPN users, and malware victims

Three last-ditch legislative efforts to block the changes to Rule 41 of the Federal Rules of Criminal Procedure have failed, and from tomorrow the Feds will find hacking your PC a lot less of a hassle.…




Android-rooting Gooligan malware infects 1 million devices

Wed, 30 Nov 2016 16:21:29 GMT

At an estimated rate of 13,000 smartphones a day

A new strain of Android malware is infecting an estimated 13,000 devices per day.…




UCL snags head of Europol for a seminar on privacy

Wed, 30 Nov 2016 12:39:21 GMT

Debates ahoy in late January

The head of Europol will be contributing to a seminar at UCL on "the state of the current privacy landscape", which will run in January.…




UK cops spot webcam 'sextortion' plots: How vics can hit stop

Wed, 30 Nov 2016 11:56:06 GMT

Don't panic, don't pay

The NCA has said that "at least four young men have taken their own lives" after being targeted by financially motivated webcam blackmailers, while UK police forces are sharing stats and tips in a campaign to combat the rising problem.…




UK National Lottery data breach: Fingers crossed – it might not be you

Wed, 30 Nov 2016 11:16:12 GMT

No card data but possibly other personal stuff

Cyber criminals appear to be using passwords and email addresses from previous breaches to gain access to 26,000 online UK National Lottery accounts.…




'Tesco Bank's major vulnerability is its ownership by Tesco,' claims ex-employee

Wed, 30 Nov 2016 10:03:13 GMT

Links to supermarket's systems may have exposed vulnerability

A former techie at the UK's Tesco Bank reckons the recent high-profile breach may be down to security shortcomings at the bank's parent supermarket.…




Speaking in Tech: The limitations of Android's crypto

Wed, 30 Nov 2016 09:24:12 GMT

Podcast Podcast Idol winners rap about Apple, Google DeepMind and more



UK's new Snoopers' Charter just passed an encryption backdoor law by the backdoor

Wed, 30 Nov 2016 07:04:05 GMT

How far will it go? You'll have to ask the Home Secretary

Among the many unpleasant things in the Investigatory Powers Act that was officially signed into law this week, one that has not gained as much attention is the apparent ability for the UK government to undermine encryption and demand surveillance backdoors.…




PayPal proffers patch for OAuth app hack hole

Wed, 30 Nov 2016 05:32:04 GMT

Payment giant takes second look at bad bugs.

Paypal has patched a phishing vulnerability that could allow attackers to steal any OAuth token for its payment apps and gain access to accounts.…




GET pwned: Web CCTV cams can be hijacked by single HTTP request

Wed, 30 Nov 2016 02:27:46 GMT

Server buffer overflow equals remote control

An insecure web server embedded in more than 35 models of internet-connected CCTV cameras leaves devices wide open to hijacking, it is claimed.…




Drive-by web nasty unmasks Tor Browser users, Mozilla dashes to patch zero-day vuln

Wed, 30 Nov 2016 01:33:19 GMT

JavaScript smuggles malicious payload into PCs

Updated Mozilla is scrambling to patch a vulnerability in Firefox that is apparently being exploited in the wild to unmask Tor Browser users.…




Another Canadian uni hit by ransomware, students told to keep Windows PCs away

Tue, 29 Nov 2016 23:31:58 GMT

Network crippled by extortion software nasty

Carleton University in Ontario, Canada, has confirmed it has been hit by a ransomware infection that crippled some of the Windows machines on its main campus.…




Oh no, software has bugs, we need antivirus. Oh no, bug-squasher has bugs, we need ...

Tue, 29 Nov 2016 13:27:09 GMT

Secunia report on treadmill of security software pain

Flaws in security products are among the most commonly encountered desktop software vulnerabilities, according to a new study.…




Investigatory Powers Act signed into UK law by Queen

Tue, 29 Nov 2016 12:45:11 GMT

Your homes may be your castles, but your browsing histories belong to UK.gov

IPBill Queen Elizabeth II today signs off on Parliament's Investigatory Powers Act, officially making it law in the UK.…




Bletchley Park Trust vows to shore up insecure website

Tue, 29 Nov 2016 11:34:10 GMT

Security boffin blasts caretakers of Alan Turing's legacy

The Bletchley Park Trust has promised that a website revamp due in January will address security concerns highlighted by a security expert on Sunday.…




R3 four flew: What's driving banks to flee blockchain consortium?

Tue, 29 Nov 2016 10:39:12 GMT

Too big to fail or too big to work?

Analysis The value of distributed ledgers and blockchain tech to the financial sector has again come under the spotlight following the departure of several entities from prominent blockchain consortium R3: namely Goldman Sachs, Santander, Morgan Stanley and the National Australian Bank.…




A Rowhammer ban-hammer for all, and it's all in software

Tue, 29 Nov 2016 06:52:07 GMT

Sorry to go all MC Hammer on you, but boffins tell bit-flippers 'you can't touch this'

A group of German researchers reckon they've cracked a pretty hard nut indeed: how to protect all x86 architectures from the “Rowhammer” memory bug.…




Hackers crack Liechtenstein banks, demand ransoms

Tue, 29 Nov 2016 05:02:08 GMT

Tiny country creates yuuge problems as crims threaten to expose 'tax evasion'

Hackers have days ago breached a Liechtenstein bank and are allegedly blackmailing customers by threatening to release their account data if ransoms are not paid.…




Cisco stre...tches vulnerability disclosure timeline out to 90 days

Tue, 29 Nov 2016 02:57:04 GMT

Big vendors patch bugs nearly as quick as open source coders

Cisco's decided it's going to give 90 days' grace on vulnerability disclosures, to let (mostly) commercial vendors catch up with their bug-fixes.…




Netflix and spill: Web vid giant kills password masking in tests

Tue, 29 Nov 2016 01:58:06 GMT

Now your date will know your passphrase is hunter2

Netflix is testing a new feature that, for some subscribers, shows their passwords in plain text as they are typed in – and potentially when folks revisit the site.…




Inside Android's source code... // TODO – Finish file encryption later

Tue, 29 Nov 2016 01:28:04 GMT

Android 7.0's crypto sauce is 'half-baked' and Google promises to make it better, soon

Looking at the storage encryption Google has implemented in Android Nougat (7.0) through the metaphor of the glass that's either half full or half empty, cryptography expert Matthew Green sees Google's glass as all but drained.…




'Mirai bots' cyber-blitz 1m German broadband routers – and your ISP could be next

Mon, 28 Nov 2016 22:04:53 GMT

Malware waltzes up to admin panels with zero authentication

A widespread attack on the maintenance interfaces of broadband routers over the weekend has affected the telephony, television, and internet service of about 900,000 Deutsche Telekom customers in Germany.…




Creaking Royal Navy is 'first-rate' thunders irate admiral

Mon, 28 Nov 2016 17:13:12 GMT

He's bound to say that. Truth is, it'll get worse before it gets better

Comment Admiral Sir Philip Jones, head of the Royal Navy, has written how "you'd be forgiven for thinking that the RN had packed up and gone home" in response to the kicking the naval service has received in the press recently.…




Ransomware scams cost Brits £4.5m per year

Mon, 28 Nov 2016 12:43:11 GMT

Lock-up markup shake-up shake-down

More than 4,000 Brits have had their computers infected with ransomware this year, with over £4.5m paid out to cyber criminals, according to Action Fraud.…




100k+ petition: MPs must consider debating Snoopers' Charter again

Mon, 28 Nov 2016 10:16:41 GMT

Brexit means Brex... hang on, you want to store... WTF?

A petition to Parliament requesting the repeal of the Investigatory Powers Act has received the 100,000 signatures required to make Parliament “consider” debating the issue.…




The Internet Society is unhappy about security – pretty much all of it

Mon, 28 Nov 2016 08:02:06 GMT

It's all fun and games until someone loses a life

The Internet Society (ISOC) is the latest organisation saying, in essence, “security is rubbish – fix it”.…




Japan investigating defence network break-in

Mon, 28 Nov 2016 04:55:06 GMT

The usual unnamed 'state-based' attacker blamed

Japanese defence officials are investigating a reported penetration of the country's high-speed Defence Information Infrastructure (DII) network.…




Phishing tackle ships data catch to net sharks

Mon, 28 Nov 2016 02:30:19 GMT

DIY-phishing code advertised YouTube have predictable by-products

A malware writer is running YouTube ads for a phishing tool they have secretly backdoored to steal victims' information.…




Microsoft update servers left all Azure RHEL instances hackable

Mon, 28 Nov 2016 00:57:25 GMT

Patch proffered, pen-tester paid

Microsoft has patched flaws that attackers could exploit to compromise all Azure Red Hat Enterprise Linux (RHEL) instances.…




Passengers ride free on SF Muni subway after ransomware infects network, demands $73k

Sun, 27 Nov 2016 21:39:42 GMT

Office admin systems derailed by malware

Updated Hard-drive-scrambling ransomware infected hundreds of computers at San Francisco's public transit agency on Friday and demanded 100 bitcoins to unlock data, The Register has learned.…




Grand App Auto: Tesla smartphone hack can track, locate, unlock, and start cars

Fri, 25 Nov 2016 17:00:05 GMT

Musk's lot better get on this

A smartphone app flaw has left Tesla vehicles vulnerable to being tracked, located, unlocked, and stolen.…




London cops' tech slammed for failing abused kids – report

Fri, 25 Nov 2016 15:26:09 GMT

HMIC also hits cops for shrugging off responsibility for 'streetwise' children

A broken police information system hampered efforts to protect children at risk of sexual exploitation in the UK, according to Her Majesty's Inspectorate of Constabularies (HMIC).…




EU puts out prescription for smart hospitals

Fri, 25 Nov 2016 14:02:07 GMT

IoT would be great for healthcare... if it wasn't so damn insecure

An EU agency has grappled with thorny issues surrounding the adoption of IoT technology in hospitals to draft a series of best practice guidelines.…




Drops the mic... Hang on, hackers could be listening through my headphones?

Fri, 25 Nov 2016 11:10:49 GMT

RealTek codec vuln can switch speakers from output to input

Experimental malware has highlighted the possibility that hackers might be able to turn headphones into microphones in order to snoop on computer users.…




Poison .JPG spreading ransomware through Facebook Messenger

Fri, 25 Nov 2016 07:29:12 GMT

Cick-to-self-p0wn attack sneaks Locky ransomware past Zuck's security model

Checkpoint has found an image obfuscation trick it thinks may be behind a recent massive phishing campaign on Facebook that's distributing the dangerous Locky ransomware.…




Mozilla hackers audit cURL file transfer toolkit, give it a tick for security

Fri, 25 Nov 2016 00:31:45 GMT

Four remote code execution holes patched along the way

Mozilla has given the widely-used cURL file transfer library a thumbs up in a security audit report that uncovered nine vulnerabilities.…