Subscribe: The Register - Security: Malware
Added By: Feedage Forager Feedage Grade B rated
Language: English
attacks  cloud  cyber  data  encryption  exploit  google  hacked  hacking  key  new  open  security  system  users  windows     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security: Malware

The Register - Security

Biting the hand that feeds IT

Copyright: Copyright 2017, Situation Publishing

Ransomware cretins smacked 1 in 3 NHS trusts last year

Tue, 17 Jan 2017 12:27:11 GMT

One was hit 19 times over 12 months

A third (30 per cent) of NHS trusts have been infected by ransomware, with one – the Imperial College Healthcare in London – suffering 19 attacks in just 12 months.…

Devs reverse-engineer 16,000 Android apps, find secrets and keys to AWS accounts

Tue, 17 Jan 2017 07:20:14 GMT

It's 2017 and developers are still doing really dumb things

A security firm has reverse engineered 16,000 Android apps on Google's Play store and found that over 304 contain sensitive secret keys.…

Dodgy Dutch developer built backdoors into thousands of sites

Tue, 17 Jan 2017 06:54:13 GMT

Then hoovered out users' personal data, stole identities galore and spent up big

Updated Dutch police are this week warning 20,000 users that their email accounts were hacked after a malicious web developer left backdoors in the sites he built.…

911 app is a joke, says security researcher Randy Westergren

Tue, 17 Jan 2017 03:02:42 GMT

'Panic Button' could be pressed by miscreants, repeatedly

The Rave Panic Button app, designed to allow businesses to summon emergency services, allows miscreants to easily 'swat' targets by making false reports of emergencies says security researcher Randy Westergren.…

Dovecot mailserver graded 'nearly impenetrable'

Tue, 17 Jan 2017 01:58:13 GMT

Security audit of popular-with-service-providers package produces surprised smiles

POP and IMAP mailserver suite Dovecot has passed an extensive audit by hackers, who were able to find only three minor vulnerabilities.…

French spies warn politicians of hack risk as election draws near

Mon, 16 Jan 2017 12:52:10 GMT

Authorities uneasy in wake of alleged Russian interference in US presidential race

French authorities are warning political parties about the increased threat of cyber attacks as the country prepares to elect a new president in May.…

Windows 10 Anniversary Update crushed exploits without need of patches

Mon, 16 Jan 2017 08:01:11 GMT

Microsoft security boffins throw fresh CVEs at unpatched OS, emerge smiling

Microsoft says its Windows 10 Anniversary Update squashes more exploit delivery chains than ever.…

Google reveals its servers all contain custom security silicon

Mon, 16 Jan 2017 07:28:07 GMT

Even the servers it colocates (!) says new doc detailing Alphabet sub's security secrets

Google has published a Infrastructure Security Design Overview that explains how it secures the cloud it uses for its own operations and for public cloud services.…

Brilliant phishing attack probes sent mail, sends fake attachments

Mon, 16 Jan 2017 06:02:14 GMT

Strategy_Doc.PDF from the next cubicle is actually a portal to p0wnage

An newly-detected Gmail phishing attack sees criminals hack and then rifle through inboxes to target account owners' contacts with thoroughly convincing fake emails.…

Just give up: 123456 is still the world's most popular password

Mon, 16 Jan 2017 01:55:58 GMT

Data diggers' dumpster dive demonstrates dumb and dumberer defences

The security industry's ongoing efforts to educate users about strong passwords appears to be for naught, with a new study finding the most popular passwords last year were 123456 and 123456789.…

Promising compsci student sold key-logger, infects 16,000 machines, pleads guilty, faces jail

Sat, 14 Jan 2017 01:50:32 GMT

What a Shames

A 21-year-old computer science student, who won a Programmer of the Year Award in high school, has admitted selling key-logging malware out of his college dorm room.…

US Marines seek more than a few good men (3,000 men and women, actually) for cyber-war

Sat, 14 Jan 2017 00:45:09 GMT

From the phones of Montezuma to the servers of Tripoli

The head of the US Marines wants to recruit about 3,000 troops skilled in online warfare and espionage to make sure the Corps is ready for 21st-century battle.…

Playpen child sex abuse archive admin gets 20 years in the Big House

Fri, 13 Jan 2017 22:26:12 GMT

49 kids rescued so far

An administrator of Playpen – the notorious dark-web trading post of child sex abuse material – has been jailed for 20 years and faces a lifetime of parole.…

UK's largest hospital trust battles Friday 13th malware outbreak

Fri, 13 Jan 2017 18:46:51 GMT

Plug pulled on Barts Health computer gear to prevent cyber-disease spread

Malware has infected hospital computers at the UK’s biggest NHS trust.…

Google floats prototype Key Transparency to tackle secure swap woes

Fri, 13 Jan 2017 17:36:13 GMT

♪ I've got the key, I've got the secreeeee-eeet ♪

Google has released an open-source technology dubbed Key Transparency, which is designed to offer an interoperable directory of public encryption keys.…

Pirates, pirates, whatchu gonna do? Advertisers cop a visit from PIPCU

Fri, 13 Jan 2017 17:02:13 GMT

Someone's keeping the neckbeards in Doritos

Knock knock. Who's there? This Wednesday, officers from the City of London Police's Intellectual Property Crime Unit (PIPCU) trying to get your advertising agency to stop helping pirate sites generate revenue.…

Oh, for F...acebook: Critics bash WhatsApp encryption 'backdoor'

Fri, 13 Jan 2017 15:21:48 GMT

Don't panic, there's nothing to fear, insists green messenger

Updated A vulnerability in WhatsApp’s end-to-end encryption allows snoops to intercept and read encrypted messages, it was claimed today.…

EU policy makers consider FRAND licensing of machine-generated data

Fri, 13 Jan 2017 09:01:07 GMT

Anonymised app data silos impede movement

EU policy makers are considering introducing a new licensing regime for anonymised "machine-generated data".…

WordPress plugs eight holes in latest release

Fri, 13 Jan 2017 06:30:03 GMT

Cross-site scripting, request forgery, and more!

WordPress has patched a series of vulnerabilities in its content management system shuttering bugs affecting more than 10 million users.…

MongoDB hackers now sacking ElasticSearch

Fri, 13 Jan 2017 04:56:11 GMT

Open season on open services

It is open season on open services as net scum migrate from sacking MongoDB databases to insecure ElasticSearch instances.…

Trump's cyber-guru Giuliani runs ancient 'easily hackable website'

Fri, 13 Jan 2017 02:07:43 GMT

Stunned security experts tear strips off president-elect pick hours after announcement

US president-elect Donald Trump's freshly minted cyber-tsar Rudy Giuliani runs a website with a content management system years out of date and potentially utterly hackable.…

ISC squishes BIND packet-of-death bugs

Fri, 13 Jan 2017 01:56:12 GMT

DNS servers are crashable until they're patched

BIND administrators, get patching: there are three irritating flaws you need to splat.…

Donald Trump will take cybersecurity advice from, um, Rudy Giuliani

Thu, 12 Jan 2017 23:15:32 GMT

♪ Stop your messin' around, better think of your future ♪

The transition team for US president-elect Donald Trump has announced that former New York City mayor Rudy Giuliani will advise the incoming administration on how to secure America's digital infrastructure.…

Thanks, Obama: NSA to stream raw intelligence into FBI, DEA and pals

Thu, 12 Jan 2017 20:52:08 GMT

Gee, what a lovely parting gift by outgoing US prez

A last-minute rule change signed off by the outgoing Obama administration has made it much easier for the NSA to share raw surveillance data with more than a dozen government agencies.…

Shadow Brokers spew Windows hack tools after exploit auction flop

Thu, 12 Jan 2017 19:58:53 GMT

Screw you, guys, we're going home

Security exploit peddlers Shadow Brokers announced their retirement on Thursday – and released 58 tools for hacking Windows PCs for free by way of a parting gift.…

iPhone hacking biz Cellebrite hacked

Thu, 12 Jan 2017 19:03:46 GMT

Database pwned, cyber-forensics outfit admits

The Israeli company that found fame when it was fingered as a potential source of hacking software used by the FBI to crack open an iPhone has itself been hacked.…

Security hardened, pah! Expert doubts Kaymera's mighty Google's Pixel

Thu, 12 Jan 2017 17:30:06 GMT

Kaymera: building on shoulders of a giant, claim

The arrival of a security hardened version of Google’s supposed "iPhone killer" Pixel phone from Kaymera has received a sceptical reception from one expert.…

Brother-and-sister duo arrested over hacking campaign targeting Italy's bigwigs

Thu, 12 Jan 2017 16:31:08 GMT

EyePyramid operation targeted politicians and business leaders

A hacking operation featuring the EyePyramid trojan successfully compromised the systems of numerous high-profile Italian targets, including two former prime ministers, say Italian police.…

Peace-sign selfie fools menaced by fingerprint-harvesting tech

Thu, 12 Jan 2017 08:03:08 GMT

Cute photo? Your biometrics just got raided, boffins warn

Researchers from Japan's National Institute of Informatics say people's fingerprints could be extracted from photographs using yet-to-be built technology.…

Crims shut off Ukraine power in wide-ranging anniversary hacks

Thu, 12 Jan 2017 05:56:09 GMT

Phishing, denial of service, and remote exploitation part of hacking banquet

Hackers of unknown origin cut power supplies in Ukraine for a second time in 12 months as part of wide-ranging attacks that hit the country in December.…

Docker swings door shut on privilege escalation bug

Thu, 12 Jan 2017 02:56:09 GMT

Container escape vuln patched

Docker has patched what it calls a “minor” container escape.…

Google Cloud unlocks key achievement

Thu, 12 Jan 2017 01:08:30 GMT

Encryption got you down? Google will manage your secrets for you

Google on Wednesday introduced its Cloud Key Management Service in beta to help Google Cloud Platform customers deal with their encryption keys.…

Digital video recorder installers master password list 'leaked' – claims

Wed, 11 Jan 2017 16:02:11 GMT

If true, we're talking remote viewing of people's CCTV cams

Xiongmai, the vendor behind many Mirai-vulnerable DVRs, has earned the consternation of security watchers once again.…

GoDaddy revokes 9,000 SSL certificates wrongly validated by code bug

Wed, 11 Jan 2017 15:00:13 GMT

Your website will work, but might be riddled with errors

GoDaddy was obliged to revoke thousands of SSL certificates on Tuesday as the result of an unspecified software bug.…

GCHQ feeds first crop of infosec startups to Cyber Accelerator

Wed, 11 Jan 2017 13:27:15 GMT

Tech 'crèche' will nurture firms to compete on the world stage

The first infosec startups selected for the GCHQ Cyber Accelerator have been unveiled.…

US Navy runs into snags with aircraft carrier's electric plane-slingshot

Wed, 11 Jan 2017 13:03:13 GMT

EMAL system was nearly bought by the UK. Bullet dodged? Oh no

The US Navy is having difficulties with its latest aircraft carrier's Electromagnetic Aircraft Launching System (EMALS) – the same system which the UK mooted fitting to its new Queen Elizabeth-class carriers.…

Oh Britain. Worried your routers will be hacked, but won't touch the admin settings

Wed, 11 Jan 2017 12:01:16 GMT

Survey shows people don't act on insecure wireless routers

Recent Mirai-style attacks against home broadband routers have had some effect but the majority of users have failed to act.…

How to secure MongoDB – because it isn't by default and thousands of DBs are being hacked

Wed, 11 Jan 2017 11:02:05 GMT

Stop right now and make sure you've configured it correctly

The rise in ransomware attacks on MongoDB installations prompted the database maker last week to issue advice on how to avoid being victimized.…

British Hadoop security startup expands to New York to land big investor

Wed, 11 Jan 2017 10:10:43 GMT

Panaseer reckons market there is more mature, i.e. it spends more money on security

British security startup Panaseer is expanding to New York from London as it plans to land a large American investor in 2017.…

New Windows 10 privacy controls: Just a little snooping – or the max

Wed, 11 Jan 2017 08:02:03 GMT

Microsoft offers two settings – on and almost off – and a dashboard of collected data

Microsoft has built an online dashboard of privacy controls in an attempt to soothe lingering anger over Windows 10 and its ability to phone home people's private information.…

Sundown exploit kit weaves Edge hack hole

Wed, 11 Jan 2017 06:35:08 GMT

Thankfully most users are patched

Authors of the Sundown exploit kit have integrated a since patched and limited Microsoft Edge vulnerability from a security firm's public proof-of-concept.…

Ansible patches 'own the farm' vulnerability

Wed, 11 Jan 2017 04:56:09 GMT

Just the Facts, sysadmins

Ansible sysadmins, make with the patch-fingers because the project's just gone public with a high-severity bug.…

EMC slings patch at remote hack nonce-nse

Wed, 11 Jan 2017 03:56:20 GMT

Smells like 2010

Remote attackers can hose EMC hybrid flash storage thanks to cryptographic weaknesses.…

Juniper warns: Borked upgrade opens root on firewalls

Wed, 11 Jan 2017 02:56:09 GMT

Turn it off and turn it back on again. No, really

Juniper is warning users of its SRX firewalls that a borked upgrade leaves a root-level account open to the world.…

It's now 2017, and your Windows PC can still be pwned by a Word file

Tue, 10 Jan 2017 20:24:07 GMT

Also: Edge is foiled by hyperlinks, Windows Server fails at authentication requests, and Microsoft is a $486bn company

Microsoft has begun its 2017 with the release of four updates to address security holes in Windows and Office, while Adobe has posted fixes for more than three dozen vulnerabilities in Flash and Reader.…

EU tosses Europe's cookies... popups

Tue, 10 Jan 2017 15:28:36 GMT

But still really keen on user consent, commish insists

The EU’s most famous contribution to the internet era could be snuffed out soon, and few will mourn it. As expected, Brussels will no longer mandate that websites receive the user’s consent for placing cookies on their device.…

UK Parliament suddenly remembers it wants to bone up cyber security *cough* Russia *cough*

Tue, 10 Jan 2017 14:57:21 GMT

Well, they did say it was a priority in 2010

The UK parliament launched an inquiry into cyber-security on Tuesday.…

Because I'm bad, I'm bad, Shamoon: PC wiper tried to shut down Saudi snapshot defences

Tue, 10 Jan 2017 12:30:08 GMT

Version 2: Sinister malware just got sinistererer

Security researchers have identified a second wave of Shamoon 2 PC-wiping attacks against a further target in Saudi Arabia last November. The new research shows hackers upping the ante and developing more sophisticated, multi-stage attacks.…

What do you call a firm that leaves customer financials unencrypted on a hard drive? RSA

Tue, 10 Jan 2017 12:04:39 GMT

No really. Insurer's details on 60k people lost forever

A UK insurance business has been fined £150,000 for its lax security practices after a hard drive containing customers' unencrypted information was stolen.…

Rethink on bank cybersecurity rules might only follow major bank breach, says expert

Tue, 10 Jan 2017 10:00:07 GMT

Banks 'effectively unregulated on cybersecurity'

It might take a major bank to fail as a result of a cyber attack for meaningful changes in cybersecurity practices, regulation and governance in the UK banking market to be implemented, a leading industry commentator has said.…