Subscribe: The Register - Security: Spam
Added By: Feedage Forager Feedage Grade B rated
Language: English
account  app  dyn  email  hackers  hacking  house  malware  new  popular  researchers  security  vulnerability  white house     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security: Spam

The Register - Security

Biting the hand that feeds IT

Copyright: Copyright 2016, Situation Publishing

Judge orders FBI to reveal whether exploits were okayed by White House

Tue, 25 Oct 2016 00:56:07 GMT

Playpen Tor pedos win a concession

The judge hearing an FBI “Playpen case” has told the Feds to reveal whether or not their investigative hacking was okayed by the White House.…

LinkedIn, Dropbox hack suspect named as Yevgeniy Nikulin by US prosecutors

Mon, 24 Oct 2016 22:32:39 GMT

Russia hoping to block accused miscreant's extradition

The US Department of Justice has unsealed its indictment against a Russian bloke accused of hacking high-profile websites.…

It's nearly 2017 and JPEGs, PDFs, font files can hijack your Apple Mac, iPhone, iPad

Mon, 24 Oct 2016 21:41:09 GMT

Get patching now

Apple has distributed a fresh round of security updates to address remote-code execution holes in iOS, macOS, Safari, and the firmware for Apple Watch and AppleTV.…

App proves Rowhammer can be exploited to root Android phones – and there's little Google can do to fully kill it

Mon, 24 Oct 2016 18:31:00 GMT

Hardware vuln strikes 18 of 27 tested mobes

Security researchers have demonstrated how to gain root privileges from a normal Android app without relying on any software bug.…

Chinese electronics biz recalls webcams at heart of botnet DDoS woes

Mon, 24 Oct 2016 14:01:06 GMT

US products compromised by Mirai mischief in another Internet of Things success

Chinese electronics firm Hangzhou Xiongmai is set to recall swathes of webcams after they were compromised by the Mirai botnet.…

Hacktivist crew claims it launched last week's DDoS mega-attack

Mon, 24 Oct 2016 11:09:10 GMT

Dyn-Dyn-Dyn... it's a knockout!

A group called New World Hackers has claimed responsibility for a DDoS attack that rendered significant portions of the web unreachable last Friday.…

Ageing GSM crypto cracked on commodity graphics rig

Mon, 24 Oct 2016 07:02:06 GMT

A*STAR Singapore shows how easy it is

The crypto scheme applied to second generation (2G) mobile phone data can be hacked within seconds, security researchers have demonstrated.…

Hackers pop top 'secure' wireless keyboard and mouse kits, gain RCE

Mon, 24 Oct 2016 04:56:04 GMT

Patch? Nah, we'll just remove 'secure' from the tin: vendor

Ruxcon Wireless keyboard and mouse manufacturers including Microsoft, Fujitsu, and Logitech have been forced to fix borked encryption in peripherals that allow physical attackers to hijack computers.…

Thanks, IoT vendors: your slack attitude will get regulators moving

Mon, 24 Oct 2016 03:54:04 GMT

Networks also need to grab a mirror and look at themselves

Last Friday's Mirai botnet attack against Dyn must force everybody's hands – vendors, regulators, and Internet infrastructure operators.…

Brute force cred crunchers gifted Username Anarchy

Mon, 24 Oct 2016 01:58:09 GMT

dpauli, darren.pauli, darrenp, pauli.darren, paulid

Ruxcon Melbourne security bod Andrew Horton has created a tool to automate the generation of usernames in a bid to round-out brute force account attacks.…

Every LTE call, text, can be intercepted, blacked out, hacker finds

Sun, 23 Oct 2016 22:59:33 GMT

Emergency fail over provisions abused

Ruxcon Hacker Wanqiao Zhang of Chinese hacking house Qihoo 360 has blown holes in 4G LTE networks by detailing how to intercept and make calls, send text messages and even force phones offline.…

Mozilla plots TLS 1.3 future for Firefox

Sun, 23 Oct 2016 22:42:55 GMT

Quicker handshake starts encrypting data sooner

Mozilla has decided it needs to lift its HTTPS game, and will default to TLS 1.3 in next year's Firefox 52.…

Pacemaker maker St Jude faces new security flaw claims from biz short-selling its stock

Sat, 22 Oct 2016 12:30:10 GMT

This is not the way to get vulnerabilities fixed

Security startup MedSec and the financial house backing the biz have published new allegations of security flaws in pacemakers and defibrillators built by St Jude Medical – and again look set to profit from the disclosures in an unorthodox way.…

Como–D'oh! Infosec duo exploits OCR flaw to nab a website's HTTPS cert

Fri, 21 Oct 2016 20:40:31 GMT

Pair abused typo blind spot to game certificate authority

Two European security researchers exploited Comodo's crappy backend systems to obtain a HTTPS certificate for a domain they do not own.…

Dyn dinged by DDoS: US DNS firm gives web a bad hair day

Fri, 21 Oct 2016 14:23:12 GMT

Reddit, Github, Airbnb and pals affected

A denial of service attack against managed DNS provider Dyn restricted access to many US-based websites on Friday.…

Hax0rs sow Discord by using VoIP service to sling malware at gamers

Fri, 21 Oct 2016 13:31:07 GMT

Not even playtime's safe these days

Hackers abused a free VoIP service for gamers to distribute remote-access Trojans and other malware.…

Hack us and you're basically attacking America, says UK defence sec

Fri, 21 Oct 2016 11:43:11 GMT

And we'll attack you back, promises Defence Secretary

Britain is splurging £265m on military cyber security – and that includes offensive capabilities, according to Defence Secretary Sir Michael Fallon.…

Slack whacks global account hijack holes

Fri, 21 Oct 2016 06:30:05 GMT

For a while there your Slack account could be hijacked with just a username

Hipster collaboration platform Slack has shuttered an access control bypass that allowed users to hijack any account.…

Fruity hacking group juiced by Microsoft's October patch parade

Fri, 21 Oct 2016 05:29:05 GMT

Get your patching done, people, this Font-borne bug is being actively exploited

Kaspersky Labs researcher Anton Ivanov says an advanced threat group was exploiting a Windows zero day vulnerability before Microsoft patched it last week.…

Spam scum ping global blacklists to wreck rep

Fri, 21 Oct 2016 04:02:09 GMT

Email pests seek clean machines for better hit rates.

Malware authors are consulting IP blacklists designed to help fight spam in a bid to avoid detection and increase inbox hit rates.…

Dirty COW explained: Get a moooo-ve on and patch Linux root hole

Fri, 21 Oct 2016 02:21:33 GMT

Widespread flaw can be easily exploited to hijack PCs, servers, gizmos, phones

Code dive Patch your Linux-powered systems, phones and gadgets as soon as possible, if you can, to kill off a kernel-level flaw affecting nearly every distro of the open-source operating system.…

Google pays $100k to anti-malware crusader Giovanni Vigna

Fri, 21 Oct 2016 01:58:13 GMT

Prolific malware murderer bags Mountain View's Security, Privacy and Anti-Abuse award

Anti-malware machine and head of the Shellphish DARPA Grand Challenge bronze-medallist team has won US$100,000 from Google for security research efforts.…

DIY website builder Weebly was secured feebly

Fri, 21 Oct 2016 00:55:41 GMT

43m credentials lifted, plus 58m more at Modern Business Solutions and 22m from FourSquare

Another day, another three major breaches: this time at do it yourself website builder Weebly, which has been revealed as secured feebly, as were FourSquare and Modern Business Solutions.…

Three million debit cards at risk after hackers raid Indian payment systems

Thu, 20 Oct 2016 20:37:37 GMT

It wasn't us, gov! Hitachi Payment Services denies its ATMs were pwned

A suspected security breach has led banks in India to warn 3.25 million customers to replace their debit cards or change the PINs.…

US DNC hackers blew through SIX zero-days vulns last year alone

Thu, 20 Oct 2016 19:07:51 GMT

Most targets were individuals with Gmail addresses

Security researchers have shone fresh light on the allegedly Russian state-sponsored hacking crew blamed for ransacking the US Democratic National Committee's computers.…

Boffins exploit Intel CPU weakness to run rings around code defenses

Thu, 20 Oct 2016 16:48:12 GMT

Branch buffer shortcoming allows hackers to reliably install malware on systems

US researchers have pinpointed a vulnerability in Intel chips – and possibly other processor families – that clears the way for circumventing a popular operating-system-level security control.…

Security research tool had security problem

Thu, 20 Oct 2016 07:31:07 GMT

Plugin for popular disassembler OllyDbg allowed man-in-the-middle diddle

Security researchers and the networks they rely on were at risk of breach by the hackers they investigate, thanks to now mitigated man-in-the-middle holes in a popular plugin for analysing debugger OllyDbg.…

Kids today are so stupid they fall for security scams more often than greybeards

Thu, 20 Oct 2016 05:27:06 GMT

Millennials turn out to be digital naïfs, not digital natives

Millennials are more likely to fall for tech support scams than baby boomers, Microsoft says.…

GPS spoofing can put Yik Yak in a flap

Thu, 20 Oct 2016 04:34:13 GMT

De-anonymising 'secret' chat app not that hard, really

A little machine learning can de-anonymise Yik Yak users, according to researchers from American and Chinese universities.…

Jumpin' AppFlash! Actifio's devops gear rolls onto Pure kit

Thu, 20 Oct 2016 02:58:08 GMT

Copy data virtualisation gets a flash boost

+Comment Actifio's AppFlash DevOps Platform will run on Pure Storage's FlashArray.…

Reading this? Then you can pop root shells on Markvision enterprises

Thu, 20 Oct 2016 02:04:04 GMT

Twin bug bombs perish with patch

Lexmark has patched two dangerous vulnerability in its Markvision enterprise IT analysis platform that grants remote attackers god-mode system access over the internet.…

Yahoo! begs! US! spymaster! Clapper!: Spill! the! beans! on! secret! email! snooping!

Thu, 20 Oct 2016 00:12:24 GMT

Uncle Sam asked to come clean on what info it sought. Good luck with that

Yahoo! has asked the US government to break its silence on the secret court order that forced the Purple Palace to scan its webmail users' messages for specific keywords.…

Donald Trump running insecure email servers

Wed, 19 Oct 2016 15:39:05 GMT

But he's got a yuge firewall, folks... the best kind of firewall

US presidential candidate Donald Trump’s criticism of rival Hillary Clinton's use of a private email server while Secretary of State appeared to have rebounded on him.…

It's finally happened: Hackers are coming for home routers en masse

Wed, 19 Oct 2016 14:18:12 GMT


Cybercrooks are increasingly targeting routers in consumers’ homes.…

Crims cram credit card details into product shots on e-shops

Wed, 19 Oct 2016 03:57:06 GMT

Just Save Image As to exfiltrate data, safe in the knowledge webmasters trust JPGs

Hackers are going to considerable lengths to hide credit cards stolen from websites victimised in a wave of recent attacks, weaving the data into working images of products sold online.…

Democralypse Now? US election first battle in new age of cyberwarfare

Tue, 18 Oct 2016 13:45:12 GMT

CIA said to blame Russia for voter database hacks

Hacking attempts against more than 10 US state election databases have increased fears about Russian efforts to disrupt or influence the 2016 presidential election.…

You work so hard on coding improvements... and it's all undone by a buggy component

Tue, 18 Oct 2016 12:03:22 GMT

Third-party addition not the time-saver the boss thinks it is

Nearly all (97 per cent) of Java applications contain at least one component with a known vulnerability, according to a new study by app security firm Veracode.…

It's good to talk, UK banks told after massaging cyberattack figures

Tue, 18 Oct 2016 10:20:05 GMT

It's not like the public will think any worse of you

Top techies at British banks are being encouraged to share information about cyberattacks following revelations that the financial sector is under-reporting breaches to regulators.…

Audit sees VeraCrypt kill critical password recovery, cipher flaws

Tue, 18 Oct 2016 04:02:05 GMT

Patches slung at 11 bad bugs

Security researchers have found eight critical, three medium, and 15 low -severity vulnerabilities in a one month audit of popular encryption platform VeraCrypt.…

'Dyre' malware re-surfaces as 'TrickBot', targets Australian banks

Tue, 18 Oct 2016 02:25:03 GMT

Researchers say it looks like Dyre wolves are back in the wild, despite February arrests

Malware now targeting Australian users could be based on one of the world's worst banking trojans.…

SHA3-256 is quantum-proof, should last BEELLIONS of years, say boffins

Tue, 18 Oct 2016 01:29:10 GMT

Ye Olde hash standard looks like it can beat the coming of the quantum cats

While it's reasonable to assume that a world with real quantum computers will ruin traditional asymmetric encryption, perhaps surprisingly hash functions might survive.…

Sextortion on the internet: Our man refuses to lie down and take it

Mon, 17 Oct 2016 10:48:34 GMT

It rubs the lotion on its skin, repeatedly it seems

Exclusive An unpleasant Monday morning kicked off when my personal email account popped up a message of thanks for joining YouTube rival Vimeo. Seven minutes later, I visited the website, where I was confronted by a sexually explicit video stating I was a pedophile.…

ShadowBrokers put US$6m price tag on new hoard of NSA hacks

Mon, 17 Oct 2016 07:37:09 GMT

Auction failed, now false-flag filchers want 10k bitcoin or the code gets it

A group thought linked to a Russian hacking outfit has moved to cash in on its cache of likely NSA exploit tooling, by offering it in exchange for 10,000 Bitcoins.…

Hello |FNAME|, this is the Obama-bot Drupal chat module speaking

Mon, 17 Oct 2016 05:30:11 GMT

White House open-sources presidential Facebook Messenger chatbot

The White House has open-sourced the bot that president Obama uses to automatically respond to messages sent on Facebook Messenger…

Outlook-on-Android alternative 'Nine' leaked Exchange Server creds

Mon, 17 Oct 2016 04:04:36 GMT

Patches slung to fix popular third-party email app

Staff logging into Exchange Server through a popular app could have placed their enterprise credentials at risk through a since-closed vulnerability.…

More than half of Androids susceptible to ancient malware

Mon, 17 Oct 2016 03:02:13 GMT

Bad ads, off-brand app stores and smut carry 'Ghost Push' nasty

One of the world's most prolific Android malware instances is still the most prevalent piece of malware more than two years after it first emerged.…

Netflix reminds password re-users to run a reset

Sun, 16 Oct 2016 22:27:22 GMT

Your! account! has! shown! up! on! a! breach! list! We! can't! imagine! which! one!

Netflix has reminded people whose user IDs are circulating in breach-lists to check their security and if necessary reset their passwords.…

IBM: Yes, it's true. We leaned on researchers to censor exploit info

Fri, 14 Oct 2016 20:05:48 GMT

Big Blue says this isn't normal practice as infosec bods take down proof-of-concept code

IBM successfully pressured security researchers into yanking offline part of a published vulnerability advisory – even after patches had been distributed to customers.…

Hey! spies! Get! in! here! and! explain! this! Yahoo! email-scanning! 'kernel! module!'

Fri, 14 Oct 2016 19:04:54 GMT

US Congress demands answers on what exactly was slurped and how

Four dozen members of US Congress have signed a letter requesting a full briefing on the Yahoo! email scandal.…

Forget malware, crooks are cracking ATMs the old-fashioned way – with explosives

Fri, 14 Oct 2016 18:26:06 GMT

Blowing up cash machines is blowing up

Bank raiders are increasingly turning to explosives in order to break into cash machines.…