Subscribe: The Register - Security: ID
http://www.theregister.com/security/identity/headlines.rss
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
data  microsoft  outbreak  patch  ransomware  security  systems  wannacrypt outbreak  wannacrypt ransomware  wannacrypt  week  windows     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security: ID

The Register - Security



Biting the hand that feeds IT



Copyright: Copyright 2017, Situation Publishing
 



EU security think tank ENISA looks for IoT security, can't find any

Tue, 23 May 2017 05:02:07 GMT

Proposes baseline security spec, plus stickers to prove thing-makers have complied

European network and infosec agency ENISA has taken a look at Internet of Things security, and doesn't much like what it sees.…




Russian raids sweep up 20 malware scum

Tue, 23 May 2017 03:37:05 GMT

Cron job aborted after crims scoop ₽50m and share it to 6,000 bank accounts

The Russian Interior Ministry has announced the arrest of 20 people following raids related to a malware campaign dubbed “Cron” emptying victims' bank accounts.…




7 NSA hack tool wielding follow-up worm oozes onto scene: Hello, no need for any phish!

Mon, 22 May 2017 15:01:13 GMT

Why can't you be like a cheerful HHGTTG dolphin overlord?

Miscreants have created a strain of malware that targets the same vulnerability as the infamous WannaCrypt worm.…




Quick, better lock down that CISO role. Salaries have apparently hit €1m

Mon, 22 May 2017 14:02:56 GMT

Thanks WannaCrypt... Hey, about our new security budget. Oh, you've cut it

Salaries for chief information security officers (CISOs) at leading European firms have hit €1m (£850,000) as the threat of data breaches grows, City AM reports.…




Yahoo! retires! bleeding! ImageMagick! to! kill! 0-day! vulnerability!

Sun, 21 May 2017 23:58:43 GMT

Purple Palace pays researcher US$778 bounty per byte

How would you like US$778 per byte for your exploit?…




Netgear 'fixes' router by adding phone-home features that record your IP and MAC address

Sun, 21 May 2017 22:43:16 GMT

Yeah, that'll be secure for sure

Netgear NightHawk R7000 users who ran last week's firmware upgrade need to check their settings, because the company added a remote data collection feature to the units.…




Wannacry: Everything you still need to know because there were so many unanswered Qs

Sat, 20 May 2017 03:37:49 GMT

How it first spread, Win XP wasn't actually hit, and more

Vid It has been a week since the Wannacry ransomware burst onto the world's computers – and security researchers think they have figured out how it all started.…




LastPass now supports 2FA auth, completely undermines 2FA auth

Fri, 19 May 2017 22:38:34 GMT

Just keep putting those eggs in the one basket, friends

Password manager LastPass has added a new feature to its software: the ability to store two-factor authentication codes. This is great news. For hackers.…




Comodo database glitch causes billing problems

Fri, 19 May 2017 16:36:09 GMT

Enter the snag-dragon

Updated While the rest of the world had its eyes firmly on the WannaCrypt outbreak, digital certificate firm Comodo suffered an unrelated but protracted database problem that affected its billing systems.…




Biz overlords need to give a stuff about what they're told by IT crowd

Fri, 19 May 2017 16:03:05 GMT

Data breaches smack bottom line, cautions survey

Companies that suffer a data breach can expect to see their share price fall by five per cent and watch two to three per cent of customers take their business elsewhere.…




Crooks use WannaCrypt hysteria as hook for BT-branded phishing emails

Fri, 19 May 2017 15:03:06 GMT

Confusingly, ISPs are also sending out genuine warnings

Scoundrels have latched on to the WannaCrypt outbreak as a theme for scam emails. Coincidentally some consumers are receiving seemingly genuine warnings from their ISPs related to suspected infection during last week's worldwide ransomware outbreak.…




Blighty's buying another 17 F-35s, confirms the American government

Fri, 19 May 2017 14:44:07 GMT

All F-35Bs for the Navy – but, oddly, isn't set in stone

The UK will buy a grand total of 17 F-35B fighter jets between 2020 and 2022 – and acquiring the A model of the supersonic stealth fighter hasn’t been ruled out.…




WannaCrypt: Roots, reasons and why scramble patching won't save you now

Fri, 19 May 2017 13:28:06 GMT

Watch your backup

I became a Solaris system administrator in the 1990s: first proper job out of university. I read a lot about the Morris Worm – believed to be the first of its type, and of interest to me because the Sun-3 kit I looked after was vulnerable.…




‪There's a ransom-free fix for WannaCry‬pt. Oh snap, you've rebooted your XP box

Fri, 19 May 2017 11:27:11 GMT

Sooo... that's not gonna work for you mate

Windows XP PCs infected by WannaCrypt can be decrypted without paying ransom by using a new utility dubbed Wannakey.…




Phishing scum going legit to beat browser warnings

Fri, 19 May 2017 05:30:04 GMT

Now that Chrome and Firefox call out HTTP, phisherpholk are getting certified

Browser-makers' decision to put big red warning lights in the faces of users when they hit sites too slack to use HTTPS is backfiring a little, as crooks are accelerating their use of encryption.…




Don't gripe if you hand your PC to Geek Squad and they rat you out to the Feds – judge

Thu, 18 May 2017 22:37:23 GMT

But FBI blunder may let alleged pedo walk free from court

A judge has ruled that people who give their knackered computers to Best Buy's Geek Squad for repairs have no comeback if technicians find and report any illegal material to the Feds.…




Proposed PATCH Act forces US snoops to quit hoarding code exploits

Thu, 18 May 2017 20:06:28 GMT

Bipartisan bill wants to stave off another WannaCry

Two US senators have proposed a law limiting American intelligence agencies' secret stockpiles of vulnerabilities found in products.…




Three home security systems found to be vulnerable – if hackers were hiding in bushes

Thu, 18 May 2017 15:08:35 GMT

Pointblank weaknesses have since been patched

Three home security systems were riddled with bugs, according to new research made public this week.…




Banking association calls for end of 'screen-scraping'

Thu, 18 May 2017 12:37:11 GMT

Fintech firms not that thrilled about the idea

The European Banking Federation (EBF) has asked the EU Commission to support a ban on "screen scraping".…




No laptop ban on Euro flights to US... yet

Thu, 18 May 2017 09:55:09 GMT

Pilots: Um, you want all those lithium batteries in the hold?

The European Commission (EC) and the US have pushed back against moves for a wider ban on laptops on aircraft but talks on the subject will continue in Washington next week.…




Great Ormond Street children's hospital still offline after WannaCrypt omnishambles

Thu, 18 May 2017 08:35:22 GMT

Precautionary disconnect – patients still being looked after

Updated The internationally famous Great Ormond Street Hospital has been taken offline as a safety measure following last week's catastrophic WannaCrypt outbreak.…




Bloke charged under UK terror law for refusing to cough up passwords

Thu, 18 May 2017 05:57:09 GMT

First they came for the activists and I did nothing…

British police have charged a man under antiterror laws after he refused to hand over his phone and laptop passwords.…




Azure users told they're not WannaCrypt-proof

Thu, 18 May 2017 05:01:13 GMT

Microsoft advises how to harden cloudy Windows, cos it runs a cloud not your OS

Microsoft Windows users already know what to do to defeat WannaCrypt (unless they've been asleep for a week). Now the company's published its advice for its Azure customers.…




HP Inc wireless mouse can be spoofed

Thu, 18 May 2017 02:34:17 GMT

By our reckoning this means a mouse could let a RAT into your computer

If you're using an HP Inc wireless keyboard/mouse combo and the cursor starts behaving badly, someone might be pranking you.…




Gotcha, Tatcha! Thieves hide in servers to hoover up victims' bank card numbers mid-order

Wed, 17 May 2017 22:35:37 GMT

Beauty website suffers ugly IT security breach

Cosmetics peddler Tatcha is warning customers after hackers were able to compromise its website and harvest payment card details as orders poured in.…




Backup crack-up: Fasthosts locks people out of data storage for days amid WCry panic

Wed, 17 May 2017 20:04:16 GMT

Windows Server 2k3 kit yanked, replacement slow to arrive

Fasthosts left some customers without access to their backups for roughly six days – after it tore down systems it feared were vulnerable to the WannaCry malware.…




Ransomware fear-flinger Uiwix fails to light

Wed, 17 May 2017 14:27:08 GMT

Stand down, folks. Back to Defcon none

A ransomware variant, dubbed Uiwix, that abuses the same vulnerability as WannaCrypt has turned out to be something of a damp squib.…




Police anti-ransomware warning is hotlinked to 'ransomware.pdf'

Wed, 17 May 2017 12:40:47 GMT

This (probably) isn't a spear phishing attack but we were too afraid to verify

Official anti-ransomware advice issued by UK police to businesses can only be read by clicking on a link titled "Ransomware" which leads direct to a file helpfully named "Ransomware.pdf".…




Yo, patch that because scum still wanna exploit WannaCrypt-linked vuln

Wed, 17 May 2017 10:56:09 GMT

Significant number of devices continue to expose Windows SMB on port 445

Vulnerable Windows Server Message Block (SMB) shares central to last week's WannaCrypt outbreak are still widely deployed and frequently hunted, security researchers warn.…




IoT needs security, says Microsoft without even a small trace of irony

Wed, 17 May 2017 04:58:04 GMT

Sysadmins, don't hurt your necks shaking your heads

Still reeling from criticism over the WannaCrypt attack, Microsoft has stuck its hat on a stick and raised it out of the trench to see how its proposals for Internet of Things security might be received.…




Chrome on Windows has credential theft bug

Wed, 17 May 2017 02:09:21 GMT

.SCF files present ID, password to fetch icons for attack file

Google's Chrome team is working to fix a credential theft bug that strikes if the browser is running on Microsoft Windows.…




Cisco warns: Some products might have WannaCrypt vuln

Wed, 17 May 2017 00:10:57 GMT

To other vendors using embedded Windows: where are your warnings and patches?

Here's why infosec needs to quit yelling “if you didn't patch it's your fault” about WannaCrypt: Cisco has announced it's investigating which of its products can't be patched against the ransomware.…




Bell Canada hacked: 2m account details swiped by mystery miscreants

Tue, 16 May 2017 21:26:55 GMT

Don't worry, no bank card info taken, eh

Bell Canada said Tuesday 1.9 million customer account details were swiped by hackers – although stressed no payment card numbers or passwords were slurped.…




French fling fun-sized fine at Facebook for freakin' following folk

Tue, 16 May 2017 18:26:56 GMT

And it's going to get a whole lot worse for Zuckerberg and pals

Facebook has been fined the maximum possible amount – €150,000 ($166,000) – by France's data protection watchdog for gathering information on internet users without their permission.…




Security shield slingers are loving Prez Trump's cybersecurity order

Tue, 16 May 2017 17:55:06 GMT

Meanwhile, Fed heads have their work cut out for them

US President Donald Trump's cybersecurity executive order, signed on Thursday after a series of delays, will make federal agency heads accountable for protecting their networks.…




WannaCrypt 'may be the work of North Korea' theory floated

Tue, 16 May 2017 14:39:20 GMT

Lazarus rising again... or not

Security researchers are exploring the theory that the WannaCrypt ransomware might be the work of an infamous North Korean government-backed hacking crew.…




Cryptocurrency miner found armed with same exploits as WannaCrypt

Tue, 16 May 2017 14:03:06 GMT

Adylkuzz predates ransomware by at least a week – and pays better too

The now infamous Windows vulnerability (MS17-010) exploited by the WannaCrypt ransomware has also been abused to spread another type of malware, specifically a cryptocurrency miner.…




Do we need Windows patch legislation?

Tue, 16 May 2017 13:32:09 GMT

Should vendors be obliged to maintain ageing, unsafe PCs?

Poll Microsoft has got off remarkably lightly from WannaCry, as the finger pointing between Whitehall and NHS trusts began. But that might be beginning to change.…




Why Microsoft's Windows game plan makes us WannaCry

Tue, 16 May 2017 10:56:04 GMT

Oh, 'collective responsibility' – that old chestnut

Analysis In the circular firing squad of WannaCrypt, the world's largest recorded ransomware outbreak, nobody looks good.…




Shadow Brokers resurface, offer to sell fresh 'wine of month' club exploits

Tue, 16 May 2017 10:25:13 GMT

Data dump on monthly subscription model

The infamous Shadow Brokers hacking crew, central players in the release of the vulnerability that led to last week's WannaCrypt chaos, have returned online with a threat to release more exploits.…




DocuSign forged – crooks crack email system and send nasties

Tue, 16 May 2017 03:56:13 GMT

Company couldn't school all the phish in the sea

Electronic signatures outfit DocuSign has warned world+dog that one of its email systems was cracked by phisherpholk.…




Romney tax return 'hacker' Dr Evil gets his sentence reviewed

Tue, 16 May 2017 03:28:10 GMT

Appeal offers a laugh-a-minute how-not-to guide for would-be criminal masterminds

Michael Mancil Brown, aka Dr Evil, who tried to extort a million dollars from PricewaterhouseCoopers on the basis that he'd nicked Mitt Romney's tax returns, has had a win on appeal and will be sentenced anew.…




Good news, OpenVPN fans: Your software's only a little bit buggy

Tue, 16 May 2017 03:01:07 GMT

Two code reviews give crypto client nearly clean bill of health

The venerable OpenVPN client has been given a mostly clean bill of health.…




While Microsoft griped about NSA exploit stockpiles, it stockpiled patches: Friday's WinXP fix was built in February

Tue, 16 May 2017 01:44:40 GMT

And it took three months to release despite Eternalblue leak

Exclusive When the WannaCrypt ransomware exploded across the world over the weekend, infecting Windows systems using a stolen NSA exploit, Microsoft president Brad Smith quickly blamed the spy agency. If the snoops hadn't stockpiled hacking tools and details of vulnerabilities, these instruments wouldn't have leaked into the wild, sparing us Friday's cyber assault, he said.…




Mimosa spiked! Wireless kit has multiple security holes

Tue, 16 May 2017 01:30:19 GMT

Clients, access points and backhaul all need firmware patch before attacks ferment

5G wireless vendor Mimosa Wireless has patched against a bunch of remote code execution, denial-of-service and file disclosure vulnerabilities.…




It's 2017 – and your Mac, iPad, iPhone can all be pwned by an e-book

Tue, 16 May 2017 00:02:23 GMT

Seven Apple updates, because it's not like you had anything else to patch today

Apple has released security updates for both of its main operating systems, along with iTunes, Apple Watch, and Apple TV. All should be installed as soon as possible before they are exploited by miscreants.…




China staggering under WannaCrypt outbreak

Mon, 15 May 2017 22:38:26 GMT

Middle Kingdom's CERT puts infection rate in the thousands

If reports from China are accurate, the country's often-bootlegged and under-patched Windows installations are being hit hard by the WannaCrypt ransom-worm.…




Beaten passenger, check. Dead giant rabbit, check. Now United loses cockpit door codes

Mon, 15 May 2017 18:08:54 GMT

Not a good month for the aviation giant

You get the feeling United's PR boss must be praying for death at this point, after his employer admitted to another serious cockup.…




WannaCrypt outbreak contained as hunt for masterminds kicks in

Mon, 15 May 2017 17:38:42 GMT

Kill switch ID'd in ransomware attempt to abuse MS17-010 patch

A feared second wave of WannaCrypt ransomware attacks has failed to materialize, but 16 UK National Health Service Trusts are still grappling with last week's infection.…




Sophos waters down 'NHS is totally protected' by us boast

Mon, 15 May 2017 13:34:10 GMT

Watered down homeopathy for computers is more powerful, m'kay?

Updated Sophos updated its website over the weekend to water down claims that it was protecting the NHS from cyber-attacks following last week's catastrophic WannaCrypt outbreak.…