The Channel logo

Articles about Hacking

phishing_648

Is digital fraud big in UK? British abacus-botherers finally have some answers

Reports of fraud have doubled, according to official statistics – because the Office for National Statistics (ONS) is now including cyber crimes in its figures. The UK's ONS reckons, in crime statistics released last week, that more than two million computer misuse offences and 3.8 million online fraud offences took place in …
John Leyden, 25 Jul 2016

Bosses at UK infosec biz Quadsys confess to hacking rival reseller

Five men working at UK-based IT security reseller Quadsys confessed today to hacking into a rival's database. Owner Paul Streeter, managing director Paul Cox, director Alistair Barnard, account manager Steve Davies and security consultant Jon Townsend appeared before the beak at Oxford Crown Court. "All pleaded guilty to …
Paul Kunert, 21 Jul 2016
Hackers

UKFast owner slurps app security biz Pentest

Secarma, the cyber security business owned by UKFast chief exec Lawrence Jones, has bought application security specialists Pentest Limited reportedly for £10m. The CHECK and CREST accredited company, whose 45-strong team work with global blue chip organisations, will add a team of ethical hackers to Secarma's roster. John …
John Leyden, 18 Jul 2016
Sad man stares glumly over boxed contents of desk. Image via shutterstock (Baranq)

900 Hewlett Packard Enterprise staff to leave building by month end

Nearly 900 UK-based personnel at Hewlett Packard Enterprise are to be released into the wilds at the end of this month, according to the redundancy schedule seen by The Register. The majority of those made to walk the plank come from Enterprise Services, which is the area that has been hit hardest in HPE’s continuous cost- …
Paul Kunert, 04 Jul 2016
Cartoon of employee asking wky boss makes hium wear suspenders (while pincer through open trapdoor remains poised above his head) illustration by Cartoon resource for Shutterstock

Hey cloud lawyer: Can I take my client list with me?

You spend months or years building up a client list for your employer. You nurture the relationship and build up personal ties with the client. When you leave the employer, naturally the client goes with you. And so does the client list, via a USB stick or Dropbox or your webmail account. If you don’t get all the details before …
Frank Jennings, 20 Jun 2016
 Can't See You... by https://www.flickr.com/photos/12023825@N04/  cc 2.0 attribution sharealike generic https://creativecommons.org/licenses/by-sa/2.0/

Half of Brit small biz hit by cyber crime. 10% spend zilch on infosec

Almost half (48 per cent) of Britain's small businesses were hit by cyber-crime in the last year, with 10 per cent targeted many times. Despite this only one in five see cybersecurity as a business priority, and just 15 per cent are confident that they have adequate measures in place to prevent cybercrime, according to a …
John Leyden, 14 Jun 2016

NetSuite hacker thrown in the cooler for a year, fined $124,000

A hacker has been jailed for a year and fined $124,000 (£86,000) after admitting he infiltrated a protected computer system. He has also had all his computer equipment confiscated and faces a three-year probation period when he gets out. Robert Saunders, 30, repeatedly hacked into the corporate network of cloud business …
Kieren McCarthy, 06 Jun 2016
Nemo and Dory "just keep swimming". Photo copyright Walt Disney Studios Motion Pictures

Unprecedented number of customers swimming off to cloud, says Barracuda

Comment Barracuda customers have started moving data and applications to the public cloud at a surprisingly fast and unprecedented rate, with on-premises IT facing a rocky road to becoming a wasteland. So says Michael Hughes, the company’s EVP for worldwide sales. For every app and accompanying data that is moved to the public cloud …
Chris Mellor, 02 Jun 2016
Frustrated accountant puts head in hands. Photo by Shutterstock

Insure against a cyberwhat now? How the heck do we crunch those numbers?

The head of a UK industry insurance organisation has called for the government to create a database where companies would be obliged to “record details of cyber attacks”. Insurers are struggling to assess premiums for newly introduced cyber insurance policies in the absence of background info, according to the head of the …
John Leyden, 24 May 2016
management regulation2

Quadsys Five: Judge dismisses abuse of process application

A Crown court judge has dismissed an abuse of process application made by three former directors of reseller Quadsys, who are facing trial over allegations of hacking into a rival’s database to steal customer and pricing info. In August, Thames Valley Police charged five men at the reseller including owner Paul Streeter, MD …
Paul Kunert, 13 May 2016

Quadsys Five enter 'not guilty' pleas to Crown court charges

The fraud case against five men from security reseller Quadsys will go to trial in September after they pleaded not guilty to allegations of hacking into a rival’s database to plunder customer and pricing data. The individuals charged include MD Paul Cox, owner Paul Streeter, director Alistair Barnard, account manager Steve …
Paul Kunert, 18 Mar 2016

Dell plans sale of non-core assets to reduce EMC buy debt

Dell and EMC have agreed on the documentation to be put to the latter's shareholders at a forthcoming meeting that will vote on the merger of the two companies. And the document reveals that Dell plans to sell off some non-core businesses after the merger. The document in question is a Form S-4, one of the many regulatory …
Simon Sharwood, 15 Mar 2016

Great news! Only 707,509,815 records breached in 2015

More than 700 million records were breached last year, according to security researchers at Gemalto. The firm's 2015 Breach Level report considered 1673 hacking incidents recorded during 2015, of which 964 were thanks to outsides and a whopping 398 thanks to bumbling staff and developers. Those figures are surprisingly …
Darren Pauli, 01 Mar 2016

DDoS attacks up 149 percent as brassy booter kids make bank

The number of distributed denial of service attacks rose 149 percent in dying months of 2015 according to Akamai's networking wonks. The latest figures in the State of the Internet Q4 2015 report (PDF) tracked some 3693 DDoS attacks during the final quarter finding 169 percent uptick in infrastructure attacks. Akamai finds …
Darren Pauli, 01 Mar 2016
recruitment_hired

Poor recruitment processes are causing the great security talent drought

RSA 2016 It's a refrain at this and past RSA conferences, that companies can't hire enough top-notch talent, but it's addressable if companies hire smartly and applicants learn how to play the game. "Far too many hackers have expectations that are unrealistic," said Tim O'Brien, director of threat research at Palerra – who has been on …
Iain Thomson, 29 Feb 2016

Fortinet tries to explain weird SSH 'backdoor' discovered in firewalls

Enterprise security vendor Fortinet has attempted to explain why its FortiOS firewalls were shipped with hardcoded SSH logins. It appears Fortinet's engineers implemented their own method of authentication for logging-into FortiOS-powered devices, and the mechanism ultimately uses a secret passphrase. This code was reverse- …
Iain Thomson, 12 Jan 2016
zombie_648

Come in Internet Explorers, your time is up. Or not. Up to you

A huge chunk of Microsoft users will today be cut off from the computing giant’s security lifeline, for January 12 is the day when Redmond will stop releasing security fixes for a swathe of legacy versions of Internet Explorer. Extended support has finished for IE8, 9 and 10 on Windows 7 SP1. Only the following are still …
Gavin Clarke, 12 Jan 2016
woman binoculars photo via Shutterstock

Missed our Christmas crackers? Top stories from the break were...

Things might have slowed down for Christmas and New Year in your workplace but the news did not take a break. Whether you were away for the Christmas and New Year period or logged on but not exactly present, here are the biggest stories you may have missed from The Reg. The death of Debian GNU/Linux daddy Ian Murdock aged …
Gavin Clarke, 04 Jan 2016

New bill would require public companies to disclose cybersecurity credentials

A new bill introduced to Congress on Thursday would require US publicly listed companies to disclose who on their Board has cybersecurity expertise. If it passes, the Cybersecurity Disclosure Act of 2015 would oblige companies to add details of which, if any, of their directors know about online security in filing to the …
Kieren McCarthy, 18 Dec 2015
shutterstock_222258445-roadblock

Predictable: How AV flaw hit Microsoft's Windows defences

Could it be that time spent by Microsoft on software security counts for naught? Possibly - based on the findings of an investigation by enSilo that found some of the best-known AV names are susceptible to new vulnerabilities. The results are alarming, suggesting an entire of ecosystem unwittingly opening a back door into …
John Leyden, 11 Dec 2015
Dell XPS 15

Dell computers bundled with backdoor that blurts hardware fingerprint to websites

Analysis Dell ships Windows computers with software that lets websites slurp up the machine's exact specifications, warranty status, and other details without the user knowing. This information can be used to build a fingerprint that potentially identifies a person while she browses across the web. It can be abused by phishers and …
Shaun Nichols, 25 Nov 2015
Blackhat

'Traditional' forms of thuggery decline in UK, cybercrime on the rise

The Office for National Statistics (ONS) has released information suggesting cybercrime incidents are growing more prevalent in British society than traditional criminal incidents, and has noted that this may be due to more criminal enterprises transitioning to the digital world. Included for the first time among the ONS's …

Quadsys Five hacking fraud trial set for mid-December

The fraud case against the Quadsys Five accused of hacking into a rival security reseller’s systems is due to start in earnest on 14 December. As we revealed last month, Quadsys owner Paul Streeter, director Alistair Barnard, account manager Steve Davies and in-house security consultant Jon Townsend were charged with …
Paul Kunert, 28 Sep 2015
spies_648

FireEye: The face of hacking is changing – and it's getting uglier

Cyberattacks from Russia have increased because of sanctions related to the Ukraine while assaults from Iran have dropped over recent months, thanks to the recent Iran nuclear deal. David DeWalt, FireEye chief exec, said these changes show how the diplomatic landscape affects what is happening in cyberspace even though the …
John Leyden, 21 Sep 2015

Now Ashley Madison hackers reveal 'CEO's emails and source code'

Updated Another load of internal files swiped by hackers from Ashley Madison have been leaked online – and they apparently feature the CEO's emails and the website's source code. The 18.5GB leak includes, it is claimed, archives of internal company emails, including one folder labeled Noel Biderman – the chief exec of Avid Life Media …
Iain Thomson, 20 Aug 2015
White Hat for Hackers by Zeevveez, Flickr under CC2.0

Ten years after the sellout, Black Hat is solidly corporate and that’s fine

Analysis When Jeff Moss sold the Black Hat security conference to CMP a decade ago for around $13m (£8.3m), he faced a barrage of abuse from some members of the hacker community as a sellout. They were a little bit right, and a lot wrong, as this year's cons have shown. Black Hat was always supposed to be a little bit corporate anyway …
Iain Thomson, 11 Aug 2015

Oracle pulls CSO's BONKERS anti-bug bounty and infosec rant

Updated While other IT industry heavyweights have embraced bug bounties and working with security researchers more generally, Oracle has set its face in the opposite direction in a blog post likening reverse engineering to cheating on your spouse. Mary Ann Davidson, Oracle's chief security officer (CSO), expressed corporate dislike …
John Leyden, 11 Aug 2015
Cash in brown paper envelope CC 2.0 attribution StockMonkeys.com

A third of workers admit they'd leak sensitive biz data for peanuts

A third of employees would sell information on company patents, financial records and customer credit card details if the price was right. A poll of 4,000 employees in the UK, Germany, USA and Australia found that for £5,000, a quarter would flog off sensitive data, potentially risking both their job and criminal convictions …
John Leyden, 29 Jul 2015
LG electronics US export photo from 1962

Infosec bigwigs rally against US cyber export control rule

Infosec heavyweights are uniting to oppose US government proposals to tighten up export controls against software exploits, a move critics argue threatens to imperil mainstream security research and information sharing. The proposed regulation, based on the Wassenaar Arrangement of 1996 and not originally intended to include …
John Leyden, 15 Jul 2015

US govt now says 21.5 million people exposed by OPM hack – here's what you need to know

The US Office of Personnel Management has come clean on the full extent of the massive data breach that it first disclosed in June, and it's far worse than what was initially thought. On Thursday, OPM announced that records including data from background checks of some 21.5 million people – including present, former, and …
Neil McAllister, 09 Jul 2015

Bank of England CIO: ‘Beware of the cloud, beware of vendors’

The Bank of England is loosening up on IT delivery and recruitment, but not its resistance to public cloud. John Finch, CIO of the UK's central bank since September 2013, Wednesday ruled out the use of any public cloud by the bank for the foreseeable future. Cloud has however crept into the Bank’s IT margins, where it’s been …
Gavin Clarke, 25 Jun 2015
firing range - target in cross hairs

SEC joins hunt for FIN4 attackers

America's Securities and Exchange Commission (SEC) has joined the hunt for the FIN4 hacking group. The bunch, revealed by FireEye in December 2014, used a phishing attack to get access to listed companies' computer systems. Their payoff was to get insider information to trade their targets' stocks. According to Reuters, the SEC …
man_from_uncle_648

GCHQ: Security software? We'll soon see about THAT

The UK's spook agency GCHQ has been working with the National Security Agency to subvert anti-virus software, according to the latest piece of spoon-fed Snowden info reported on The Intercept. According to Glenn Greenwald's rag, spooks reverse-engineered software products in order to obtain intel – a tactic that will surely come …
Kat Hall, 23 Jun 2015
Laurel and Hardy on the phone

Phone hacking blitz hammers UK.biz's poor VoIP handsets

UK businesses are getting disproportionately targeted by a surge of attacks against Voice over IP (VoIP) systems. The growing use of VoIP technology in business and a greater availability of hacking tools that dumb down the process of hacking into systems has led to an increase in attacks worldwide. UK-based systems are being …
John Leyden, 16 Jun 2015
Eugene Kaspersky in Sydney

Duqu 2.0: 'Terminator' malware that pwned Kaspersky could have come from Israel

Eugene Kaspersky reckons hacking into his firm's corporate network was a "silly" move by cyberspies, but independent experts are far from convinced. All seem agreed that the rare attack by a state against an leading information security firm is bad news for corporate security more generally, as it shows attacks are getting more …

We stand on the brink of global cyber war, warns encryption guru

We are in the early years of a cyber war arms race, security guru Bruce Schneier warned delegates at the Infosecurity Europe exhibition on Wednesday. Schneier, CTO of Resilient Systems, said the much publicised Stuxnet attacks on Iran by the US and Israel in 2010, Iran’s attack on Saudi Aramco, China’s apparent role in hacking …
John Leyden, 04 Jun 2015
Meme of a dog "typing" at a computer, with the large font phrase "I have no idea what I'm doing' above him.

It's official: David Brents are the weakest link in phishing attacks

Middle management are increasingly becoming the focus of phishing attacks, according to a new study. Managers received more malicious emails and doubled their click rates year-on-year, according to a study by security company ProofPoint. Senior staff seemed more clued up about dodgy emails, meaning managers and staff clicked on …
John Leyden, 22 Apr 2015
Hacked US CENTCOM Twitter account

IT'S WAR: Hacktivists throw in their lot with spies and the military

Feature Hacktivism has lost its innocence. Once characterised in the early days of Anonymous back in 2008 by assaults against the Church of Scientology, it has now become part and parcel of far darker plans, such as the spread of terrorist propaganda by Islamic militants. Meanwhile, over in the Ukraine, cyber militias of patriot hackers …
John Leyden, 20 Apr 2015
Non-sleeper

Self preservation is AWS security's biggest worry, says gros fromage

State-sponsored cyber armies, lone-wolf attackers, denial-of-service attacks ... which keep Amazon’s Web Services security boffins awake at night? None of the above. It’s customers – those who don’t protect themselves adequately against hackers and malware. That’s according AWS head of global security programs Bill Murray, who …
Gavin Clarke, 13 Apr 2015

Trustwave's off to Singapore as Singtel slurps security company

Singapore's dominant telco and aspiring services player, Singtel, has acquired Trustwave for about US$810m. Trustwave offers managed security services and the SpiderLabs ethical hacking research outfit, plus a range of network, content and endpoint security products. The company operates in 26 nations and has 1,200 people on the …
Simon Sharwood, 08 Apr 2015
Routers

Cisco posts kit to empty houses to dodge NSA chop shops

Cisco will ship boxes to vacant addresses in a bid to foil the NSA, security chief John Stewart says. The dead drop shipments help to foil a Snowden-revealed operation whereby the NSA would intercept networking kit and install backdoors before boxen reached customers. The interception campaign was revealed last May. Speaking …
Darren Pauli, 18 Mar 2015
US Pentagon. Pic: DoD photo by MSgt Ken Hammond, USAF

Respect mah privacy! EU delegation begs US to play nice with data

A delegation of MEPs is in Washington this week to put pressure on the US authorities to respect EU privacy laws. The 11-strong group from the European Parliament’s Civil Liberties Committee (LIBE) is led by British Labour MEP Claude Moraes. He said the Parliament hasn’t forgotten about the National Security Agency (NSA)'s …
Jennifer Baker, 17 Mar 2015
HMS Belfast on the Thames. Pic: Nick Hewson

Hurry shipmates - the black hats have hacked our fire control system

The final instalment of Blighty's Cyber Security Challenge, a ten-month process to find new talent for Blighty's infosec workforce, will conclude this afternoon. The Cyber Security Challenge Masterclass, organised by BT, and described as "a series of national competitions, learning programmes, and networking initiatives …
LIZARD WEARING A TOP HAT SITS ON A BRANCH.  Brett Weinstein pic - ALTERED BY JUDE KARABUS - licensed under  CC 3.0

Oh No, Lenovo! Lizard Squad on the attack, flashes swiped emails

Updated Lenovo's domain name lenovo.com appears to have fallen victim to cyber-mischief-makers Lizard Squad. In the past few minutes, the computer giant's website has been updated to display a slideshow of webcam photos of a bored-looking youth instead of its normal wares. There's some God awful slushy pop music playing in the …
Shaun Nichols, 25 Feb 2015

Don't be fooled! He's not from the IT crowd... he's a CYBERSPY – FireEye

Impersonating IT departments in spear-phishing attacks is becoming an increasingly popular tactic among hackers, particularly in cyber-espionage attacks. IT staff themed phishing emails comprised 78 per cent of observed phishing schemes picked up by FireEye in 2014, compared to just 44 per cent in 2013. The sixth annual FireEye …
John Leyden, 24 Feb 2015
Bart Simpson

Microsoft will give away Windows 10 FREE - for ONE year

Microsoft is planning a big push for Windows 10 and will be giving away the new operating system to Windows 7, Windows 8.1, and Windows Phone 8 users in the first year of release. "With Windows 10, we think of the operating system as 'Windows as a service'," said Terry Myerson, Microsoft's VP of operating systems. "In next few …
Iain Thomson, 21 Jan 2015
The future of air war

US and UK declare red-team CYBER WAR – on EACH OTHER

The US and the UK are planning a series of joint war games involving cyber-warriors from either side attacking each other in a bid to expose security weaknesses before they are abused by criminal hackers or hostile governments. The exercises, which will initially test the security defences and procedures at banks on Wall Street …
John Leyden, 16 Jan 2015
Old Bailey Lady Justice

Microsoft vs US.gov, Internet of Stuff, Big Data: Some of 2015's legal cloudy issues

Cloud, Big Data, the Internet of Things are among the hottest topics that vendors are driving in 2015, but there are five legal developments in each that are worth tracking. 1. Microsoft and US government go to court Again, Microsoft is resisting attempts by the US government to get access to the user data it is holding …
Frank Jennings, 15 Jan 2015

Roll up, come see the BOOMING HACKER BAZAAR!

Underground hacker markets are booming with counterfeit documents, premiere credit cards, hacker tutorials, and "complete satisfaction guarantees", according to a new report from Dell SecureWorks. The means to create a false identity are easily purchased through the cracker bazaars. A fake social security card can be obtain for …
John Leyden, 15 Dec 2014
Money image

NASA's British cloudy collab provider scores $51m from VCs

Cloudy storage and collaboration service provider Huddle has trousered millions more cash from vulture venture capitalists to spend on biz development on both sides of the Atlantic. The UK-based outfit, started by CEO Alastair Mitchell in 2007, last night took home a $51m Series D round of funding, valuing the business at …
Paul Kunert, 12 Dec 2014

Opinion

Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella
Stranded_ships

Chris Mellor

Thousands of layoffs announced as spinning rust enters its death spiral

Features

STRASBOURG, JUNE 29, 2016: The seat of the European Parliament. by Marco Aprile for shutterstock. EDITORIAL USE ONLY
Plan b, image via Shutterstock
EU workers, new markets: post-Brexit pressure on May & Co
Tough question, pic via Shutterstock
Honest mistake with your licensing? Audit police look at it on a 'case by case basis'