fbpx

TheRegister

Category Added in a WPeMatico Campaign

Tupperware-dot-com has a live credit card skimmer on its payment page, warns Malwarebytes

Branded lunchbox biz didn’t answer for 5 days, alleges infosec firm Tupperware, maker of the plastic food containers beloved of the Western middle classes, has an active and ongoing malware infection on its website that steals credit card data and passes it to criminals. Infosec firm Malwarebytes, which made the discovery, has gone public with …

Tupperware-dot-com has a live credit card skimmer on its payment page, warns Malwarebytes Read More »

nigeria

Nigerian spammer made 3X average national salary firehosing macro-laden Word docs at world+dog

And his boss monitored him with a RAT A most entertaining piece of threat research from Check Point gives a unique insight into the “working” life of a Nigerian email spammer who made thousands of dollars from stolen credit cards alone in recent years. The scammer in question, whose true identity was known to Check …

Nigerian spammer made 3X average national salary firehosing macro-laden Word docs at world+dog Read More »

virgin media

Like a Virgin, hacked for the very first time… UK broadband ISP spills 900,000 punters’ records into wrong hands from insecure database

Contact info and more, perfect for phishing Virgin Media, one of the UK’s biggest ISPs, on Thursday admitted it accidentally spilled 900,000 of its subscribers’ personal information onto the internet via a poorly secured database. The cableco said it “incorrectly configured” a storage system so that at least one miscreant was able to access it …

Like a Virgin, hacked for the very first time… UK broadband ISP spills 900,000 punters’ records into wrong hands from insecure database Read More »

billion vulnerable android devices

More than a billion hopelessly vulnerable Android gizmos in the wild that no longer receive security updates – research

Consumer mag Which? calls for manufacturers to be open about how long they will support devices File this one under “well, duh.” Consumer mag Which? today published research estimating that over a billion Android devices are vulnerable to hackers and malware as they are not receiving security updates. Data obtained from Google by the publication found that …

More than a billion hopelessly vulnerable Android gizmos in the wild that no longer receive security updates – research Read More »

hatton garden heist

NordVPN quietly plugged vuln where an HTTP POST request without authentication would return detailed customer data

Fiddle with some numbers and voila A vulnerability in NordVPN’s payments platform allowed anyone to view users’ payment information and email addresses, a startling HackerOne entry has revealed. By simply sending an HTTP POST request without any authentication at all to join.nordvpn.com one could read off users’ email addresses, payment method and URL, currency, amount paid and …

NordVPN quietly plugged vuln where an HTTP POST request without authentication would return detailed customer data Read More »

pervasive surveillance

Pervasive digital surveillance of citizens deployed in COVID-19 fight, with rules that send genie back to bottle

Israel is up for it. America, Iran, Thailand may be, too. China is there already, natch Pervasive surveillance through digital technologies is the business model of Facebook and Google. And now governments are considering the web giants’ tools to track COVID-19 carriers for the public good. Among democracies, Israel appears to have gone first: prime …

Pervasive digital surveillance of citizens deployed in COVID-19 fight, with rules that send genie back to bottle Read More »

cryptojacking

Remember cryptojacking from way, way back (2019)? Site infections are down 99% – thanks to death of Coinhive

Not totally eradicated yet, ads make more dosh Cryptojacking, the theft of computing power to mine digital currency, has been around at least since 2013 – and has shrunk in use dramatically with the death of Monero-mining service Coinhive. Since Coinhive’s closure last year, cryptojacking has been almost eliminated, according to a group of researchers …

Remember cryptojacking from way, way back (2019)? Site infections are down 99% – thanks to death of Coinhive Read More »

small business loans - gray hat freelancer

Small business loans app blamed as 500,000 financial records leak out of … you guessed it, an open S3 bucket

Bank info, driver’s license copies and more found, report researchers A now-defunct mobile app for loaning money to small business owners has been pinned down as the source of an exposed archive containing roughly 500,000 personal and business financial records. The research team at vpnMentor said it traced an exposed database of financial records back to a …

Small business loans app blamed as 500,000 financial records leak out of … you guessed it, an open S3 bucket Read More »

freedom of information act

Freedom of Information coverup clerk stung for £2k after deleting council audio recording

ICO notches up first successful FoI prosecution A town clerk in the English county of Shropshire has been the subject of the first ever successful Freedom of Information prosecution after lying to a member of the public who made an FoI request. Nicola Young, clerk of Shropshire’s Whitchurch Town Council, was fined £400, ordered to …

Freedom of Information coverup clerk stung for £2k after deleting council audio recording Read More »

cyber vaccination

Dear Adobe, Trend Micro users: Please vaccinate your software – at least some of these security holes were exploited in the wild

Genuine Integrity doesn’t exactly live up to its name A little more than a week after forgoing March’s Patch Tuesday hullabaloo, Adobe has emitted fixes for dozens of security flaws in its applications. The ever-vulnerable Reader and Acrobat on Windows and macOS require patching for 13 CVE-listed holes, nine of which can be exploited to gain malicious code …

Dear Adobe, Trend Micro users: Please vaccinate your software – at least some of these security holes were exploited in the wild Read More »