TalkTalk 'fesses up to MEGA data breach [Mon Mar 2 2015]

Dear etechnews today,

Your weekly security newsletter from theregister.co.uk
for the week ending 2nd March 2015


*** Security News ***

Twitter triples abuse team, knocks dox
Reports surge as CEO crackdown takes effect
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2esj

Bad movie: Hackers can raid networks with burnt Blu-Rays
Movies a distraction for remote plunder
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2esg

Blockheads bork Bitcoin Foundation board election
As if anything could go wrong with version 0.1 blockchain voteware ...
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2esb

Seagate NAS owners: hide it behind a firewall. Fast.
Unpatched software in the OS means root to your stuff won't be hard,
says researcher
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2es9

BitDefender bit trip slaps 'valid' on revoked certs
Patch for security suites inbound
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2es8

FORK ME! Uber hauls GitHub into court to find who hacked database of
50,000 drivers
Taxi biz demands IP addresses and more
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2erC

New Xen vuln triggers Amazon, Rackspace reboot panic redux
Second hypervisor-related cloud meltdown in six months
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2erB

Lenovo: We SWEAR we're done with bloatware, adware and scumware
By Windows 10 launch our systems will be PURE, honest
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2erm

Thousands of UK drivers' details leaked through hole in parking ticket
website
PaymyPCN database of names, pics was open, says report
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2er9

NTT Com Security to wed UK cyber specialist Nebulas, say sources
Everyone wants a bigger piece of the cyber security pie
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2er7

TalkTalk 'fesses up to MEGA data breach
Noticed an increase in scamming late last year
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2er6

Paranoid Android Kaymera smartmobe takes on Blackphone
Super-secure Israeli platform only lacks Mossad bodyguard
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2er3

CloudFlare crypto gets faster on old mobes
Choc Factory ChaCha crypto pairing gets popular
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2er2

Iran hacks America where it hurts: Las Vegas casinos
Digital Pearl Harbour debunked by US director of national intelligence
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2eqP

EPIC asks FTC to stick a probe up Samsung over 'snooping' smart TVs
Privacy campaigners say sets are collecting user info
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2eqN

EFF fears crims are getting smart to Superfish SSL flaws
Certificate flaws spotted in variety of important sites
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2eqM

Alleged Aussie Anon hauled in for Indonesia phone tap hacking spat
Charged with urging keyboard warriors to pop spy agency sites
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2eqJ

FinFisher, the spyware loved by cruel dictators, stomps all over human
rights, says UK govt
Bahraini sales were dodgy, please don't do it again
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2eqz

Firefox 36 swats bugs, adds HTTP2 and gets certifiably serious
Three big bads, six medium messes and 1024-bit certs all binned in one
release
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2epY

And the buggiest OS provider award goes to ... APPLE?
Count of 2014's flaws finds more nasties in Mac OS and iOS than in
Windows or Linux
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2epX

P0wned plug-in puts a million WordPress sites at risk of attack
See? We told you blogs were dangerous
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2epW

Bad dog! PrivDog chews HTTPS, hurls clear text
Scolded puppy to learn better security
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2epK

SIM hack scandal biz Gemalto: Everything's fine ... Security industry:
No, it's really not
Why so confident, infosec bods wonder
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2epE

Oh No, Lenovo! Lizard Squad on the attack, flashes swiped emails
Emo-takeover better not be a viral marketing stunt to win our hearts
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2epC

WANTED: A plan to DESTROY metadata, not just retain it
Australian Police keep leaking or pinching data: if we must have
metadata retention, laws must stop their stupidity
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2epz

Europol shuts down darn RAMNIT botnet
Cops analysing command and control server ... in Hampshire
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2epj

Not even GCHQ and NSA can crack our SIM key database, claims Gemalto
If snooping was done, it was done via comms intercept
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2ep9

Zeus scumbag infects itself, buddies, with rival Trojan
See what happens when you don't run antivirus?
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2enR

Gemalto: NSA, GCHQ hacked us – but didn't snatch crucial SIM keys
'Investigation' admits to attacks, but says phone crypto secrets stayed
secure
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2enQ

C'mon Lenovo. Superfish hooked, but Pokki Start Menu still roaming free
Reg reader up in arms about bundled bloatware
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2enP

Google offers 'INFINITY MILLION DOLLARS' for bugs in Chrome
Pwnium challenge goes 24/7 to flush out bug-hoarders
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2enL

Snowden's favourite Linux - Tails - rushes sec-fix version to market
Sweeping up the dead bugs
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2enJ

Lenovo CTO: Hey, look around – we're not the only ones with a crapware
infection
Friday is D-Day for PC lobber to regain trust
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2enC

Red or alive, you're coming with me: Feds offer $3m reward for
'CryptoLocker baron'
Evgeniy Bogachev accused of GameOver ZeuS botnet crimes
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2enB

Why does the NSA's boss care so much about backdoors when he can just
steal all our encryption keys?
Let's get down to the real talk
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2enA

Visa's tokenisation scheme to debut in Australia
Frustrated fraudsters to deal with throwaway digits
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2enz

Glad you're not on the Anthem hacker hit list? Not so fast – millions
more affected
Peeps with Blue Cross Blue Shield plans also caught up
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2ent

Don't be fooled! He's not from the IT crowd... he's a CYBERSPY –
FireEye
Is that Tom the techie or a Chinese spear-phisherman?
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2enb

SSL-busting adware: US cyber-plod open fire on Comodo's PrivDog
Superfish sequel: I'm looking at the man in the middle
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2en5

Redmond boffins build coffins for exploit kits
'Kizzle' tool spots and crimps hackers' automation tools
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2emX

Cert-slurping security firms chop super-fishy features
Lavasoft, AdTrustMedia, add fuel to man-in-the-middle diddle
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2emQ

Samb-AAAHH! Scary remote execution vuln spotted in Windows-Linux
interop code
Microsoft finds critical bug that hurts most recent Linuxes
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2emH

Google looks to scrape away scumware, as only it can
Sign up for webmaster tools if you want advance notice of your
blacklisting
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2emG

A billion things are already on the IoT: Verizon
Oh great: That leaves another four billion security risks to prepare
for
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2emF

I wish I'd leaked sooner says Edward Snowden in post-Oscar chinwag
Poitras promises more technical film on NSA spying is in production
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2emD

Burning Man hackers get burnt
200 queue jumpers caught using 'backdoor'
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2emC

Give us a week to GUT Superfish, begs Lenovo CTO
Don't Panic, says malware-pusher, Superfish never swam on ThinkPads,
servers or arrays
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2emB

'Lenovo, Superfish put smut on my system' – class-action lawsuit
Should be open and shut (laptop) case
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2emy

Psst, hackers. Just go for the known vulnerabilities
Look for the obvious, not the esoteric, warns HP
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2emn

Calling all cybercrooks: Ready-made phone attack rig for sale
Kit used as part of online banking fraud
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2em8

Debian on track to prove binaries' origins
Reproducible binary project 83% complete
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2em3

Leaky battery attack reveals the paths you walk in life
'Innocent' power consumption metrics found in scores of Android apps
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2em2

Facebook security chap finds 10 Superfish sub-species
Cert-jacking 'Komodia' library looks to be widespread
http://go.reg.cx/ml/9e7f3/551c867f/b74f4b61/2em1


*** Whitepaper ***

Seattle children's accelerates Citrix login times by 500% with cross-tier insight
Seattle Children's is a leading research hospital with a large and growing Citrix XenDesktop deployment. See how they used ExtraHop to accelerate launch times.
http://whitepapers.theregister.co.uk/d/e31/9e7f3/853/c8c5972a?td=week_sec_e



------------------------------------------------------------------------

This email was sent to garn14.tech@blogger.com

To change your email or your email subscriptions

http://account.theregister.co.uk/login/

To unsubscribe from all The Register newsletters

http://account.theregister.co.uk/unsubscribe/649203/acc978a1

The Register and its contents are Copyright © 2015 Situation Publishing.
All rights reserved.