Link list

Now WikiLeaks is distributing malware

Veteran anti-virus researcher Vesselin Bontchev has discovered that there are thousands of samples of malware available for download from the WikiLeaks website. The malware found by Bontchev is found in a large tranche of emails leaked from AKP, a Turkish political party. Bontchev writes: Since many of the AKP members have been recipients of malware


57 sec read

Video of Hillary Clinton meeting ISIS leader? Nah, it’s a malware attack

Symantec writes: Cybercriminals are using clickbait, promising a video showing Democratic Party presidential nominee Hillary Clinton exchanging money with an ISIS leader, in order to distribute malicious spam emails. The email’s subject announces “Clinton Deal ISIS Leader caught on Video,” however there is no video contained in the email, just malware. Adding to the enticement,


34 sec read

IT security woman hits back at sexist trolls on LinkedIn

UK IT security firm Foursys writes: Should we police or dictate how our employees dress? Should we only allow them to represent our brand if they have a specific body type or sense of style? What about internet commenters or trolls? Is it ok for them to bombard our employees with abuse? Foursys is asking


1 min read

A simple way to kill off Twitter trolls

@th3j35t3r writes on his blog: Simply put. If Jim is blocked by John, Jim can no longer even utter Johns handle/twittername in a tweet. If he attempts to the tweet simply doesn’t process or gets sinkholed. Period. The end. Forever, or until John unblocks him. This approach would not infringe on Jim’s ‘freedom of speech’,


36 sec read

Tor users in the States were hacked by Australian authorities

Joseph Cox at Motherboard writes: Australian authorities hacked Tor users in the US as part of a child pornography investigation, Motherboard has learned. The contours of this previously-unreported hacking operation have come to light through recently-filed US court documents. The case highlights how law enforcement around the world are increasingly pursuing targets overseas using hacking


53 sec read

Blogger turns tables on cyber-scammer by infecting them with ransomware

BBC News reports: A French security researcher says he managed to turn the tables on a cyber-scammer by sending him malware. Technical support scams try to convince people to buy expensive software to fix imaginary problems. But Ivan Kwiatkowski played along with the scheme until he was asked to send credit card details. He instead


39 sec read

Someone seems to be trying to spy on VeraCrypt’s security audit

At the start of this month OSTIF (the Open Source Technology Improvement Fund) announced that it had agreed a plan to get the open source disk encryption tool VeraCrypt independently audited. The audit, which would look for security holes and weaknesses in VeraCrypt’s code, would be done in co-ordination with vulnerability researchers from QuarksLab. So


46 sec read

Almost all cars sold by VW Group since 1995 at risk from unlock hack

Wired writes: Later this week at the Usenix security conference in Austin, a team of researchers from the University of Birmingham and the German engineering firm Kasper & Oswald plan to reveal two distinct vulnerabilities they say affect the keyless entry systems of an estimated nearly 100 million cars. One of the attacks would allow


1 min read

Earn up to $200,000 as Apple *finally* launches a bug bounty

The Verge writes: Apple is planning a new bug bounty program that will offer cash in exchange for undiscovered vulnerabilities in its products, the company announced onstage at the Black Hat conference today. Launching in September, the program will offer cash rewards for working exploits that target the latest version of iOS or the most


1 min read

Meet the men who spy on women through their webcams

Nate Anderson at Wired paints a terrifying portrait of the sick world of webcam hackers, while also pointing out that such perverted snooping is within easy reach of even the technically unskilled: Calling most of these guys “hackers” does a real disservice to hackers everywhere; only minimal technical skill is now required to deploy a


24 sec read

Secure email service GhostMail shutting down, in fear of being abused

GhostMail, a site that offered “military encrypted and self-destructing email accounts”, has announced that it is closing down: GhostMail in its current form will be closed down as per 1. of September 2016. Since we started our project, the world has changed for the worse and we do not want to take the risk of


52 sec read

Sorry, your Motorola Android isn’t going to get monthly security updates

Well, this sucks if you’ve spent good money on a Motorola smartphone. The firm has confirmed to Ars Technica that it isn’t going to commit to monthly security updates, even though Google will have released patches for the Android operating system. Here’s what they told Ron Amadeo at Ars Technica: “Motorola understands that keeping phones


36 sec read

SentinelOne says if you get hit by ransomware, it will pay the ransom

SentinelOne writes: We’ve created the first ever Ransomware Cyber Guarantee – a warranty for our product’s performance. It’ll give you the best protection from ransomware attacks – and if we miss something and you get infected – we’ll pay the ransom. It’s that simple. And it’s how security is supposed to be. If you can


32 sec read

Police 3D print murder victim’s finger to unlock his phone

Fusion reports: A man was murdered, and the police think there might be clues to who murdered him stored in his phone. But they can’t get access to the phone without his fingerprint or passcode. So instead of asking the company that made the phone to grant them access, they’re going another route: having the


49 sec read

When the people selling you IT security solutions hack into their rival’s database…

The Register reports: Five men working at UK-based IT security reseller Quadsys confessed today to hacking into a rival’s database. Owner Paul Streeter, managing director Paul Cox, director Alistair Barnard, account manager Steve Davies and security consultant Jon Townsend appeared before the beak at Oxford Crown Court. “All pleaded guilty to obtaining unauthorised access to


49 sec read

Turns out that you can’t trust ‘Trump free Wifi’ at the Republican National Congress

The cheeky japesters at Avast created a series of fake Wi-Fi networks at various locations around the Republican National Congress in Cleveland, as Silicon Angle reports: Avast’s team set up several networks, using names such as “Trump free Wifi” or “Google Starbucks,” which were designed to look as though they were set up for convention


56 sec read