Search Results for “Register”

August 22, 2019
Shaun Nichols / The Register

Shaun Nichols / The Register  
More Than 70% of Newly Registered Domains Are Suspicious, Not Safe for Work or Malicious, Admins Should Ban Access to Domains Less Than Month Old, Palo Alto’s Unit 42

More than 70 percent of newly registered domains (NRDs) fall under the classification of “suspicious,” “not safe for work,” or “malicious” according to a study by Palo Alto Network’s Unit 42. The security company says these findings justify their recommendation that admins banning access to any web domain less than a month old. At the minimum, if access to NRDs is allowed, then alerts should be set up for additional visibility, the company says. In its study of new domains created on 1,530 different top-level domains (TLDs) from March to May of this year, the company says just 8.4 percent of NRDs could be confirmed as hosting only benign pages, 2.32 percent were confirmed not safe for work, while 1.27 percent of the domains were classified as malicious. The solid majority of NRDs, 69.73 percent, fell under the label of “suspicious.

September 13, 2019
Anna Spoerre / Des Moines Register

Anna Spoerre / Des Moines Register  
Two Cybersecurity Pentesters Hired to Gain Unauthorized Access to Court Records in Dallas County Iowa Arrested for Trying to Break Into Courthouse

Two men who worked for cybersecurity firm Coalfire, Justin Wynn and Gary Demercurio, were arrested for breaking into the Dallas County, Iowa Courthouse but told law enforcement they were hired to do so as pentesters by the judicial branch under contract with Coalfire. Dallas County officials initially said they had no knowledge of the contract but later admitted they did hire the men to attempt “unauthorized access” to court records “through various means” in order to check for potential security vulnerabilities of Iowa’s electronic court records. The state court administration said, however, they “did not intend, or anticipate, those efforts to include the forced entry into a building.” The two men have been charged with third-degree burglary and possession of burglary tool and their bond has been set at $50,000 each.

The Register – Security, Associated Press, Mashable, SC Magazine, Infosecurity Magazine

Tweets:@kimzetter @wimremes

October 3, 2019
Kim Zetter / Motherboard

Kim Zetter / Motherboard  
Lax Opsec at Uzbekistan’s Intel Agency Exposed Threat Actor’s Purchased Zero-Day Exploits, Allowed Surveillance of Malware Development

A recently discovered threat actor dubbed SandCat believed to be Uzbekistan’s repressive and much-feared intelligence agency, the State Security Service (SSS), proved so inept at operational security that researchers at Kaspersky Lab found multiple zero-days exploits SandCat had purchased from third-party brokers and even caught them in the middle of malware development. The group committed a number of operational security blunders including using the name of a military group with ties to the SSS to register a domain used in its attack infrastructure; installing Kaspersky’s antivirus software on machines it uses to write new malware, allowing Kaspersky to detect and grab malicious code still in development; and embedding a screenshot of one of its developer’s machines in a test file, exposing a significant attack platform as it was in progress.

Related: Reuters, Cyberscoop, Ars Technica, Reddit-hacking, Tom’s Hardware

Tweets:@jc_stubbs @KimZetter

August 22, 2019
Gareth Corfield / The Register

Gareth Corfield / The Register  
Hacktivist Groups Are Dwindling as Members Use Simple, Outmoded Techniques That Are Easily Defeated, Recorded Future

Hacktivism as exemplified by groups such as LulzSec and CDC, the Cult of the Dead Cow, is on the decline, partially because “many members of a hacktivist organization are not skilled and are forced to rely upon simple and outdated tools and techniques that are easily defeated by competent network defenders,” Recorded Future’s Insikt Group reports. Of the 28 active hacktivist groups the security company tracked in 2016, only seven exist today. The attack methods used by these groups are outmoded in terms of effectiveness, such as DDoSing, XSSing, spearphishing, utilization of commodity spyware and brute-forcing of login creds as means of illicitly accessing targets’ IT infrastructure.

August 21, 2019
Shaun Nichols / The Register

Shaun Nichols / The Register  
Rapidly Growing Russian Hacking Crew Silence Now Operates in More Than 30 Countries, Has Stolen at Least $4.2 Million From ATMs Around the World

The rapidly growing and increasingly sophisticated Russian hacking crew dubbed Silence, active since 2016, is now operating in more than 30 countries and has so far been able to infiltrate banks’ computer networks to siphon at least $4.2m from compromised cash machines around the world, researchers at Group-IB report. Since July, Silence has sent out more than 170,000 emails to banks around the world, with a focus on Asia, where 80,000 booby-traped, malware-laden messages were sent. Once Silence penetrates the banks’ networks, they gain control of the servers managing the cash machines and card processing systems and then direct money mules to specific ATMs to collect the cash.

August 20, 2019
Thomas Claburn / The Register

Thomas Claburn / The Register  
Webmin Patches Flaw That Can Allow Remote Code Execution in Certain Configurations

The maintainers of Webmin, an open-source application for system administration tasks on Unix-flavored systems, have released Webmin version 1.930 and the related Usermin version 1.780 to patch a vulnerability, 2019-15107, that can be exploited to achieve remote code execution in certain configurations. The patch also fixes several XSS issues that were responsibly disclosed, he said, noting that a bounty has been paid to the researcher who reported them. The bug was revealed on Saturday, August 10, by Özkan Mustafa Akku? at DEF CON and was made available as an exploit in a module for the Metasploit framework, although the Webmin maintainers said they were not informed of the flaw until Saturday, August 1

Related: ZDNet Security, Tenable Blog, SecurityWeek, VirtualMin

Tweets:@GossiTheDog @jleyden

September 10, 2019
Thomas Claburn / The Register

Thomas Claburn / The Register  
Mozilla to Implement DNS-over-HTTPS by Default in Firefox Browser Starting in Late September, Protects User Privacy From Network Service Providers

Mozilla said it plans to implement the DNS-over-HTTPS (DoH) protocol by default in its Firefox browser, with a slow rollout starting in late September. DoH transfers domain name system queries, which try to match domain names with server IP addresses, over an encrypted HTTPS connection rather than an unprotected HTTP one, thereby preventing third-parties such as network service providers from seeing which websites users visit. Firefox’s DoH service will be provided through Cloudflare’s DNS service, although the list of supported service providers may grow over time. Cloudflare has promised to only use Firefox DNS resolution data “solely to improve the performance of Cloudflare Resolver for Firefox and to assist us in debugging efforts if an issue arises.”

July 29, 2019
Emily Flitter and Karen Weise / New York Times

Emily Flitter and Karen Weise / New York Times  
Firewall Misconfiguration by Capital One Allowed Hacker to Steal Millions of Credit Applications, Social Security and Bank Account Numbers Affecting More Than 100 Million People in North America

In one of the largest cases of bank data theft ever, software engineer Paige Thompson hacked into a server holding customer information for Capital One, exploiting a firewall misconfiguration in the bank’s network to steal millions of credit card applications, federal prosecutors say. Thompson, who used the online handle “erratic” was the organizer of a group on Meetup, a social network, called Seattle Warez Kiddies, described as a gathering for “anybody with an appreciation for distributed systems, programming, hacking, cracking.” The F.B.I. noticed her activity on Meetup and used it to trace her other online activities, eventually linking her to posts describing the data theft on Twitter and the Slack messaging service. Thompson stole 140,000 U.S. Social Security numbers and 77,000 bank account numbers, along with one million Canadian social insurance numbers affecting more than 100 million people in the United States and Canada. A“firewall misconfiguration” by the bank had allowed Ms. Thompson to communicate with the server where Capital One was storing its information and, eventually, gain access to customer files, an FBI agent investigating the case said in court documents. Ms. Thompson worked as a systems engineer at Amazon from 2015 to 2016.

Related: CNN, Reuters, Associated Press, Axios, CNBC, NBC News, Politico, Capital One, The Register, Bloomberg, Washington Post, TechCrunch, TechCrunch, Wired,, Ars Technica, CNET, Wall Street Journal, The Verge, The Hill, Venture Beat, Law360, Reuters, Daily Mail,, BGR, USATODAY, Business Insider, The Daily Swig, Newsweek, Financial Times, CRN, CRN,, SecurityWeek,, BetaNews, The Verge, GBHackers On Security, SlashGear » security, E-Commerce Times,,, The VergeEvening Standard, – Software Industry News, TechSpot, Digital Trends, Neowin, Fast Company, Mother Jones, New York Daily News, New on MIT Technology Review, FOX News, The Hacker News, Help Net Security,, Fortune, Technology News |, SecurityWeek, The Huffington Post, Cyberscoop, IT World Canada, ARN, The Guardian, Digital Trends, The Next Web, Android Central , GeekWire, SC Magazine, Techerati, SlashdotABC News: U.S., Graham Cluley, Japan Times,Security Affairs, Cyber Kendra,,, Computer Business Review, TechNadu, Silicon Republic, Infosecurity Magazine, The State of Security, DataBreaches.netGadgets Now, Courthouse News Service, BBC News – WorldBleepingComputer.comITV News, RT USA, AOL, New York Post, EJ Insight, Mercury News, TODAYonline, CBC , Deutsche Welle, Gizmodo, News : NPR, POLITICO, Gizmodo, Daily BeastGeekWire

Tweets:@zackwhittaker @briankrebs @cnbcnow @gregotto @yoda @RepKatiePorter @zackwhittaker @Wired @BleepingComputer @kimzetter @dnvolz @BleepingComputer @McGrewSecurity @weldpond @h0tdish @hacks4pancakes @RayRedacted @catcalvinla @malwarejake @somanyshrimp @TorresLuzardo

CNN: A hacker gained access to 100 million Capital One credit card applications and accounts
Reuters: Capital One reveals 100M affected by data breach, hacker arrested
Associated Press: Capital One says hacker gained access to personal information of more than 100 million people
Axios: 100 million credit card applications stolen from Capital One
CNBC: Capital One data breach exposes tens of thousands of Social Security numbers, linked bank accounts
NBC News: Over 100 million credit card applicants at risk in Capital One breach, Seattle woman arrested
Politico: Capital One reveals historic data breach after FBI arrests Seattle suspect
Capital One: Capital One Announces Data Security Incident
The Register: Capital One gets Capital Done: Hacker swipes personal info on 106 million US, Canadian credit card applicants
Bloomberg: Capital One Says Breach Hit 100 Million Individuals in U.S.
Washington Post: Capital One says data breach affected 100 million credit card applications
TechCrunch: Capital One’s breach was inevitable, because we did nothing after Equifax
TechCrunch: Capital One hacked, over 100 million customers affected
Wired: THE ALLEGED CAPITAL ONE HACKER DIDN’T COVER HER TRACKS Seattle Tech Worker Arrested for Data Theft Involving Large Financial Services Company
Ars Technica: Feds: former cloud worker hacks into Capital One and takes data for 106 million people
CNET: Capital One data breach involves 100 million credit card applications
Wall Street Journal: Capital One Reports Data Breach Affecting 100 Million Customers, Applicants
The Verge: Massive Capital One breach exposes personal info of 100 million Americans
The Hill: Woman arrested, accused of hacking 100 million Capital One records
Venture Beat : Capital One announces hack affecting 106 million U.S. and Canadian customers
Law360: Capital One Says Breach Impacted 106M As Suspect Arrested – Law360
Daily Mail : Ex-tech worker arrested for Capital One hack after stealing data from 100 million customers Woman Arrested in Massive Capital One Data Breach
BGR: Hacker steals data for more than 100 million Capital One users, then brags about it and gets arrested
USATODAY: Massive data breach hits Capital One affecting more than 100 million customers
Business Insider: Capital One data breach, affecting tens of millions
The Daily Swig: Millions affected by Capital One data breach
Newsweek: Capital One Data Breach: How to Know, and What You Should Do, If Your Account Has Been Compromised
Financial Times: Capital One reports massive data breach
CRN: Capital One Breach Exposed Data From 106M Credit Card Applicants, Users Capital One data breach affects 100M credit card applicants Capital One says data breach affected 100 million credit card applications
SecurityWeek: CapitalOne Discloses Massive Data Breach: 106 Million Impacted Capital One data breach could have affected six million Canadian bank accounts
BetaNews: Personal details of 106 million Americans and Canadians stolen in huge Capital One data breach
The Verge: Massive Capital One breach exposes personal info of 100 million Americans
GBHackers On Security: Capital One Hacked – Over 100 Million Credit Card Application Data Exposed
SlashGear » security: Capital One hack affects over 100 million people in the US and Canada
E-Commerce Times: Equifax Data Breach Settlement No Wrist Slap Worried about the Capital One hack? Here’s what to do Capital One Suffers Data Breach Affecting 100 Million Customers
Evening Standard: Capital One data breach 2019: What to do if you have been affected
Engadget: Capital One data breach affected 100 million in the US – Software Industry News: Everything you need to know about the massive Capital One hack, but were afraid to ask
TechSpot: Capital One hack exposed 100 million US customers’ personal details
Digital Trends: New Capital One data breach affects 100 million people. Here’s the very latest
Neowin: Over 100 million accounts compromised after Capital One data breach
Fast Company: Capital One data breach: what was stolen and how to find out if you are affected
Mother Jones: What’s In Your Wallet?
New York Daily News: Capital One hit with data breach affecting some 100 million U.S. customers
New on MIT Technology Review: A hacker stole the personal data of 100 million Capital One customers
FOX News: Capital One data breach exposes info of 106M customers, applicants; suspect arrested
The Hacker News: Capital One Data Breach Affects 106 Million Customers; Hacker Arrested
Help Net Security: Capital One breach: Info on 106 million customers compromised, hacker arrested Capital One data breach hits more than 100 million people
CNBC: Capital One data breach exposes tens of thousands of Social Security numbers, linked bank accounts
Fortune: Hacker May Have Stole Info About Millions of Capital One Customers, U.S. Says
Technology News | Capital One target of massive data breach
SecurityWeek: Capital One Target of Massive Data Breach
The Huffington Post: Credit Card Company Reveals 100 Million People May Be Affected By Hack
Cyberscoop: Capital One announces massive data breach; lone suspect arrested in Seattle
IT World Canada: Six million Canadians impacted by Capital One data breach
ARN: Capital One: hacker gained access to personal information of over 100 million Americans
The Guardian: Capital One: hacker stole data of over 100m Americans
Ars Technica: Hacker ID’d as former Amazon employee steals data of 106 million people from Capital One
Axios: 100 million credit card applications were stolen from Capital One
The Next Web: Capital One data breach compromises 106 million customers’ personal data
Android Central : Capital One breach exposes personal details of over 100 million customers
SC Magazine: Capital One hacker who stole personal info on 100M arrested | SC Media
AP Breaking News: Capital One target of massive data breach
Techerati: Capital One breach affecting 106 million customers caused by misconfigured cloud storage
Slashdot: Capital One Says Hacker Breached Accounts of 100 Million People; Ex-Amazon Employee Arrested
ABC News: U.S.: Capital One target of massive data breach
Graham Cluley: Woman arrested after Capital One hack spills personal info on 106 million credit card applicants
Japan Times: Hacker accesses over 100 million Capital One credit applications in massive data breach
Zero Hedge: Capital One Admits Massive Data Breach: 100 Million Americans Affected, Seattle Woman Arrested
Security Affairs: Capital One data breach: hacker accessed details of 106M customers before its arrest
Cyber Kendra: Capital One Suffered Data Breach 106 Million People Affected Cap One Hack Hits 100M Credit Card Applications Paige Adele Thompson: 5 Fast Facts You Need to Know
Computer Business Review: Capital One Hacker was Ex-AWS Employee
TechNadu: Capital One Reports a Major Data Breach Affecting 106 Million Individuals in the USA & Canada
Infosecurity Magazine: Capital One Breached by Cloud Insider in Major Attack
Tech Insider: Amazon’s cloud was at the heart of the big Capital One hack, even though it doesn’t seem to be at fault (AMZN, COF)
The State of Security: Woman arrested after Capital One hack spills personal info on 106 million credit card applicants Capital One says data breach affected 100 million credit card applications
Gadgets Now: Capital One hacked, says information of 100 million-plus users leaked
Reuters: Capital One says information of over 100 million individuals in U.S., Canada hacked
BBC News – World: Capital One data breach: Arrest after details of 100m US individuals stolen
TIME: Capital One Information Hacked in Massive Data Breach
NDTV Capital One Bank Targeted in Massive Data Breach Capital One Data Breach Affects 106 Million People, Suspect Arrested
ITV News: 100 million applications targeted in Capital One bank data breach
RT USA: 100mn+ people’s data exposed in Capital One bank hack, thousands of SSNs & accounts leaked
AOL: Capital One: information of over 100 mln individuals in U.S., Canada hacked
New York Post: Capital One reveals 100M affected by data breach, hacker arrested
EJ Insight: Capital One data breach affects millions in US, Canada
Mercury News: Capital One: Hacker got info on 100M in the US, 6M in Canada
CBC : Hacker obtained personal information of 6 million people in Canada
Deutsche Welle: Capital One data theft: US arrests ‘erratic’ hacker
Gizmodo: Hacker Claims to Be in Possession of Personal Info on Up to 20,000 LAPD Applicants
The Register: Capital One gets Capital Done: Hacker swipes personal info on 106 million US, Canadian credit card applicants
POLITICO: Capital One reveals historic data breach after FBI arrests Seattle suspect
Daily Beast: Tens of Millions of Credit Card Applications Stolen in Capital One Breach
GeekWire: Seattle engineer arrested for Capital One hack that affected 100M people

@zackwhittaker: Wow. Capital One discloses massive data breach: 100M in US, 6M in Canada. One person in FBI custody. Credit files, applications, the lot. Hard to see this as anything other than Equifax 2.0. (link:…
@briankrebs: Nice write up. Yes, this appears to be her resume. Worked at Amazon 2015-2016
@cnbcnow: BREAKING: Capital One says data breach has “affected approximately 100M individuals in the United States & approximately 6M in Canada” but “no credit card account numbers or log-in credentials were“ taken and “99% of Social Security numbers” weren’t stolen
@gregotto: According to the FBI, a firewall misconfiguration was partly responsible for allowing Thompson to access the Capital One cloud storage
@yoda: what kind of wordsmith fuckery is this???
@RepKatiePorter: One week *to the day* after Equifax announced its settlement terms. It’s clear corporations won’t clean up their acts on their own. We need to create an enforceable federal data privacy standard, so I’m drafting that bill.
@zackwhittaker: Incredible. Capital One's data breach site is titled "Facts."And yet it also pulls this bullshit by saying that no Social Security numbers were breached... except for all the Social Security numbers that were breached.Fuck you, Capital One.
@Wired: On Monday, the FBI and Capital One disclosed a data breach of 106 million credit card applications, one of the biggest breaches of a major financial institution ever.And now someone has been arrested in connection with the crime:
@BleepingComputer: The suspect allegedly posted about her accessing of Capital One's data on GitHub. A security researcher saw her post and contacted Capital One.
@kimzetter: This Capital One breach definitely has more going on to it than the headlines suggest. Perhaps not a coordinated vuln disclosure gone wrong ?but something is def weird about it - she used Tor to access the data but then publicly posted the data to an account with her name?
@dnvolz: The arrested suspect behind the hack, Paige Thompson, is a former employee of Amazon Web Services, according to people familiar with the matter. She is accused of breaching a misconfigured Capitol One firewall to access data stored in AWS. via @nicole_hong
@BleepingComputer: This breach was discovered by a security researcher who responsibly disclosed a vulnerability to Capital One. After investigating the vulnerability, Capital One discovered that an unauthorized user accessed their systems and data between March 22 and 23, 2019.
@McGrewSecurity: Located the Capital One hacker's twitter (also thanks to those that backchanneled on the topic). Clearly they were/are in a bad state mentally/emotionally. I've deleted the earlier tweets about her. I hope they find some peace.
@weldpond: The FBI said the suspect, Paige A. Thompson, was apprehended after she “made statements on social media for evidencing the fact that she has information of Capital One, and that she recognizes that she has acted illegally,”
@h0tdish: Insider/ex employee threats and those who willingly commit crimes, creating, selling malware or stealing info via exploit/breach ARE NOT hero's & anyone who frames it that way has to explain why they're not currently launching a legal $ raiser for her but did for other criminals.
@hacks4pancakes: I feel a great disturbance in the Force, like dozens of Capital One cybersecurity analysts who were screaming futilely for into the wind for years were suddenly silenced.
@RayRedacted: I have removed all of my OSINT posts about the Capital One hacker, because it is clear that she is suffering from mental illness.Mental illness does not discriminate. It can affect anyone. I truly hope she gets the help she needs.
@catcalvinla: At this point, I’m getting like two breach notices a day. Who DOESN’T have my info?
@malwarejake: Takeaways from #CapitalOne: 1. Having a disclosure program may have saved them. I'm FAR less likely to report to an org that lacks a disclosure policy. (link:…
@somanyshrimp: Losing your personal information in a massive data breach is just a thing that happens now, like 110 degree days and regular mass shootings
@TorresLuzardo: I'm trying to come up with an analogy but there's really no topping this.No SSNs were stolen except 140,000 of them.

September 18, 2019
Zack Whittaker / TechCrunch

Zack Whittaker / TechCrunch  
Documents Discovered on Nokia Network Employee’s Unprotected Drive Offer Details on Russia’s ‘Lawful Intercept’ Phone and Internet Capabilities

Documents found on an unprotected backup drive owned by an employee of Nokia Networks offer new insight into the scope and scale of the Russian surveillance system known as SORM (Russian: COPM) and how Russian authorities gain access to the calls, messages, and data of customers of the country’s largest phone provider, Mobile TeleSystems (MTS), Chris Vickery, director of cyber risk research at security firm UpGuard, discovered. The documents, nearly two terabytes in size, reveal Nokia’s involvement in providing “lawful intercept” capabilities to phone and internet providers, which Russia mandates by law. They also spell out how, between 2016 and 2017, Nokia planned and proposed changes to MTS’s network as part of the telecom giant’s “modernization” effort. The documents discovered by Vickery include several floor plans, photos and network diagrams for the local phone exchanges. One set of documents show how “modernized” SORM capabilities on MTS’s network also allow the government access to the telecom’s home location register (HLR) database, which contains records on each subscriber allowed to use the cell network, including their international mobile subscriber identity (IMSI) and SIM card details. Vickery informed Nokia of the exposure and the company closed the hole four days later.

Related: Upguard, TechradarGizmodo, Boing Boing

Tweets:@profcarroll @vickerysec @zackwhittaker @zackwhittaker

September 19, 2019
Katyanna Quach / The Register

Katyanna Quach / The Register  
Raising Concerns About Human Rights, UK MPs Across Parties Call for Police to Immediately Stop Live Facial Recognition Surveillance

Fourteen MPs in the UK across parties have called for an immediate “stop” to live facial recognition surveillance by the police and in public places in a joint statement that expresses “serious concerns about its incompatibility with human rights.” Their objections are also backed by 25 rights and technology groups including Big Brother Watch, Amnesty International and the Ada Lovelace Institute. The Metropolitan Police has used facial recognition surveillance 10 times across London since 2016, including twice at London’s Notting Hill Carnival. The development occurs a day after British police officials cast doubt on the use of predictive policing algorithms, calling them imprecise and biased.