Top 10 Stories

While it holds your files hostage, the newly discovered ransomware FireCrypt also directs your computer to perform a poor man's distributed denial of service (DDoS) attack by continuously connecting to a specifically targeted URL and repeatedly downloading junk content into a temporary folder. The presently targeted URL, which is hardcoded into FireCrypt's source code, belongs to the Pakistan Telecommunication Authority. However, it is unlikely that the ransomware is causing the agency's website much disruption: "The crook would have...

A Welsh language music online streaming service has been hacked with demands a ransom is paid to unlock software and return the service. Apton was officially launched before Christmas offering music specifically from Welsh record labels. But its website and app services are down, with some registered users told a ransom of about £200 in the digital currency Bitcoin must be paid. One of the companies behind Apton said 1,300 customers' details are safe. View...

The Democratic National Committee reportedly “did not allow” the Federal Bureau of Investigation to examine its hacked computer servers before the intelligence agency issued a report blaming Russia as the culprit. “The FBI repeatedly stressed to DNC officials the necessity of obtaining direct access to servers and data, only to be rebuffed until well after the initial compromise had been mitigated,” Buzzfeed reported an FBI statement. “This left the FBI no choice but to rely upon a third party for...

The New Hampshire Department of Health and Human Services announced on Dec. 27 that it has been a victim of a data breach that commenced in Oct. 2015. DHHS is the state’s largest agency and covers welfare benefits, Medicaid, child protective services and other services. This data breach resulted in 15,000 personal records of DHHS clients being posted on Facebook, including names, addresses, Social Security numbers and Medicaid identification numbers. The sensitive information was removed...

A variant of the Petya ransomware dubbed GoldenEye is targeting human resources (HR) with fake job applications infected with malware. GoldenEye has been around for some time, but security firm Check Point notes that it has recently turned its attention to HR staffers that frequently open emails from unknown sources. The campaign, which is targeting HR employees in Germany, lures victims in with a legitimate looking job application. There are two files attached to the email: a PDF...

The Thai army is reportedly planning to recruit civilian "cyber warriors" in efforts to boost the government's ability to respond to cyber threats. Civilian experts are slated to be employed to assist the government in combating cybercrime, as well as help the government improve its systems, according to reports. Thai army commander-in-chief Chalermchai Sittisat said: "We don't have enough personnel withexpertise in cyber security. Therefore, we need to recruit civilians for our centre, who can manage...

The founder of whistleblowing website WikiLeaks has said that even a teenager would have had the technical skills needed to break into the personal email inbox of John Podesta, a close aide to Hillary Clinton who was recently targeted by hackers with suspected links to Russia. "We published several emails which show Podesta responding to a phishing email," Assange said in an interview with Fox News presenter Sean Hannity, published on Tuesday (3 January 2017). "Podesta gave out that his password was the word 'password'. "His own staff...

A hacker is claiming to have breached the FBI's content management system, dumping email addresses and SHA1 encrypted passwords with salts online. The hacker using the handle (@cyberzeist) claims to have breached the Plone CMS using a zero day flaw allegedly for sale on an unnamed dark web site. The Register has contacted the FBI to confirm the allegations. It was not immediately available for comment, however an operative was aware of the claimed incident. Cyberzeist...

We've seen some pretty dastardly ransomware pop up over the past couple of years. Popcorn Time decrypts your files for free if you pass the infection on to your friends. Jigsaw deletes some of your files every hour until you pay up. The Koolova ransomware put a whole new spin on things. Like Popcorn Time it will restore your encrypted files free of charge. The difference is that you don't have to do anything illegal -- or...

Savers who use social media to complain to their banks about technical glitches are having their details snatched by crooks. Criminals are lurking online waiting for banks to suffer technical problems so they can dupe unwitting customers into handing over information. The crooks set up fake Twitter accounts that mimic genuine ones belonging to the bank. Customers are told to click a link, which sends them to a website that looks similar to the bank’s....