* Posts by Captain Badmouth

645 publicly visible posts • joined 1 Aug 2015

Page:

Coinbase extorted for $20M. Support staff bribed. Customers scammed. One hell of a SNAFU

Captain Badmouth
Headmaster

“Most” unique?

FFS!

Here's what we know about the DragonForce ransomware that hit Marks & Spencer

Captain Badmouth

Link to Steve K comment 3 days ago:

https://forums.theregister.com/forum/all/2025/05/13/ms_confirms_customer_data_stolen/

Captain Badmouth
Pint

Steve K take a bow

Your joke “this is not just a breach, it’s an M&S breach” has made it as a cartoon in the current issue of private eye.

Albeit with “breach” replaced with “cyber attack”.

Perhaps you should approach them for a reward for original idea?

Have a Register cyber award ———>>>>>

Infosec pros tell Trump to quit bullying Chris Krebs – it's undermining security

Captain Badmouth
Big Brother

Re: Easy to tell who the fascists are

Yes, recommended viewing is this film :

https://en.wikipedia.org/wiki/The_Death_of_Stalin

If you like black comedy.

As CISA braces for more cuts, threat intel sharing takes a hit

Captain Badmouth

Re: Don’t worry

Yes, right now vlad’s boys are tightening the security on all those wide open American utilities now that Donny has pulled the rug.

In future there will be no chance of them being hacked and shut down by anybody but Russia.

Well, that takes care of China, anyway, er…

Signalgate solved? Report claims journalist’s phone number accidentally saved under name of Trump official

Captain Badmouth

Who needs kompromat on the orange arsehole when he’s appointed a team of morons?

Signalgate: Pentagon watchdog probes Defense Sec Hegseth

Captain Badmouth

Why are they using signal?

Indeed.

Ex-CIA man Kevin Carroll gives us his take on this troubled topic here :

https://www.theguardian.com/commentisfree/2025/apr/05/why-trump-administration-used-signal-hegseth-gabbard

Signalgate storm intensifies as journalist releases full secret Houthi airstrike chat

Captain Badmouth

Clown jewel?

Surely the clown jewel is the transmission of live operational data over a channel they had been advised was insecure?

A bunch of juvenile yahoos playing “masters of the universe” on their “personal?” devices.

Captain Badmouth

So many ciphers…

18 (or was it 19) ciphers on the cipher chat, another cipher in the white house.

Ciphers everywhere yet so insecure.

The more we hear that they seem to be using signal on govt. phones, the more we wonder how much Putin is hearing.

This lot are dangerous in increasing ways, it needs the GOP to grow a pair - and divert the Potomac through the shite house.

Top Trump officials text secret Yemen airstrike plans to journo in Signal SNAFU

Captain Badmouth

Tulsi Gabbard currently insisting no classified material was shared on the signal chat.

The tango twat says that Waltz has “learned a lesson”.

Oh dear, where have we heard that before.

Get off that old Firefox by Friday or you'll be sorry, says Moz

Captain Badmouth

Which mac os are you running?

Esr 115.18.0 supports win7 and mac os 10.12 - 10.14

https://www.mozilla.org/en-US/firefox/115.18.0/releasenotes/

Rhysida pwns two US healthcare orgs, extracts over 300K patients' data

Captain Badmouth
Windows

I’m pissed off with these people saying they take their customer’s data and security very seriously.

Grow a pair and tell the truth : “Actually we couldn’t give a flying fuck”.

Refreshing, or what?

Icon : CEO of company in question after court case, in ideal world.

Tech support chap showed boss how to use a browser for a year – he still didn't get it

Captain Badmouth

Re: Screen savers

I prefer telling them to left-click to highlight and then press “enter”.

Captain Badmouth
Flame

Re: "learnt many things about how not to run a company"

You are Marius van der Lubbe and I claim my 5 guilder.

Kids' shoemaker Start-Rite trips over security again, spilling customer card info

Captain Badmouth

I made apoint of complaining to one that my daughter was trying to buy from.

The reply was that the scripts didn’t matter as all the data was being entered into an iframe.

Anyone find this re-assuring?

Captain Badmouth

Re: Squished

Clarkes had loads of fluoroscopes in their uk shops in the 1950’s.

Pity the poor shop assistants who had to operate the things.

Mind your header! There's nothing refreshing about phishers' latest tactic

Captain Badmouth

Oh Dear…

https://securityheaders.com/?q=https%3A%2F%2Fwww.theregister.com%2Fsecurity%2F&followRedirects=on

Two cuffed over suspected smishing campaign using 'text message blaster'

Captain Badmouth

Re: a bank or another official authority will ask you to share personal information

Phoning a friend instead of your bank is , certainly, one way to make sure the line is "free".

But how long before they develop a MITM telephone exchange complete with dial tone so

they can forward your "phone a friend" call and still retain control to answer your bank phone call.

Best use a different phone for that if this happens to you.

NFTs not annoying enough? Now they come with wallet-emptying malware

Captain Badmouth
Devil

Re: Idiots

A boris?

Brewdog might make an OK pint but its security sucks: Flaw opened door to free beers for anyone

Captain Badmouth
Happy

I mean, my mum doesn't even know what Flash is

Not even for the kitchen floor?

US House Rep on cyber committees tweets Gmail password, PIN in Capitol riot lawsuit outrage

Captain Badmouth
Devil

Re: Excellent

Ahem.

Boris Johnson

Chris Failing-Grayling

Dildo Hardon

etc.

You English are doomed.

US declares emergency after ransomware shuts oil pipeline that pumps 100 million gallons a day

Captain Badmouth
WTF?

Re: Been there, done that...

I didn't think they'd be compromising their own oil company.

Captain Badmouth
Holmes

Been there, done that...

Meanwhile, the Russian/ Chinese/ Iranian/ N Korean (delete as/if necessary) state-employed Black Hats are spitting blood waiting to see if their little compromise software, sitting quietly in a dark corner of a server somewhere, will be uncovered by the security measures introduced following this mal(ware)arkey.

Voyager 2 receives and executes first command in 11 months as sole antenna that reaches it returns to work

Captain Badmouth
FAIL

Re: It's a different world

Like the TSR2 before it...

The curse of knowing a bit about IT: 'Could you just...?' and 'No I haven't changed anything'

Captain Badmouth
Pint

Re: XP and network discovery?

@Steve Davies 3

+1 for the Mary Hopkin reference.

Anyone else read "12BoC" as 120BC?

Some days it feels like it...

I need a drink.

Trump fires cybersecurity boss Chris Krebs for doing his job: Securing the election and telling the truth about it

Captain Badmouth
Happy

Reply Icon

I was quite disappointed to find out there is no red button - it is actually a biscuit that allows the President to lunch....

fixed.

What a Hancock-up: Excel spreadsheet blunder blamed after England under-reports 16,000 COVID-19 cases

Captain Badmouth
Pirate

Re: Ouch

The lack of adequate funding probably explains the old software in use. Another manufactured "failure" of the NHS and an excuse to hand out contracts in it's ongoing privatisation.

Privateers everywhere.

Proposed US fix for Boeing 737 Max software woes does not address Ethiopian crash scenario, UK pilot union warns

Captain Badmouth

Reply Icon

Welcome aboard the all-new Boeing Windscale.

Fixed, name changing not allowed.

Microsoft leaks 6.5TB in Bing search data via unsecured Elastic server. *Insert 'Wow... that much?' joke here*

Captain Badmouth

Re: I was unaware

Dido Harding hung around their offices some time back.

Fixed.

It has been 15 years, and we're still reporting homograph attacks – web domains that stealthily use non-Latin characters to appear legit

Captain Badmouth
Headmaster

Re: A þorny problem, to be sure

Oh, R0n...

Cyber-security super-brain Rudy Giuliani forgets password, bricks iPhone, begs Apple Store staff for help

Captain Badmouth
FAIL

Website scores

I see his website scores a "T" due to certificate mismatch here:

https://www.ssllabs.com/ssltest/analyze.html?d=www.giulianisecurity.com

and, as you may have guessed, an "F" here:

https://securityheaders.com/?q=www.giulianisecurity.com&followRedirects=on

Laughed? I almost opened that attachment...

Dixons hits back at McAfee's £30m antivirus sueball: Your AV didn't work on Windows 10S

Captain Badmouth
Windows

Crap retailer sells crap o/s with crap antivirus that doesn't work.

Who new?

It's enough to drive one to drink.

Here's to you: UK.gov praises Reg-reading techies for keeping on top of cybersecurity

Captain Badmouth
Big Brother

Re: Let's ponder on Long AI Marches

"Have you found them to be refreshingly proactive, Olaf, and could this relatively anonymous communication channel be one of their creation and iteration?

You know, NCSC doing some Deep and Dark See Phishing for Blighty in the Almighty Strange Waters of a Cutting Edge Publication Hosting here. ..... for those more than just interested in taking and making a Walk on the Wild Side?"

Don't go solving the crypto-puzzle or, if you do, don't go phoning the no. given for the prize of 2 yrs. subscription to the magazine of your choice...

Mystery of the Chinese woman who allegedly tried to sneak into Trump's Mar-a-Lago with a USB stick of malware

Captain Badmouth
Thumb Up

Re: 5 years ...

"a restricted area" - whatever one of those is defined to be.

The hamberder stall, innit?

TP-Link 'smart' router proves to be anything but smart – just like its maker: Zero-day vuln dropped after silence

Captain Badmouth
Devil

Re: Nearshore?

Quite, although TP-Link seem to recommend DD-WRT.

But, no warranty!

"To Use Third Party Firmware In TP-Link Products

Some official firmware of TP-Link products can be replaced by the third party firmware such as DD-WRT. TP-Link is not obligated to provide any maintenance or support for it, and does not guarantee the performance and stability of third party firmware. Damage to the product as a result of using third party firmware will void the product's warranty."

Huawei savaged by Brit code review board over pisspoor dev practices

Captain Badmouth
Happy

Re: Real point here

"Surly they'd give it the stamp of approval"

I'm sure they'd be quite nice about it, actually...

Data breach rumours abound as UK Labour Party locks down access to member databases

Captain Badmouth

He's got a copy of the electoral register so he probably thought he was being polite. By register I mean the complete register, not just the "public" register available to anyone - at least that used to be the case. Not sure how current data regulations have changed that.

Use an 8-char Windows NTLM password? Don't. Every single one can be cracked in under 2.5hrs

Captain Badmouth
Paris Hilton

I suggest

supercallousflagellisticexpertcunnilingus

Ticketmaster tells customer it's not at fault for site's Magecart malware pwnage

Captain Badmouth
Happy

Re: I guess this is lawyer talk for..

"All because whoever is coding their site, isn't checking the legitness (is that a word?) of the code they are embedding."

Legitimacy. hth.

Captain Badmouth
Happy

Re: Just out of curiosity

Also:

https://www.theregister.co.uk/2018/09/12/feedify_magecart_javascript_library_hacked/

Captain Badmouth
Thumb Up

Re: Offsite scripts GAH!

Sorry for that, we'll understand in future.

Captain Badmouth
Happy

Re: Just out of curiosity

The page you are looking for :

https://www.theregister.co.uk/2018/09/11/british_airways_website_scripts/

Captain Badmouth
Headmaster

Re: Offsite scripts GAH!

"F.F.S. people if its an even vaguely secure area no script that you have not copied locally and validated does what you think it does goes in, is this so hard to understand."

Without proper punctuation, yes.

Worrying Windows 10 wrecking-ball weapon weirdly wanders wildly on worldwide web

Captain Badmouth
FAIL

"It can be exploited by a malicious logged-in user or malware on an already infected computer to arbitrarily delete or tamper with anything from application .dll files to critical system components."

The silly man has just discovered the latest windows update.

Sealed with an XSS: IT pros urge Lloyds Group to avoid web cross talk

Captain Badmouth
WTF?

Re: Multi-layered security controls across our systems

"I got a similar answer from EDF when I asked them why I needed to disable 'Auto remove overlays', 'uBlock Origin' and Safescript in order to access the site."

With noscript you have to enable google.com and gstatic.com and sometimes an amazonaws script in addition to the edf script in order to log in. The google and gstatic scripts seem to be there for supplying the captctha. The amazonaws is not always present but if it is you have to enable it. I've complained about this excessive use of 3rd party stuff but they seem not to understand, their ssl labs rating was a B until I told them about it, they've since improved it.

The Reg takes the US government's insider threat training course

Captain Badmouth
Devil

Trusted individuals

"You might also be a person who tends to underestimate the value of the information being sought or given."

In which case you should be put on the white house, er, white list I mean.

No, black list, black list...hide that piece of paper...

When is a patch not a patch? When it's for this McAfee password bug

Captain Badmouth

Re: I always refer to it as.........

McCRAPAFee.

In which case you should use the trouser extension...

Page: