Malicious websites that hacked into iPhones over 2-year period targeted Uyghur Muslims in China: Report

A number of malicious websites that were recently reported to have been secretly hacking into iPhones over a two-year period were in fact targeting Uyghur Muslims, Zack Whittaker of TechCrunch reports today. Read the rest

Compromised speakers can be forced to play tones so loud that the speakers start to melt

Security research Matt Wixey from PWC UK tried putting different kinds of consumer speakers -- noise canceling headphones, smart speakers, parametric speakers -- in an anechoic chamber after infecting them with malware that caused them to emit tones beyond those intended by the manufacturer. Read the rest

AT&T employees took over $1 million in bribes to plant malware and unlock millions of smartphones: DOJ

”AT&T employees took bribes to unlock millions of smartphones.”

An 14-year-old's Internet-of-Things worm is bricking shitty devices by the thousands

A hacker calling themself Light Leafon who claims to be a 14-year-old is responsible for a new IoT worm called Silex that targets any Unix-like system by attempting a login with default credentials; upon gaining access, the malware enumerates all mounted disks and writes to them from /dev/random until they are filled, then it deletes the devices' firewall rules and removes its network config and triggers a restart -- this effectively bricks the device, rendering it useless until someone performs the complex dance needed to download and reinstall the device's firmware. Read the rest

Thangrycat: a deadly Cisco vulnerability named after an emoji 😾😾😾

Thangrycat is a newly disclosed vulnerability in Cisco routers that allows attackers to subvert the router's trusted computing module, which allows malicious software to run undetectably and makes it virtually impossible to eliminate malware once it has been installed. Read the rest

Florida man convinces Western Union clerk to insert a thumb drive, steals $32K, does it again, gets caught

Vasile Savu is accused of walking into a Western Union in Hollywood, Florida and asking the clerk to print out his flight itinerary, a pretense he used to get the clerk to insert a thumb-drive loaded with malicious software into his computers, which allegedly allowed Savu to steal $32k from the business. Read the rest

Android malware uses accelerometer readings to figure out if it was running on a real phone or in emulation

Malware authors have a problem: they want their software to run aggressively when no one is looking at it, but to shut down entirely if the device it's running on is actually in some malware researcher's lab. Read the rest

Ships are just giant floating computers, filled with ransomware, BadUSB, and worms

A coalition of shipping industry associations has published The Guidelines on Cyber Security Onboard Ships, laying out best practices for the giant ships that ply the seas, and revealing that these behemoths are routinely infected with worms, ransomware, and malware spread by infected USB devices. Read the rest

Malware authors have figured out how to get Google to do "irreversible takedowns" of the sites they compete with

When a rightsholder complains to Google about a website infringing its copyright, Google will generally delist the site, but allow the site's owner to contest the removal through a process defined in Section 512 of the DMCA. Read the rest

Malware vector: become an admin on dormant, widely-used open source projects

Many open source projects attain a level of "maturity" where no one really needs any new features and there aren't a lot of new bugs being found, and the contributors to these projects dwindle, often to a single maintainer who is generally grateful for developers who take an interest in these older projects and offer to share the choresome, intermittent work of keeping the projects alive. Read the rest

Alex Jones blames "leftist stay-behind networks in US intelligence agencies" for malware on his site

Alex Jones, starved of attention since he was no-platformed by Big Tech, has launched a desperate bid for notoriety, releasing an unhinged (even by Jones's standards) statement blaming the credit-card skimming malware his online store was serving on "a zero-day hack probably carried out by leftist stay behind networks hiding inside US intelligence agencies" (he also blamed it on "big tech, the communist Chinese, and the Democratic party" "globalist forces, "the corporate press, Antifa and rogue intelligence operatives"). Read the rest

Wannacry ransomware cost the British National Health Service £92m ($121m)

The Wannacry ransomware epidemic was especially virulent, thanks to its core: a weaponized vulnerability in Windows that the NSA had discovered and deliberately kept a secret so that they could use it to attack their adversaries. Read the rest

Tweaks made to Android OS are causing massive security holes

Last month, I used up a good chunk of text talking about how much I’ve come to enjoy using Android-powered smartphones. Unfortunately, a story I ran across over at Wired has convinced me that, at least for the time being, spending significantly more time with my iPhone 6 Plus might be a good idea.

According to the report, for many Android users, it’s not necessary to download an altered .APK file from a shady torrenting website or click an email link that’ll fill your handset up with malware in order to compromise your smartphone’s security. Twenty-five different Android smartphone models, made by well-known manufacturers and available across North America, have been found to be full of security flaws and other exploitable nightmares baked into them. The most frustrating part of it all: none of the exploits detailed in the story would be there if the manufacturers had their shit together

From Wired:

The potential outcomes of the vulnerabilities range in severity, from being able to lock someone out of their device to gaining surreptitious access to its microphone and other functions. They all share one common trait, though: They didn’t have to be there.

Instead, they’re a byproduct of an open Android operating system that lets third-party companies modify code to their own liking. There’s nothing inherently wrong with that; it allows for differentiation, which gives people more choice. Google will release a vanilla version of Android Pie this fall, but it’ll eventually come in all kinds of flavors.

Those modifications lead to headaches, though, including the well-established problem of delays in shipping security updates.

Read the rest

New Vpnfilter analysis: modules attack router owners and target industrial control systems; reinfection still possible, more routers vulnerable

Vpnfilter is the malicious software that targets home routers, thought to be the work of Russian state-affiliated hacker group Fancy Bear, that raised alarm last month on the revelation that it had infected half a million home routers around the world. Read the rest

FBI says to reboot your router ASAP to avoid Russia malware VPNFilter

Have you tried turning it off and on again?

The FBI sent out an urgent bulletin advising anyone with a home or small office internet router to immediately turn it off and then turn it on again as a way to help stop the spread of a malware outbreak with origins in Russia. Read the rest

FBI sinkholes a key domain used by the malware that infected 500,000 home routers, declares partial victory and Russian attribution

VPNFilter is a virulent, sophisticated, multistage worm that has successfully infected 500,000 home routers, leaving them vulnerable to both surveillance (the malware snoops network traffic for passwords) and region-wide internet shutdowns (VPNFilter can brick the routers it infects, and an attacker could shut down most or all of the home/small business internet access in a region by triggering this). Read the rest

500,000 home routers have been infected with VPNFilter, malware that steals data and bricks devices

VPNFilter is a sophisticated, multi-stage malware package, part of the new breed of boot-persistent malware (software that can survive a reboot); it targets home routers and network-attached storage devices, then steals passwords and logins that traverse the network and exfiltrates it to the creators' servers. Read the rest

More posts