• Credential stuffing attack: What is it and how to stay protected?
    Credential stuffing attack: What is it and how to stay protected? Credentials stuffing attack is a type of cyber attack where attackers use usernames-passwords combinations leaked at other sites to gain illegal access on user accounts. Attackers attempt to use the stolen set of credentials against multiple websites in order to compromise and take full control of user accounts.Read More
  • FlawedAmmyy: A close look at the notorious activities and capabilities of the RAT
    FlawedAmmyy: A close look at the notorious activities and capabilities of the RAT. FlawedAmmyy derives its source code from version 3 of the Ammyy Admin remote desktop software. The malware has been active since the beginning of 2016.Read More
  • Researchers find 36 new security flaws in LTE protocol
    A group of academics from South Korea have identified 36 new vulnerabilities in the Long-Term Evolution (LTE) standard used by thousands of mobile networks and hundreds of millions of users across the world. They were discovered by a four-person research team from the Korea Advanced Institute of Science and Technology Constitution (KAIST), and documented in a research paper they intend to present at the IEEE Symposium on Security and Privacy in late May 2019. Several academic groups have identified similar vulnerabilities in LTE over the past years on numerous occasions --July 2018, June 2018, March 2018, June 2017, July 2016, October 2015 (paper authored by another KAIST team). The Korean researchers said they found 51 LTE vulnerabilities, of which 36 are new, and 15 have been first identified by other research groups in the past. According to the KAIST paper, seen by ZDNet prior to the IEEE presentation, researchers built a semi-automated testing tool named LTEFuzz, which they used to craft malicious connections to a mobile network, and then analyze the network's response.Read More
  • Pwn2Own 2019: Researchers Win Tesla After Hacking Its Browser
    A team of researchers has earned $35,000 and a Tesla Model 3 after hacking the vehicle’s web browser at the Pwn2Own 2019 competition that took place this week in Vancouver, Canada. The third day of the event was dedicated to automotive hacking. Amat Cama and Richard Zhu of team Fluoroacetate, who were the only ones to take a crack at hacking a Tesla, managed to display a message on the car’s web browser by exploiting a just-in-time (JIT) bug in the renderer component. The duo earned $35,000 for their exploit, along with the Tesla they hacked. Other participants hacked Firefox, Edge, Safari and Oracle VirtualBox. Related: iPhone X Exploits Earn Hackers Over $100,000Read More
  • Kanopy Data Breach Reveal Movies Members Have Been Streaming
    Free movie streaming site Kanopy has suffered a significant data leak, according to security researcher Justin Paine. Due to an unprotected web log database, which could be publicly accessed without authentication of any kind, Paine believes that the company has been leaking “roughly 26-40 million log lines per day beginning March 7th.” Though Kanopy has now fixed the problem, the exposed data contained a great deal of information about the people who use the service to stream content. It’s unclear if the leaked data has been put to any malicious use, but Paine thinks the possibility exists: “Depending on the videos being watched — that potentially could be embarrassing information.” Similar types of leaks have been occurring at a steady pace recently. The Kanopy leak, while not quite as serious given what was exposed, should nonetheless serve as a reminder to any company that stores potentially sensitive personal info — even something as seemingly harmless as an IP address — that this data must be sufficiently protected from prying eyes.Read More
  • This Spyware Data Leak Is So Bad We Can't Even Tell You About It
    A company that sells consumer-grade software that lets customers spy on other people’s calls, messages, and anything they do on their cell phones left more than 95,000 images and more than 25,000 audio recordings on a database exposed and publicly accessible to anyone on the internet. This breach is just the latest in a seemingly endless series of exposures or leaks of incredibly sensitive data collected by companies that promise to provide services for parents to keep children safe, monitor employees, or spy on spouses. In the last two years, there have been 12 stalkerware companies that have either been breached or left data exposed online: Retina-X (twice), FlexiSpy, Mobistealth, Spy Master Pro, SpyHuman, Spyfone, TheTruthSpy, Family Orbit, mSpy, Copy9, and Xnore. Because the leaked data violates the privacy of hundreds if not thousands of people, and because that data is still very easy for anyone to find and access, even naming the company publicly could lead bad actors to it.Read More
  • Ransomware Forces Two Chemical Companies to Order ‘Hundreds of New Computers’
    Based on the ransom message, the ransomware that hit Hexion and Momentive appears to be LockerGoga, the same ransomware that forced an aluminum manufacturing giant Norsk Hydro to shut down its worldwide network this week. Motherboard cross-referenced the ransom message associated with the Momentive attack to known LockerGoga attacks, and found that the language and formatting were identical. Boss’s email said that the data on any computers that were hit with the ransomware is probably lost, and that the company has ordered "hundreds of new computers.” Boss's email indicates that the ransomware first hit the company last week, and explains what the company is doing to recover. Motherboard sent an email to a known Momentive email address that uses the old domain, momentive.com, but it bounced back. The leaked email also notes that as more people who email the company receive the same error message that Motherboard saw, the more likely employees are to be contacted by third parties looking to more information.Read More
  • Analysis: Drone tech creates new type of blended threat
    But it is here that drone technology links to cybertech: Hacked drones can bypass safety systems. Off-the-shelf drones are being fitted with geofencing software, so that owners cannot fly them over airports or other restricted areas. Rogue operators could, of course, build a drone themselves without any geofencing hardware or software. “There are now regulatory controls, in some regions, to force drone operators to use geofencing systems,” Dale said. This makes the data link between the operator and drone user hard to detect, and even harder to disrupt. For now, the best defense against drones – for law enforcement and corporate security teams – remains to find and deter rogue drone operators.Read More
  • Security Of Enterprise Wireless Networks
    While numerous reviews like this may indicate that virtual private networks can protect you against all threats, getting on top of enterprise network security is much more difficult. Multiple Systems Dealing with enterprise network security means securing multiple related and connected systems, mainframes, and devices. Security Protocols However, there are a variety of techniques available to help secure enterprise networks. Strong passwords combined with multiple layers of security and authentication will simply make your network way more secure. Secure Protocols Another layer of security that you can consider is a bit of a mouthful…namely, Extensible Authentication Protocol-Transport Layer Security! By following these tips, you will safeguard your enterprise network, and maintain a high level of security for your business at all times.David Balaban is a computer security researcher with over 10 years of experience in malware analysis and antivirus software evaluation.Read More
  • Researchers Raise Privacy Alarm Over Medicine Apps
    Researchers have raised serious privacy concerns over the use of medical apps in the Google Play store after noting that the majority share user data with third parties. The paper found that 79% of those apps studied shared user data with 55 unique entities. Nearly two-thirds of these (67%) “related to the collection and analysis of user data, including analytics or advertising, suggesting heightened privacy risks.” Clinicians should be conscious of privacy risks in their own use of apps and, when recommending apps, explain the potential for loss of privacy as part of informed consent,” it concluded. Developers should disclose all data sharing practices and allow users to choose precisely what data are shared and with whom.” “Although it is well known and documented that apps use customers’ data as a currency, it is particularly troubling when that data includes sensitive information such as medical records and health metrics,” he added.Read More