• Credential stuffing attack: What is it and how to stay protected?
    Credential stuffing attack: What is it and how to stay protected? Credentials stuffing attack is a type of cyber attack where attackers use usernames-passwords combinations leaked at other sites to gain illegal access on user accounts. Attackers attempt to use the stolen set of credentials against multiple websites in order to compromise and take full control of user accounts.Read More
  • FlawedAmmyy: A close look at the notorious activities and capabilities of the RAT
    FlawedAmmyy: A close look at the notorious activities and capabilities of the RAT. FlawedAmmyy derives its source code from version 3 of the Ammyy Admin remote desktop software. The malware has been active since the beginning of 2016.Read More
  • More than 100,000 GitHub repos exposed API tokens and cryptographic keys
    More than 100,000 GitHub repos exposed API tokens and cryptographic keys as per recent findings. A research study revealed that many GitHub repos were leaking sensitive information on a daily basis. The research team scanned over a billion GitHub files for a period of six months last year.Read More
  • ZOLL notifies over two hundred thousand patients of data exposure
    ZOLL notified over two hundred thousand patients of data exposure. The medical device manufacturing company allegedly witnessed this incident sometime between November and December 2018. It was discovered that a server migration from a third-party service provider led to the exposure of data.Read More
  • Facebook admits to storing hundreds of millions of user passwords in plain text
    Facebook admitted to storing hundreds of millions of user passwords in plain text. The social media giant has revealed that a large number of user passwords were stored in a ‘readable format’ in its internal systems. Most of the passwords found belonged to users of Facebook Lite -- a smaller version of the Facebook app meant for low data usage.Read More
  • Android devices running KitKat or later versions affected by a major security bug
    Android devices running KitKat or later versions are affected by a major security bug. This critical vulnerability existed in the WebView component of Android. It is reportedly fixed in Google Chrome version 72 app for Android devices.Read More
  • NSA’s Ghidra already found to be plagued by a security vulnerability
    NSA’s Ghidra already found to be plagued with a security vulnerability. The reverse engineering tool was released by NSA this month as open-source software. The vulnerability found in Ghidra could be exploited with a remote code execution attack.Read More
  • Ex-employee spills the beans on Uber using spyware to outrun rival in Australia
    Ex-employee spilled the beans on Uber using spyware to outrun rival in Australia. The spyware enabled the ridesharing company to track its competitor’s cars and capture information such as driver’s name, car details among others. Uber deployed the spyware against an Australian taxi service company known as GoCatch.Read More
  • Researchers find 36 new security flaws in LTE protocol
    A group of academics from South Korea have identified 36 new vulnerabilities in the Long-Term Evolution (LTE) standard used by thousands of mobile networks and hundreds of millions of users across the world. They were discovered by a four-person research team from the Korea Advanced Institute of Science and Technology Constitution (KAIST), and documented in a research paper they intend to present at the IEEE Symposium on Security and Privacy in late May 2019. Several academic groups have identified similar vulnerabilities in LTE over the past years on numerous occasions --July 2018, June 2018, March 2018, June 2017, July 2016, October 2015 (paper authored by another KAIST team). The Korean researchers said they found 51 LTE vulnerabilities, of which 36 are new, and 15 have been first identified by other research groups in the past. According to the KAIST paper, seen by ZDNet prior to the IEEE presentation, researchers built a semi-automated testing tool named LTEFuzz, which they used to craft malicious connections to a mobile network, and then analyze the network's response.Read More
  • Pwn2Own 2019: Researchers Win Tesla After Hacking Its Browser
    A team of researchers has earned $35,000 and a Tesla Model 3 after hacking the vehicle’s web browser at the Pwn2Own 2019 competition that took place this week in Vancouver, Canada. The third day of the event was dedicated to automotive hacking. Amat Cama and Richard Zhu of team Fluoroacetate, who were the only ones to take a crack at hacking a Tesla, managed to display a message on the car’s web browser by exploiting a just-in-time (JIT) bug in the renderer component. The duo earned $35,000 for their exploit, along with the Tesla they hacked. Other participants hacked Firefox, Edge, Safari and Oracle VirtualBox. Related: iPhone X Exploits Earn Hackers Over $100,000Read More
  • Kanopy Data Breach Reveal Movies Members Have Been Streaming
    Free movie streaming site Kanopy has suffered a significant data leak, according to security researcher Justin Paine. Due to an unprotected web log database, which could be publicly accessed without authentication of any kind, Paine believes that the company has been leaking “roughly 26-40 million log lines per day beginning March 7th.” Though Kanopy has now fixed the problem, the exposed data contained a great deal of information about the people who use the service to stream content. It’s unclear if the leaked data has been put to any malicious use, but Paine thinks the possibility exists: “Depending on the videos being watched — that potentially could be embarrassing information.” Similar types of leaks have been occurring at a steady pace recently. The Kanopy leak, while not quite as serious given what was exposed, should nonetheless serve as a reminder to any company that stores potentially sensitive personal info — even something as seemingly harmless as an IP address — that this data must be sufficiently protected from prying eyes.Read More
  • This Spyware Data Leak Is So Bad We Can't Even Tell You About It
    A company that sells consumer-grade software that lets customers spy on other people’s calls, messages, and anything they do on their cell phones left more than 95,000 images and more than 25,000 audio recordings on a database exposed and publicly accessible to anyone on the internet. This breach is just the latest in a seemingly endless series of exposures or leaks of incredibly sensitive data collected by companies that promise to provide services for parents to keep children safe, monitor employees, or spy on spouses. In the last two years, there have been 12 stalkerware companies that have either been breached or left data exposed online: Retina-X (twice), FlexiSpy, Mobistealth, Spy Master Pro, SpyHuman, Spyfone, TheTruthSpy, Family Orbit, mSpy, Copy9, and Xnore. Because the leaked data violates the privacy of hundreds if not thousands of people, and because that data is still very easy for anyone to find and access, even naming the company publicly could lead bad actors to it.Read More
  • Ransomware Forces Two Chemical Companies to Order ‘Hundreds of New Computers’
    Based on the ransom message, the ransomware that hit Hexion and Momentive appears to be LockerGoga, the same ransomware that forced an aluminum manufacturing giant Norsk Hydro to shut down its worldwide network this week. Motherboard cross-referenced the ransom message associated with the Momentive attack to known LockerGoga attacks, and found that the language and formatting were identical. Boss’s email said that the data on any computers that were hit with the ransomware is probably lost, and that the company has ordered "hundreds of new computers.” Boss's email indicates that the ransomware first hit the company last week, and explains what the company is doing to recover. Motherboard sent an email to a known Momentive email address that uses the old domain, momentive.com, but it bounced back. The leaked email also notes that as more people who email the company receive the same error message that Motherboard saw, the more likely employees are to be contacted by third parties looking to more information.Read More
  • Analysis: Drone tech creates new type of blended threat
    But it is here that drone technology links to cybertech: Hacked drones can bypass safety systems. Off-the-shelf drones are being fitted with geofencing software, so that owners cannot fly them over airports or other restricted areas. Rogue operators could, of course, build a drone themselves without any geofencing hardware or software. “There are now regulatory controls, in some regions, to force drone operators to use geofencing systems,” Dale said. This makes the data link between the operator and drone user hard to detect, and even harder to disrupt. For now, the best defense against drones – for law enforcement and corporate security teams – remains to find and deter rogue drone operators.Read More
  • Security Of Enterprise Wireless Networks
    While numerous reviews like this may indicate that virtual private networks can protect you against all threats, getting on top of enterprise network security is much more difficult. Multiple Systems Dealing with enterprise network security means securing multiple related and connected systems, mainframes, and devices. Security Protocols However, there are a variety of techniques available to help secure enterprise networks. Strong passwords combined with multiple layers of security and authentication will simply make your network way more secure. Secure Protocols Another layer of security that you can consider is a bit of a mouthful…namely, Extensible Authentication Protocol-Transport Layer Security! By following these tips, you will safeguard your enterprise network, and maintain a high level of security for your business at all times.David Balaban is a computer security researcher with over 10 years of experience in malware analysis and antivirus software evaluation.Read More
  • Researchers Raise Privacy Alarm Over Medicine Apps
    Researchers have raised serious privacy concerns over the use of medical apps in the Google Play store after noting that the majority share user data with third parties. The paper found that 79% of those apps studied shared user data with 55 unique entities. Nearly two-thirds of these (67%) “related to the collection and analysis of user data, including analytics or advertising, suggesting heightened privacy risks.” Clinicians should be conscious of privacy risks in their own use of apps and, when recommending apps, explain the potential for loss of privacy as part of informed consent,” it concluded. Developers should disclose all data sharing practices and allow users to choose precisely what data are shared and with whom.” “Although it is well known and documented that apps use customers’ data as a currency, it is particularly troubling when that data includes sensitive information such as medical records and health metrics,” he added.Read More
  • Two Found Guilty in Online Dating, BEC Scheme
    Two Found Guilty in Online Dating, BEC Scheme Cybercriminals involved in the operation created fake online dating profiles and tricked victims into sending money to phony bank accounts. Two men have been found guilty for their roles in a fraud operation in which cybercriminals spoofed emails, built fake online dating profiles, and fooled victims into sending them money. Nigerian citizen Olufolajimi Abegunde and Mexican citizen Javier Luis Ramos-Alonso were both part of a cybercriminal organization that manipulated people into sending money to bogus bank accounts under the group's control, the Department of Justice reports. Using the cybercriminal network, Abegunde and Ramos-Alonso laundered fraud funds from an July 2016 business email compromise (BEC) scam of a real-estate business based in Tennessee, followed by an October 2016 BEC scam on a Washington-based land title company. He consistently sent her money using a network of people based in Africa and the US, and evidence showed the woman was a front for people linked to the money-laundering scheme.Read More
  • New Jersey bill would broaden PII requiring breach notification
    If signed into law, a bipartisan bill sent by New Jersey legislators to Gov. Phil Murphy would expand data breach notification in the state, requiring companies to alert citizens to breaches of a wider range of personal identifiable information (PII), including user names, passwords, email addresses and security questions. “When a data breach occurs and sensitive or confidential protected data is accessed or disclosed without authorization, we have a right to know,” Sen. “This bill’s notification requirement puts consumers on alert to monitor for potential identity theft and helps them to quickly change online account information and prevent outside access to the account.  This bill will bolster consumers’ rights to privacy and protection and instill a greater sense of security.” Bill S-52 is one of a handful of initiatives that New Jersey lawmakers have proposed to bolster security and privacy. The legislature is also expected to mull A-3541, which will would require companies to alert customers to a breach within five days of discovering it.Read More