Routers are always an attractive target for hackers. They're always on and connected, often full of unpatched security vulnerabilities, and offer a convenient chokepoint for eavesdropping on all the data you pipe out to the internet.
A newly discovered nation-state cyber espionage campaign targeting Africa and the Middle East infects network routers in order to snare administrative credentials from its targets and then move freely throughout the network.
Infecting a router at a business or coffee shop, for instance, would then potentially give access to a broad range of users.
The flaw in 4G networks allows someone to make phone calls that appear to be from a number of their choice, which could be used by criminals to extract 4G customers' personal details to empty victims' bank accounts.
Using panic attack, attackers can create artificial chaos by broadcasting fake emergency messages about life-threatening attacks or riots to a large number of users in an area.
The mobile phone is the primary attack platform and mobile tracking is one of the fastest growing modes of spying worldwide.
Lots of tools that are used by companies to target ads on users could potentially be used also to spy on individuals, said Eva Galperin, director of cybersecurity at EFF, a digital rights organisation that helps activists and dissidents to protect their digital privacy.
Kali Linux, a very popular, free, and open-source Linux-based operating system widely used for hacking and penetration testing, is now natively available on Windows 10, without requiring dual boot or virtualization.
In Windows 10, Microsoft has provided a feature called "Windows Subsystem for Linux" (WSL) that allows users to run Linux applications directly on Windows. If this is your first time using Windows Subsystem for Linux (WSL), you need to enable this optional Windows feature before getting the Kali Linux app.
Follow these simple steps to enable WSL:
Now search for Kali Linux on Windows Store, download it with just a single click. Once you launch the application, it automatically completes Kali installation and will open the console window.
Putting a chip under your skin is not so very different from getting a piercing or tattoo - except there was often less blood.
At a trendy east London bar, a group of body hackers are putting forward their reasons for human augmentation to a packed audience of mainly under-35s, many of whom are sporting piercings and tattoos.
Bio-hacker Lepht Anonym has nine implants and strongly believes what she does will benefit humankind as well as her own curiosity.The magnets allow her to sense electromagnetic radiation so she can tell if a device is on or off, whether a microwave is running and identify where power lines are. All of which, she admits, is "not hugely useful".
She also has a chip under her skin that lets her interact with her phone and unlock doors. She hopes that the "primitive results" she has achieved can be used by other, more skilled people, to build something better.
Equifax Inc said on Thursday that it identified an additional 2.4 million U.S. consumers affected by last year's massive data breach, bringing the total number of people whose data was compromised to more than 147 million.
The new information is the latest blow to the industry giant, which lost three top executives — including its longtime CEO Rick Smith — in the fallout of the mega-breach that exposed private information belonging to 143 million people.
The data breach, which was discovered July 29, included sensitive information such as social security numbers, birthdays, addresses, and in some instances, driver's license numbers. Equifax said on Thursday it would contact the newly identified breach victims and offer them free identity theft protection and credit monitoring services.
Cellebrite may be using zero-day flaws in iOS to gain access to devices, which wouldn't be surprising—it's a commonly used trick. The concern for anyone with an iOS device would be the security of the exploits Cellebrite has discovered but not shared.
With Cellebrite claiming to be able to access the newest iPhones and iOS versions, it's safe to assume they've discovered new, unknown exploits. Previous leaks of government-level security tools have resulted in ransomware outbreaks like WannaCry, which means an attack on Cellebrite could lead to an iOS security incident on a level previously unseen.
If you have this software installed on your computer, it's time to download its latest version for windows as soon as possible.
World's most popular torrent download software µTorrent has been detected with multiple security flaws. If you have this software installed on your computer, it's time to download its latest version for windows as soon as possible.
The serious remote code execution vulnerability that lets attackers intrude into a user's computer is discovered by Google's security researcher Tavis Ormandy in both µTorrent classic version and the newly launched µTorrent Web version.
At least three fake social media accounts posing as young women have encouraged victims into downloading highly invasive Android malware.
Victims are sent a link to install what they're told is the Kik messaging platform in order to continue the conversation.
If the target goes through with the installation - which requires them to allow apps to be installed from unknown sources - they're provided with a very convincing copy of Kik, but one which is laced with commands for conducting espionage.
The malware contains a variety of modules for collecting information about the victim, including their contacts, photos, call logs and text messages, as well as information about the device including its geolocation - meaning the user can be physically tracked - number, network operator and model.
An easy-to-exploit security bug recently discovered in dating app,Tinder that left accounts and private chats exposed to hackers. A flaw in a Facebook-linked program called Account Kit let attackers access profiles armed with just a phone number.
Account Kit, implemented into Tinder, is used by developers to let users log in to a range of apps using mobile details or email addresses without a password.
But there was, until recently, a crack in this process that, according to Prakash, could let hackers compromise "access tokens" from users' cookies – small pieces of data on computers that remember browsing activity as people traverse the internet. The attacker could then exploit a bug in Tinder to use the token, which stores security details, and log in to the dating account with little fuss.
Ukraine-based hacking group, known as Coinhoarder, has been stealing cryptocurrency from Blockchain.ino users. blockchain.info is one of the most popular crypto wallet solution available and Coinhoarder has been manipulating this service to steal more than $50 million from its users.
The hackers bought ads that contained certain popular keywords related to cryptocurrency. After buying the ads, hackers could poison the victim’s search results and display the compromised ads when a user googled terms such as "bitcoin", "wallet", or "blockchain". The malicious ads would show up and mislead users into thinking that they were being redirected to a legitimate website of blockchain.info wallet services.
A CRYPTOCURRENCY vault aimed at protecting online currencies such as Bitcoin from hacking is about to be launched by a digital Canadian bank, it has been reported.
The digital nature of cryptocurrencies means that many traders are often vulnerable to being hit by an online attack.
Mr Taylor added: "Our differentiator in this market is to be secure and super private. The bank wouldn’t have any kind of back door to open up the vault, we’re just providing the facility that folks could put their digital keys in."
The official 2018 Winter Olympics website went down for several hours causing a disruption to ticket sales and downloads during the opening ceremony. Localized Wi-Fi networks surrounding the games in South Korea also became temporarily unavailable in the preceding hours.
Olympic Destroyer uses the increasingly common combination of a malicious payload and credential stealer with two legitimate software tools, including Window’s PsExec and WMI (Windows Management Instrumentation), to laterally move across an already compromised network in order to covertly delete files, like shadow backups, Boot Configuration Data (BCD) and event logs on infected machines. In other words, it wipes remote data located on mapped share folders; not local files.
Websites, including those belonging to the Information Commissioner's Office, Student Loans Company and Scottish NHS helpline, were infected with a malicious script.
While tracing it back to its source, a website plug-in called Browsealoud was found, which helps people with low vision, dyslexia and low literacy access the internet.
The cryptocurrency involved was Monero - a rival to Bitcoin that is created to make transactions in it "untraceable" back to the senders and recipients involved. Since the cryptocurrency's creation the value of one Bitcoin has soared from just 72p to £12,300.
McAfee recently uncovered Operation GoldDragon, a malware attack targeting organizations affiliated with the 2018 Winter Games. Further investigation by McAfee Advanced Threat Research analysts has uncovered the consequences for victims of malware implant GoldDragon include attackers' accessing end-user systems and collecting data stored on the device and connected cloud accounts.
Potential risks include: attacker's access to customer and employee financial or personal data, Winter Games related details, trade secrets, and more.
McAfee anticipates an increase in Winter Games cyber attacks using spear phishing techniques and cautions fans to be aware of suspicious links that attempt to lure victims into malicious content.
The Indian Railways has asked the Ministry of Electronics and Information Technology to block 19 websites over concerns of misuse of software on its catering and tourism portal for tatkal booking.
The 19 websites included myrailinfo.in, www.tatkalaap.com and www.tatkalsoftservice.com, according to a statement.
Samsung and Roku smart TVs are vulnerable to hackers and "raise privacy concerns by collecting very detailed information on their users."
A relatively unsophisticated hacker could change channels, play offensive content or crank up the volume, which might be deeply unsettling to someone who didn't understand what was happening," Consumer Reports said. "This could be done over the web, from thousands of miles away."
The good news is these TVs' security vulnerabilities apparently won't allow hackers to spy on you or steal your information, according to Consumer Reports.
There have been some ads on YouTube recently, created by a few unknown attackers, that have been slowing down YouTube users' computers, and using their CPUs and electricity to generate digital currency.
The ads forced them to help malicious actors earn the cryptocurrency Monero, a bitcoin alternative, by hogging their computer processing power.
"An analysis of the malvertisement-riddled pages revealed two different web miner scripts embedded and a script that displays the advertisement from DoubleClick," said Trend Micro.
The affected webpage will show the legitimate advertisement while the two web miners covertly perform their task.
Intel had issued its software patch to address a security issue affecting millions of its processors worldwide.
But the software caused many machines to reboot or shut down and Intel later told people not to install it. Researchers discovered gaps in security stemming from central processing units - better known as the chip or microchip - that could allow privately stored data in computers and networks to be hacked.
Facebook is tracking you more than anything, not Aadhaar, said American author Thomas Friedman.
Aadhar doesn't store anything about you except your biometrics. It's not tracking you.
"Facebook is tracking you much more today. If you are worried about privacy, then you shouldn’t be using Google, Facebook, Twitter, any of these things."
At least six attacks have taken place within the last week. They ranged in location from the Pacific Northwest to the Gulf region to New England. Thieves have stolen over $1 million in attacks so far.
To execute the cyber-attack, a thief needs physical access to an ATM and will use malware, physical hacking tools, or both, to take control of the machine and force it to dispense cash quickly. If it works, cash pours out of the ATM like the hacker won a jackpot.
Several Modules have been identified performing different malicious activities. 27 Android gaming apps were listed On this malware module with all the famous gaming category.
The Malware used steganography method to inject malicious script into the Images file and send it to users to get infected.
Using a Module called Android.RemoteCode.127.origin it relied on connection to remote servers with a link to download additional module called Android.RemoteCode.126.origin.
The exploit chain triggers two vulnerabilities, CVE-2017-5116 and CVE-2017-14904, Chaining the vulnerabilities the attackers can remotely inject arbitrary code into the system_server process when a malicious URL in Chrome is accessed.
The victims can be tricked into clicking on such a URL by hackers that can fully compromise their mobile device.
The security researcher also received additional $7500 through the Chrome Rewards program.
Intel warned that you should stop deploying its current versions of Spectre/Meltdown patches, which Linux creator Linus Torvalds calls 'complete and utter garbage'.
Since last week, users are reporting that they are facing issues like spontaneous reboots and other 'unpredictable' system behaviour on their affected computers after installing Spectre/Meltdown patch released by Intel.
Keeping these problems in mind, Intel has advised OEMs, cloud service providers, system manufacturers, software vendors as well as end users to stop deploying the current versions of its patches until the chip giant develops 'a solution to address it'.
Oneplus admitted of their credit card information belonging to 40,000+ customers stolen by an unknown hacker.
The attack was possibly by targeting one of the firm's systems by inserting malicious script into the payment page code and sniff out credit card information.
The stolen data included card numbers, expiry dates, and security codes, directly from a customer's browser window.
Skygofree is a new Android spyware has been designed for targeted surveillance, and it is believed to have been targeting a large number of users for the past four years.
It steals Location-based audio recording using device's microphone, the use of Android Accessibility Services to steal WhatsApp messages, and the ability to connect infected devices to malicious Wi-Fi networks controlled by attackers.
GhostTeam, the new malware has been found so far in 50+ apps on Google Play Store that is designed to steal Facebook login credentials and aggressively display pop-up advertisements to users.
Play Protect security feature uses machine learning and app usage analysis to remove malicious apps from user’s Android smartphones in an effort to prevent any further harm.
Yet another new and manipulation of default behaviour within Intel Active Management Technology (AMT) can allow an attacker to bypass login and gain control over a user's device in less than 30 seconds.
Anyone with physical access to the affected laptop can bypass the login of BIOS/BitLocker etc.
Steps of exploitation:
Security researchers discovered a vulnerability in Whatsapp & Signal which allows anyone who controls the servers to covertly add new members in a private group.
The purpose of implementing end-to-end encryption was to stop anyone, be it the company himself or the server that transmits the data, from decrypting it. The vulnerability can enable anyone with the access to the server to break the transport security layer and take full control over a group chat. Since Whatsapp & Signal failed to authenticate who is adding a new member in the group, it is possible to add a new member in a private group by someone who is neither a group administrator nor a member.
Source: : https://www.isoeh.com/research-article-details-private-end-to-end-encrypted-whatsapp-group-chats-are-not-secured.html
Fuxploider is an open source penetration testing tool that automates the process of detecting and exploiting file upload forms flaws.
It has ability to detect the file types allowed to be uploaded and is able to detect which technique will work best to upload web shells or any malicious file on the desired web server.
Security researchers discovered malicious apps designed to steal credentials from users have been downloaded million times from Google play store. Among these, the most popular app is a gaming app. Though, according to a blog post, it was a normal app without any malicious code but later it was updated with information-stealing capabilities.
Since these apps looked like they came from VK.com – for listening to music or for monitoring user page visits, requiring a user to login into his/her account through a standard login page did not look suspicious at all. The information stolen through the apps are helping cyber criminals to promote groups and increase their popularity.
To avoid your credentials being stolen, make sure to enable Google Play Protect in devices.
When it comes to account compromise, phishing poses a greater threat than data breaches, say researchers at Google and UC Berkeley.
Data collected by Google shows that 80 percent of all the phishing kits observed targeted usernames, passwords, and geolocation; followed by phone numbers and device details. A smaller subset of the phishing attacks also targeted secret questions, full names, credit card data, and Social Security Numbers. (tahawultech.com)
For some people, Google controls most of their identity online, and losing access to that critical account could be devastating. According to Google, enterprising hijackers are constantly finding out, and are able to realize, billions of different platforms’ usernames and passwords on black markets.
The ads come with provocative headlines about hot-button political issues and targeted Facebook users likely to click based on political ideologies.
In September, an ad with the headline, "New Approval Ratings For President Trump Announced And It's Not Going The Way You Think," targeted Facebook users over 40. "Regardless of what you think of Donald Trump and his policies, it's fair to say that his appointment as President of the United States is one of the most…," ran the text. There was a "Learn more" button to lure the audience to click to read the whole news.
Those who clicked the button to read the elaborate news found their computers frozen with a warning and a phone number that users could call to get it fixed for a price. Though the freeze was temporary and restarting the computer would have unlocked it, some worried users who called the number were asked to pay to restore their access, according to computer security experts who have tracked the scam for more than a year.
The vulnerability in question stems from the fact that the affected apps’ cryptographically signed certificate failed to verify the hostname on the server it attempted to connect with. This could allow malicious third parties on the same network as the victim to step in and take control of an online banking session, intercepting usernames and passwords to hijack an account.
Researchers have tested a new tool on a sample of 400 apps, and found that several banking apps had a critical vulnerability that could have allowed hackers to access anyone's username and password who is connected to the same network as the victim, to perform a 'Man in the Middle Attack.'
Apps from some of the world's largest banks were found to contain this flaw, which, if exploited, could have allowed an attacker to decrypt, view and modify network traffic from users of the app.
The cryptocurrency mining company NiceHash announced the breach in a statement where they recommended users to change their passwords. Nicehash had suspended their operations for the time being as the compromise of their payment system caused 64million loss.
Hackers made off with contents of the company's bitcoin account, according to Andrej Škraba, the Slovenian marketplace's head of marketing. He told Reuters that the compromise was highly professional and involved "sophisticated social engineering".
"There are certainly a number potential security issues to discuss, from API vulnerabilities to web application and database protection, however, without more details from NiceHash, we can only speculate by which method of attack their website was compromised," said Rusty Carter, vice president of product management for mobile app security company Arxan Technologies, via email.
Hackers may have obtained personal information for 1.6 million individuals after compromising the systems of Paypal's subsidiary TIO Networks.
An investigation conducted in collaboration with third-party cybersecurity experts revealed that TIO's network had been breached, including servers that stored the information of TIO clients and customers of TIO billers. Affected companies and individuals will be contacted via mail and email and offered free credit monitoring services via Experian.
The company has already been fined more than $40 million in the US over the scandal which involved tens of millions of people around the world.
Google is accused of bypassing the default privacy settings on Apple phones and successfully tracking the online behavior of people using the Safari browser which is then used. The data is used in its DoubleClick advertising business, which enables advertisers to target content according to a user's browsing habits.
Google believes that U.K. privacy laws do not apply to the company, and so British consumers that want to take the tech giant to court are facing a losing battle.
Three Chinese were charged for stealing 407 GB of sensitive data and trade secrets by sending "spearphishing" emails to computers in western Pennsylvania and around the world.
They were also accused of exploiting vulnerabilities in computer systems and using malware to gain access to confidential business and commercial information, work product, and sensitive employee information including usernames and passwords.
Imgur security breach probably happened because of an older hashing algorithm. The stolen passwords were scrambled with older SHA-256 hashing algorithm which could be easily cracked using brute force attacks.
Imgur stated of encrypting passwords of users in database, with the outdated SHA-256 which is quite feasible to be broken.
If you use Facebook as a backup drive to store important and often personal photos/videos, then drop this habit. A newly discovered Facebook vulnerability could let anyone with some technical know-how to delete any or all photos you posted on the social networking website.
This is because Facebook's Graph API wasn't checking permissions properly. If you sent a request to the Graph API to delete another user's photo album and toss your own Facebook for Android token as the required stamp of approval, it'd blindly accept it and the album would vanish.
Bloomberg has revealed that the company concealed for more than a year a massive data breach that exposed sensitive records of millions of drivers and customers. The stolen information included names, email addresses and mobile phone numbers of Uber users around the world, and the names and license numbers of 600,000 U.S. drivers.
Two attackers accessed a private GitHub coding site used by Uber software engineers and then used login credentials they obtained there to access data stored on an Amazon Web Services account that handled computing tasks for the company. From there, the hackers discovered an archive of rider and driver information. Later, they emailed Uber asking for money, according to the company.
Experts found 482 of the top 50,000 websites use session replay scripts. You may know that most websites have third-party analytics scripts that record which pages you visit and the searches you make. But lately, more and more sites use "session replay" scripts.
Hundreds of homepages, including those of Microsoft, Adobe and Wordpress, Spotify, Skype use secret code, called 'session replay' scripts, to monitor your online activity.
This could be used by third parties to reveal everything from credit card details to medical complaints, as well as putting you at risk of identity theft and online scams.
If you are an android user, then you are also among the billions of users whose smartphone is secretly gathering location data and sending it back to Google.
Android devices have been sending location information about nearby cell towers to Google since the beginning of 2017, with Google getting pinged every time a user entered the range of a new tower. Even if the user actively turned off location services, Google can still access their location and movements without their knowledge.
Cars on the road may already being targeted by hackers and it is feared that vehicles built after 2005 are vulnerable to be controlled remotely, although models up to 17 years old could also be affected.
The government is now being urged to create laws that would force car manufacturers to constantly provide software updates for their vehicles.
Carsten Maple, professor of cyber engineering at the University of Warwick, said: "We’ve already seen vehicles used as weapons. Cybersecurity researchers must ensure systems are engineered to stop new attacks."
Siri helpfully obeys the orders of any hacker who talks to her—even, in some cases, one who's silently transmitting those commands via radio from as far as 16 feet away.
It can use radio waves to silently trigger voice commands on any #Androidphone or #iPhone that has Google Now or Siri enabled, if it also has a pair of headphones with a microphone plugged into its jack.
Their clever hack uses those headphones' cord as an antenna, exploiting its wire to convert surreptitious electromagnetic waves into electrical signals that appear to the phone's operating system to be audio coming from the user’s microphone.
Without speaking a word, a hacker could use that radio attack to tell Siri or #Google Now to make calls and send texts, dial the hacker's number to turn the phone into an eavesdropping device, send the phone's browser to a malware site, or send spam and phishing messages via email, Facebook, or Twitter.
Researchers found that that IOT cameras can be infected with a variant of a known malware program known as : Bashlite, or Lightaidra or GayFgt, specially designed for ARM versions of Linux.
The target of the DDoS attack was a rarely-used asset of a large cloud service, serving millions of users worldwide.
All of the compromised cameras monitored by the researchers were logged from multiple locations in almost every case, suggesting that several different hackers were abusing the weakness of unsecured CCTV cameras.
Top targeted countries for CCTV botnets around the world include India, China, Iran, Indonesia, US, and Thailand.
Chip-and-Pin Card Fraud: Man-in-the-Middle Attack
How it works?
A typical EMV transaction involves three steps:
When a buyer inserts the altered card, the original chip allows to respond with the card authentication as normal. But, during cardholder authorization, the POS system would ask to enter a PIN.
In this case, the fraudster could respond with any PIN, and the fraudulent chip comes into play and will result in a "YES" signal regardless of whatever random PIN the thief has entered.
The attacker intercepts the PIN query and replies that it is correct, whatever the code is!
Fixed — at least in Europe, researchers declined to fully detail new security measures.
AT&T and #Verizon's implementations of LTE are said to be vulnerable to "to several issues" that could result in eavesdropping, data spoofing, and over-billing for potentially millions of phones.
Android devices on these networks are at most risk because the software "does not have appropriate permissions model" for LTE networks.
LTE (also known as #4G) relies on packet switching, a common way of sending data across the internet, rather than the old method of circuit switching.
This new method of sending data allows for new kinds of attacks, particularly against the Session Initiation Protocol (#SIP), nowadays more commonly used in voice calls and instant messaging.
Researchers have found a method that exploits the way that SIP works, by spoofing phone numbers for calls or text messages.
It's also possible for an attacker to obtain free bandwidth for more data-intensive activities, like video calling, without incurring any additional costs.
In some cases, an attacker can establish multiple SIP sessions at the same time, which could lead to a denial-of-service attack on the network
US company #Battelle has developed a shoulder-mounted rifle to deal with unwanted drones flying around.
"#DroneDefender" the revolutionary weapon specifically designed to target and knock drones out of the sky at a range of just 400 meters,is incepted without totally destroying them.
The Battelle DroneDefender utilizes radio waves to neutralize in-flight Drones and force them to land or hover or return to its point of origin.
#DroneDefender emits radio pulses that interrupt the communications system of the drone (both drone and #GPS signal it sends out) and makes it think that it gone out of range, thereby preventing the drone from accepting any additional commands from its operator.
Nearly 5.6 Million Fingerprints of its federal employees were also stolen in the massive data breach took place in April this year.
The OPM, the US government agency that handles all federal employee data, reported that some 1.1 Million Fingerprints were stolen. which escalated to increased to 5.6 Million.
OPM's nteragency team –(members of the #FBI, Defense Department, and #Homeland Security) is reviewing the potential ways hackers could misuse the data.
Whoever has access to the #Goldmine – Stolen #OPM data – holds a highly Powerful, unchangeable key.
The Apple website is not secure. While surfing the Apple site http://www.apple.com/ I have found several encryption related vulnerabilities. Here are those:-
Appraisal letter from Apple:-
Re: Apple Developer Feedback
Thank you for contacting Apple Developer Support regarding the Developer website.
We appreciate that you have taken the time to send us your feedback. Please be assured that all of your comments have been forwarded to the appropriate Apple team.
If you have further questions or comments, please let us know.
Apple Developer Support
About the university:
Sikkim Manipal is one of the largest private University in India. The Institute attracts students from all over the country, with over 1700 students enrolled in the various engineering disciplines. 102 full-time faculties are employed.
Type of problem:
User Name: *sanjay*
[any name will work]
Password: *' OR ''='
*Choose "*Center Login*" radio button
You have access to the main admin panel. Option to download & print ALL student records, contact information, admit cards for upcoming examinations, assignments, results, etc. Option to change password.
About the university:
Calcutta University is the oldest existing University in Indian Subcontinent. Founded 1857, it is ranked 39th in the world.
Vulnerability:The main page is spreading virus. www.caluniv.ac.in It has iframe code injection & pulling virus from the Russian site pantscow.ru.
Hundreds will be infected while checking for results on the website.
Banks are warning customers of the risk of their mobile banking credentials being stolen by malware masquerading as a Flash player sent to them through unwarranted messages or through pop-ups on websites.Read Details