RSS ze světa hackingu


How Apple Gave Chinese Government Access to iCloud Data and Censored Apps

In July 2018, when Guizhou-Cloud Big Data (GCBD) agreed to a deal with state-owned telco China Telecom to move users' iCloud data belonging to Apple's China-based users to the latter's servers, the shift raised concerns that it could make user data vulnerable to state surveillance. Now, according to a deep-dive report from The New York Times, Apple's privacy and security concessions have "made…

Datum: 18. 5. 2021

Free "vCISO Clinic" offers Resource-Constrained InfoSec Leaders a Helping Hand

Leaders in the InfoSec field face a strange dilemma. On the one hand, there are hundreds of thousands of resources available to find online to read (or watch) if they have questions – that's a benefit of a digital-first field. On the other hand, most leaders face challenges that – while not entirely unique each time – tend to require a specific touch or solution. For most, it would be great to…

Datum: 18. 5. 2021

Experts Reveal Over 150 Ways to Steal Control of 58 Android Stalkerware Apps

A total of 158 privacy and security issues have been identified in 58 Android stalkware apps from various vendors that could enable a malicious actor to take control of a victim's device, hijack a stalker's account, intercept data, achieve remote code execution, and even frame the victim by uploading fabricated evidence. The new findings, which come from an analysis of 86 stalkerware apps for…

Datum: 18. 5. 2021

70 European and South American Banks Under Attack By Bizarro Banking Malware

A financially motivated cybercrime gang has unleashed a previously undocumented banking trojan, which can steal credentials from customers of 70 banks located in various European and South American countries. Dubbed "Bizarro" by Kaspersky researchers, the Windows malware is "using affiliates or recruiting money mules to operationalize their attacks, cashing out or simply to helping [sic] with…

Datum: 18. 5. 2021

Apple's Find My Network Can be Abused to Exfiltrate Data From Nearby Devices

Latest research has demonstrated a new exploit that enables arbitrary data to be uploaded from devices that are not connected to the Internet by simply sending "Find My Bluetooth" broadcasts to nearby Apple devices. "It's possible to upload arbitrary data from non-internet-connected devices by sending Find My [Bluetooth Low Energy] broadcasts to nearby Apple devices that then upload the data for…

Datum: 17. 5. 2021

Why Password Hygiene Needs a Reboot

In today's digital world, password security is more important than ever. While biometrics, one-time passwords (OTP), and other emerging forms of authentication are often touted as replacements to the traditional password, today, this concept is more marketing hype than anything else. But just because passwords aren't going anywhere anytime soon doesn't mean that organizations don’t need to…

Datum: 17. 5. 2021

Experts Warn About Ongoing AutoHotkey-Based Malware Attacks

Cybersecurity researchers have uncovered an ongoing malware campaign that heavily relies on AutoHotkey (AHK) scripting language to deliver multiple remote access trojans (RAT) such as Revenge RAT, LimeRAT, AsyncRAT, Houdini, and Vjw0rm on target Windows systems. At least four different versions of the campaign have been spotted starting February 2021, according to researchers from Morphisec Labs…

Datum: 17. 5. 2021

U.S. Pipeline Ransomware Attackers Go Dark After Servers and Bitcoin Are Seized

Just as Colonial Pipeline restored all of its systems to operational status in the wake of a crippling ransomware incident a week ago, DarkSide, the cybercrime syndicate behind the attack, claimed it lost control of its infrastructure, citing a law enforcement seizure. All the dark websites operated by the gang, including its DarkSide Leaks blog, ransom collection site, and breach data content…

Datum: 17. 5. 2021

Hackers Using Microsoft Build Engine to Deliver Malware Filelessly

Threat actors are abusing Microsoft Build Engine (MSBuild) to filelessly deliver remote access trojans and password-stealing malware on targeted Windows systems. The actively ongoing campaign is said to have emerged last month, researchers from cybersecurity firm Anomali said on Thursday, adding the malicious build files came embedded with encoded executables and shellcode that deploy backdoors,…

Datum: 14. 5. 2021

Pakistan-Linked Hackers Added New Windows Malware to Its Arsenal

Cybercriminals with suspected ties to Pakistan continue to rely on social engineering as a crucial component of its operations as part of an evolving espionage campaign against Indian targets, according to new research. The attacks have been linked to a group called Transparent Tribe, also known as Operation C-Major, APT36, and Mythic Leopard, which has created fraudulent domains mimicking…

Datum: 14. 5. 2021

Stránky: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299