Category: hacking

Auto Added by WPeMatico

Tesla Remotely Hacked from a Drone

Posted on By infossl
cars, drones, hacking, Security technology, Uncategorized, vulnerabilities, Wi-Fi

This is an impressive hack: Security researchers Ralf-Philipp Weinmann of Kunnamon, Inc. and Benedikt Schmotzle of Comsecuris GmbH have found remote zero-click security vulnerabilities in an open-source software component (ConnMan) used in Tesla automobiles that allowed them to compromise parked cars and control their infotainment systems over WiFi. It would be possible for an attacker … Read More “Tesla Remotely Hacked from a Drone” »

When AIs Start Hacking

Posted on By infossl
artificial intelligence, essays, hacking, Security technology, Uncategorized, vulnerabilities

If you don’t have enough to worry about already, consider a world where AIs are hackers. Hacking is as old as humanity. We are creative problem solvers. We exploit loopholes, manipulate systems, and strive for more influence, power, and wealth. To date, hacking has exclusively been a human activity. Not for long. As I lay … Read More “When AIs Start Hacking” »

Backdoor Found in Codecov Bash Uploader

Posted on By infossl
backdoors, credentials, hacking, Security technology, supply chain, Uncategorized

Developers have discovered a backdoor in the Codecov bash uploader. It’s been there for four months. We don’t know who put it there. Codecov said the breach allowed the attackers to export information stored in its users’ continuous integration (CI) environments. This information was then sent to a third-party server outside of Codecov’s infrastructure,” the … Read More “Backdoor Found in Codecov Bash Uploader” »

Biden Administration Imposes Sanctions on Russia for SolarWinds

Posted on By infossl
cyberespionage, espionage, hacking, national security policy, russia, Security technology, Uncategorized

On April 15, the Biden administration both formally attributed the SolarWinds espionage campaign to the Russian Foreign Intelligence Service (SVR), and imposed a series of sanctions designed to punish the country for the attack and deter future attacks. I will leave it to those with experience in foreign relations to convince me that the response … Read More “Biden Administration Imposes Sanctions on Russia for SolarWinds” »

Details on the Unlocking of the San Bernardino Terrorist’s iPhone

Posted on By infossl
apple, exploits, fbi, hacking, iphone, Security technology, terrorism, Uncategorized

The Washington Post has published a long story on the unlocking of the San Bernardino Terrorist’s iPhone 5C in 2016. We all thought it was an Israeli company called Cellebrite. It was actually an Australian company called Azimuth Security. Azimuth specialized in finding significant vulnerabilities. Dowd, a former IBM X-Force researcher whom one peer called … Read More “Details on the Unlocking of the San Bernardino Terrorist’s iPhone” »

Backdoor Added — But Found — in PHP

Posted on By infossl
authentication, backdoors, hacking, open source, Security technology, supply chain, Uncategorized

Unknown hackers attempted to add a backdoor to the PHP source code. It was two malicious commits, with the subject “fix typo” and the names of known PHP developers and maintainers. They were discovered and removed before being pushed out to any users. But since 79% of the Internet’s websites use PHP, it’s scary. Developers … Read More “Backdoor Added — But Found — in PHP” »

Malware Hidden in Call of Duty Cheating Software

Posted on By infossl
games, hacking, malware, privilege escalation, Security technology, social engineering, Uncategorized

News article: Most troublingly, Activision says that the “cheat” tool has been advertised multiple times on a popular cheating forum under the title “new COD hack.” (Gamers looking to flout the rules will typically go to such forums to find new ways to do so.) While the report doesn’t mention which forum they were posted … Read More “Malware Hidden in Call of Duty Cheating Software” »

Hacking Weapons Systems

Posted on By infossl
cyberattack, cyberweapons, hacking, infrastructure, military, national security policy, Security technology, Uncategorized, weapons

Lukasz Olejnik has a good essay on hacking weapons systems. Basically, there is no reason to believe that software in weapons systems is any more vulnerability free than any other software. So now the question is whether the software can be accessed over the Internet. Increasingly, it is. This is likely to become a bigger … Read More “Hacking Weapons Systems” »

Accellion Supply Chain Hack

Posted on By infossl
hacking, patching, Security technology, supply chain, Uncategorized, vulnerabilities

A vulnerability in the Accellion file-transfer program is being used by criminal groups to hack networks worldwide. There’s much in the article about when Accellion knew about the vulnerability, when it alerted its customers, and when it patched its software. The governor of New Zealand’s central bank, Adrian Orr, says Accellion failed to warn it … Read More “Accellion Supply Chain Hack” »

More on the Chinese Zero-Day Microsoft Exchange Hack

Posted on By infossl
china, cybersecurity, hacking, microsoft, patching, Security technology, Uncategorized, zero-day

Nick Weaver has an excellent post on the Microsoft Exchange hack: The investigative journalist Brian Krebs has produced a handy timeline of events and a few things stand out from the chronology. The attacker was first detected by one group on Jan. 5 and another on Jan. 6, and Microsoft acknowledged the problem immediately. During … Read More “More on the Chinese Zero-Day Microsoft Exchange Hack” »