Boeing left its software unprotected, and researchers have analyzed it for vulnerabilities: At the Black Hat security conference today in Las Vegas, Santamarta, a researcher for security firm IOActive, plans to present his findings, including the details of multiple serious security flaws in the code for a component of the 787 known as a Crew … Read More “Software Vulnerabilities in the Boeing 787” »
Category: hacking
Auto Added by WPeMatico
Apple’s FaceID has a liveness detection feature, which prevents someone from unlocking a victim’s phone by putting it in front of his face while he’s sleeping. That feature has been hacked: Researchers on Wednesday during Black Hat USA 2019 demonstrated an attack that allowed them to bypass a victim’s FaceID and log into their phone … Read More “Bypassing Apple FaceID’s Liveness Detection Feature” »
Several high-security electronic locks are vulnerable to side-channel attacks involving power monitoring. Powered by WPeMatico
This wasn’t a small operation: A Pakistani man bribed AT&T call-center employees to install malware and unauthorized hardware as part of a scheme to fraudulently unlock cell phones, according to the US Department of Justice. Muhammad Fahd, 34, was extradited from Hong Kong to the US on Friday and is being detained pending trial. An … Read More “AT&T Employees Took Bribes to Unlock Smartphones” »
I know there’s a lot of politics associated with this story, but concentrate on the cybersecurity aspect for a moment. The cell phones of a thousand Brazilians, including senior government officials, were hacked — seemingly by actors much less sophisticated than rival governments. Brazil’s federal police arrested four people for allegedly hacking 1,000 cellphones belonging … Read More “Brazilian Cell Phone Hack” »
Add to the “not very smart criminals” file: According to court documents, Tinley provided software services for Siemens’ Monroeville, PA offices for nearly ten years. Among the work he was asked to perform was the creation of spreadsheets that the company was using to manage equipment orders. The spreadsheets included custom scripts that would update … Read More “Insider Logic Bombs” »
More nation-state activity in cyberspace, this time from Russia: Per the different reports in Russian media, the files indicate that SyTech had worked since 2009 on a multitude of projects since 2009 for FSB unit 71330 and for fellow contractor Quantum. Projects include: Nautilus — a project for collecting data about social media users (such … Read More “Hackers Expose Russian FSB Cyberattack Projects” »
Really. Powered by WPeMatico
Reuters has a long article on the Chinese government APT attack called Cloud Hopper. It was much bigger than originally reported. The hacking campaign, known as “Cloud Hopper,” was the subject of a U.S. indictment in December that accused two Chinese nationals of identity theft and fraud. Prosecutors described an elaborate operation that victimized multiple … Read More “Details of the Cloud Hopper Attacks” »
A sophisticated attacker has successfuly infiltrated cell providers to collect information on specific users: The hackers have systematically broken in to more than 10 cell networks around the world to date over the past seven years to obtain massive amounts of call records — including times and dates of calls, and their cell-based locations — … Read More “Cell Networks Hacked by (Probable) Nation-State Attackers” »