Category: hacking

Auto Added by WPeMatico

Massive Data Breach at Uber

Posted on By infossl
cyberattack, data breaches, hacking, phishing, Security technology, social engineering, uber, Uncategorized

It’s big: The breach appeared to have compromised many of Uber’s internal systems, and a person claiming responsibility for the hack sent images of email, cloud storage and code repositories to cybersecurity researchers and The New York Times. “They pretty much have full access to Uber,” said Sam Curry, a security engineer at Yuga Labs … Read More “Massive Data Breach at Uber” »

USB “Rubber Ducky” Attack Tool

Posted on By infossl
cyberattack, cybersecurity, hacking, Security technology, Uncategorized, usb

The USB Rubber Ducky is getting better and better. Already, previous versions of the Rubber Ducky could carry out attacks like creating a fake Windows pop-up box to harvest a user’s login credentials or causing Chrome to send all saved passwords to an attacker’s webserver. But these attacks had to be carefully crafted for specific … Read More “USB “Rubber Ducky” Attack Tool” »

Russia Creates Malware False-Flag App

Posted on By infossl
hacking, malware, russia, Security technology, ukraine, Uncategorized

The Russian hacking group Turla released an Android app that seems to aid Ukrainian hackers in their attacks against Russian networks. It’s actually malware, and provides information back to the Russians: The hackers pretended to be a “community of free people around the world who are fighting russia’s aggression”—much like the IT Army. But the … Read More “Russia Creates Malware False-Flag App” »

NSO Group’s Pegasus Spyware Used against Thailand Pro-Democracy Activists and Leaders

Posted on By infossl
Citizen Lab, hacking, human rights, Security technology, spyware, Thailand, Uncategorized

Yet another basic human rights violation, courtesy of NSO Group: Citizen Lab has the details: Key Findings We discovered an extensive espionage campaign targeting Thai pro-democracy protesters, and activists calling for reforms to the monarchy. We forensically confirmed that at least 30 individuals were infected with NSO Group’s Pegasus spyware. The observed infections took place … Read More “NSO Group’s Pegasus Spyware Used against Thailand Pro-Democracy Activists and Leaders” »

ZuoRAT Malware Is Targeting Routers

Posted on By infossl
hacking, malware, Security technology, Uncategorized

Wired is reporting on a new remote-access Trojan that is able to infect at least eighty different targets: So far, researchers from Lumen Technologies’ Black Lotus Labs say they’ve identified at least 80 targets infected by the stealthy malware, including routers made by Cisco, Netgear, Asus, and DrayTek. Dubbed ZuoRAT, the remote access Trojan is … Read More “ZuoRAT Malware Is Targeting Routers” »

Bluetooth Flaw Allows Remote Unlocking of Digital Locks

Posted on By infossl
bluetooth, cars, hacking, locks, Security technology, Uncategorized

Locks that use Bluetooth Low Energy to authenticate keys are vulnerable to remote unlocking. The research focused on Teslas, but the exploit is generalizable. In a video shared with Reuters, NCC Group researcher Sultan Qasim Khan was able to open and then drive a Tesla using a small relay device attached to a laptop which … Read More “Bluetooth Flaw Allows Remote Unlocking of Digital Locks” »

Zero-Day Vulnerabilities Are on the Rise

Posted on By infossl
hacking, malware, ransomware, Security technology, Uncategorized, vulnerabilities, zero-day

Both Google and Mandiant are reporting a significant increase in the number of zero-day vulnerabilities reported in 2021. Google: 2021 included the detection and disclosure of 58 in-the-wild 0-days, the most ever recorded since Project Zero began tracking in mid-2014. That’s more than double the previous maximum of 28 detected in 2015 and especially stark … Read More “Zero-Day Vulnerabilities Are on the Rise” »

Hackers Using Fake Police Data Requests against Tech Companies

Posted on By infossl
courts, extortion, forgery, hacking, police, scams, Security technology, Uncategorized

Brian Krebs has a detailed post about hackers using fake police data requests to trick companies into handing over data. Virtually all major technology companies serving large numbers of users online have departments that routinely review and process such requests, which are typically granted as long as the proper documents are provided and the request … Read More “Hackers Using Fake Police Data Requests against Tech Companies” »

Chrome Zero-Day from North Korea

Posted on By infossl
chrome, hacking, North Korea, Security technology, Uncategorized, zero-day

North Korean hackers have been exploiting a zero-day in Chrome. The flaw, tracked as CVE-2022-0609, was exploited by two separate North Korean hacking groups. Both groups deployed the same exploit kit on websites that either belonged to legitimate organizations and were hacked or were set up for the express purpose of serving attack code on … Read More “Chrome Zero-Day from North Korea” »

US Critical Infrastructure Companies Will Have to Report When They Are Hacked

Posted on By infossl
cyberattack, cyberespionage, cybersecurity, defense, espionage, hacking, infrastructure, laws, ransomware, Security technology, Uncategorized

This will be law soon: Companies critical to U.S. national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress. […] The reporting requirement legislation was approved by the House and the Senate on Thursday and is expected to be signed into law by President … Read More “US Critical Infrastructure Companies Will Have to Report When They Are Hacked” »