Hacker Allegedly Steals $7.4 Million in Ethereum with Incredibly Simple Trick Someone tricked would be investors during an ethereum ICO into sending their cryptocurrency to the wrong address. A hacker has allegedly just stolen around $7.4 million dollars worth of ether, the cryptocurrency that underpins the app platform ethereum, by tricking victims into sending money Read more about 3 Etherium heists in as many weeks: $7m, $32m and $85m![…]

BothanSpy is an implant that targets the SSH client program Xshell on the Microsoft Windows platform and steals user credentials for all active SSH sessions. These credentials are either username and password in case of password-authenticated SSH sessions or username, filename of private SSH key and key password if public key authentication is used. BothanSpy Read more about CIA Vault 7 tools steal active SSH sessions on Linux and Windows[…]

The documents describe how a CIA operation can infiltrate a closed network (or a single air-gapped computer) within an organization or enterprise without direct access. It first infects a Internet-connected computer within the organization (referred to as “primary host”) and installs the BrutalKangaroo malware on it. When a user is using the primary host and Read more about CIA airgaps using Brutal Kangaroo software[…]

mazda_getInfo – A PoC that the USB port is an attack surface for a Mazda car’s infotainment system and how Mazda hacks are made

Verelox, a provider of dedicated KVM and VPS servers based in The Hague, Netherlands, suffered a catastrophic outage after a former administrator deleted all customer data and wiped most of the company’s servers. Source: Ex-Admin Deletes All Customer Data and Wipes Servers of Dutch Hosting Provider

With the Doubleswitch attack, a hijacker takes control of a victim’s account through one of several attack vectors. People who have not enabled an app-based form of multifactor authentication for their accounts are especially vulnerable. For instance, an attacker could trick you into revealing your password through phishing. If you don’t have multifactor authentication, you Read more about The “Doubleswitch” social media attack: how to lock people out of social media accounts and use them to spread fake news[…]

This malware will intercept specific data passing through the router, break it down into its binary format, and use a router LED to signal the data to a nearby attacker, with the LED turned on standing for a binary one and the LED turned off representing a binary zero. An attacker with a clear line Read more about Malware Uses Router LEDs to Air Gap Data From Secure Networks[…]

On Wednesday, OneLogin—a company that allows users to manage logins to multiple sites and apps all at once—announced it had suffered some form of breach. Although it’s not clear exactly what data has been taken, OneLogin says that all customers served by the company’s US data centre are impacted, and has quietly issued a set Read more about Identity Manager OneLogin Has Suffered a Nasty Looking Data Breach[…]

Check Point Threat Intelligence and research teams recently discovered a high volume Chinese threat operation which has infected over 250 million computers worldwide. The installed malware, Fireball, takes over target browsers and turns them into zombies. Fireball has two main functionalities: the ability of running any code on victim computers–downloading any file or malware, and Read more about FIREBALL – The Chinese Malware run by Rafotech has 250 Million Computers Infected[…]

Bell is apologizing to its customers after 1.9 million email addresses and approximately 1,700 names and phone numbers were stolen from a company database. The information appears to have been posted online, but the company could not confirm the leaked data was one and the same. Bell, the country’s largest telecommunications company, attributed the incident Read more about 1.9 million Bell customer email addresses stolen by ‘anonymous hacker’[…]

A popular font sharing site DaFont.com has been hacked, exposing the site’s entire database of user accounts.Usernames, email addresses, and hashed passwords of 699,464 user accounts were stolen in the breach, carried out earlier this month, by a hacker who would not divulge his nameA popular font sharing site DaFont.com has been hacked, exposing the Read more about Font sharing site DaFont has been hacked, exposing 699,464 accounts[…]

Persirai targets more than a thousand different internet protocol camera models. Researchers at Trend Micro warn that 120,000 web-connected cameras are vulnerable to the malware. Consumers would, in most cases, be unaware that their devices are even exposed to the internet much less at risk of compromise. Hackers are using a known but seldom patched Read more about Another IoT botnet has been found feasting on 120k vulnerable IP cameras[…]

This vulnerability allows an attacker to allocate any amount of bytes (up to 4 gigabytes per attack) on a remote rpcbind host, and the memory is never freed unless the process crashes or the administrator halts or restarts the rpcbind service. Attacking a system is trivial; a single attack consists of sending a specially crafted Read more about rpcbomb: remote rpcbind denial-of-service + patches[…]

This week, inquisitive netizens discovered that, when presented with even modest amounts of network packets – as little as 1.5Mbps spread across various TCP or UDP ports – modems equipped with a Puma 6 slow to an unusable crawl. According to one engineer who spoke to El Reg on the issue, the flaw would be Read more about FYI: You can blow Intel-powered broadband modems off the ‘net with a ‘trivial’ packet stream[…]

The NSA’s Equation Group hacking tools, leaked last Friday by the Shadow Brokers, have now been used to infect thousands of Windows machines worldwide, we’re told. On Thursday, Dan Tentler, founder of security shop Phobos Group, told The Register he’s seen rising numbers of boxes on the public internet showing signs they have DOUBLEPULSAR installed Read more about Script kiddies pwn 1000s of Windows boxes using leaked NSA hack tools[…]

The advertisment says: “Hello Google, what is the whopper burger?” and Google home reads out the first line of the wiki page. So Google blocked Burger King. So BK re-recorded and Google Home devices recite the first Absolutely brilliant and very funny! Alexa next! And even more funny: changing the wiki page just as the Read more about Burger King ads talk to Google Home devices, make them talk when listening.[…]

A partnership between computer scientists at the University of California San Diego and Google has allowed the search giant to reduce by 70 percent fraudulent business listings in Google Maps. The researchers worked together to analyze more than 100,000 fraudulent listings to determine how scammers had been able to avoid detection—albeit for a limited amount Read more about Scammers place fake pins on Google Maps[…]

The self-styled Shadow Brokers group has made a collection of NSA hacking tools and exploits publicly available. The group released a password for their archive, making it available to all and sundry. They (unsuccessfully) attempted to auction off the trove last year. In a (ranty) statement, Shadow Brokers said it was making the 2013 vintage Read more about Shadow Brokers crack open NSA hacking tool cache for world+dog[…]

Source: 1046 – Broadcom: Heap overflow in TDLS Teardown Request while handling Fast Transition IE – project-zero – Monorail Comes with proof of concept code

The Bricker Bot PDoS attack used Telnet brute force – the same exploit vector used by Mirai – to breach a victim’s devices. Bricker does not try to download a binary, so Radware does not have a complete list of credentials that were used for the brute force attempt, but were able to record that Read more about “BrickerBot” tries to kill your poorly secured IoT things[…]

A new attack on smart TVs allows a malicious actor to take over devices using rogue DVB-T (Digital Video Broadcasting — Terrestrial) signals, get root access on the smart TV, and use the device for all sorts of nasty actions, ranging from DDoS attacks to spying on end users. […] Scheel’s method, which he recently Read more about About 90% of Smart TVs Vulnerable to Remote Hacking via Rogue TV Signals[…]

According to allegations in the indictment against Rimasauskas, which was unsealed this week, he had orchestrated his scheme between 2013 and 2015, targeting “a multinational technology company and a multinational online social media company” and tricking them into wiring funds to bank accounts under his control. The bank accounts in question belonged to companies that Read more about Bloke, 48, accused of whaling two US tech leviathans out of $100m[…]

Mark Vartanyan, who operated under the handle “Kolypto”, was arrested in Norway last year, and extradited to America in December. The 29-year-old was charged with one count of computer fraud. On Monday, he pleaded guilty [PDF] to a district court in Atlanta, US. He faces up to 10 years in the clink and a $250,000 Read more about Russian mastermind of $500m bank-raiding Citadel coughs to crimes[…]

We recently announced a new addition to Metasploit to help you do exactly that: the Hardware Bridge API. The Hardware Bridge API extends Metasploit’s capabilities into the physical world of hardware devices. Much in the same way that the Metasploit framework helped unify tools and exploits for networks and software, the Hardware Bridge looks to Read more about Metasploit hwbridge connects to your car[…]