Dridex, which seeks to harvest users’ banking credentials, apparently originates with what the NCA’s release describes as ‘technically skilled cyber criminals in Eastern Europe’, and is said to target both individuals and consumers alike. Losses in the UK to the attacks are currently estimated at £20mn. Source: FBI and NCA join forces against Dridex banking Read more about Dridex banking malware steals GBP 20m +[…]

Depressingly familiar and stupid mistakes in EEG kit, health org’s storage of recorded brains Source: Hackers can steal your BRAIN WAVES EEG results are basically not encrypted or stored or transmitted any way securely, allowing them to be stolen, replayed and altered in transit. It’s not too much of a problem to fix, but it Read more about Hackers can steal your BRAIN WAVES[…]

Researchers have created an app that follows the micro-movements of your smartwatch and is able to detect what keys you’re pressing with your left hand and thus guess what words you may be typing on a keyboard. Source: Creepy Smartwatch Spies What You Type on a Keyboard – Softpedia

A British infosec company has found that cheap thermal imaging accessories for smartphones can be used to glean personal identification numbers entered on push-button security devices on bank ATMs.. Thermal imaging devices used to be bulky and expensive, but Sec-Tec told iTnews they can now be bought cheaply as compact iPhone accessories – for instance, Read more about Cheap thermal imagers can steal user PINs[…]

You can be identified by how you type, even behind proxies and Tor. Protect yourself with KeyboardPrivacy. Source: Behavioral Profiling: The password you can’t change. Some websites are storing your typing patterns and it turns out that after some training, systems can identify who is in a system by the way in which passwords are Read more about Behavioral Profiling: The password you can’t change. Your identity through how you type[…]

UCLA Health hospitals say hackers may have accessed personal information and medical records on 4.5 million patients.The California medical group admitted today that miscreants infiltrated its computer systems as long ago as September. It is possible the intruders accessed databases holding patient names, addresses, dates of birth, social security numbers, medical records, health plan numbers, Read more about Hackers invade systems holding medical files on 4.5 million California patients[…]

A spokeswoman for AFC Kredieten, when asked if customers whose data had been stolen had been informed, replied: “They are not our customers. They are applicants, we had not necessarily organised a loan for them yet. AFC Credits is the victim here. What that group did is illegal and writing about it would be against Read more about AFC Kredieten loan application data hacked, company responds: Meh, not our customers[…]

Source: WikiLeaks – The Hackingteam Archives

And let the shouting begin about who’s fault it was. ‘Most devastating cyber attack in US history’ Source: As the US realises it’s been PWNED, when will OPM heads roll? • The Register “Incidentally, the stolen OPM database was reportedly being offered on Hell, an onion site hosting a e-crim forum. According to Brian Krebs. Read more about US personel files and intelligence agents copied – multiple disclosures, could be 18million records out[…]

Because people don’t every patch their BIOSes, it is extremely likely that the vast majority of systems in the wild are vulnerable to at least one known exploit. We made public the details of the new SMM “Incursion” vulnerabilities (CERT VU# 631788, reported Oct 29th), that can be found automatically from SMM dumps. We showed Read more about Lighteater goes through BIOS owns your PC[…]

These extreme hacks rise above the unending morass of everyday, humdrum hacks because of what they target or because they employ previously unknown, unused, or advanced methods. They push the limit of what we security pros previously thought possible, opening our eyes to new threats and systemic vulnerabilities, all while earning the begrudging respect of Read more about Be paranoid: 10 terrifying extreme hacks[…]

Security researchers presenting at this week’s RSA Conference in San Francisco, have uncovered a whole new compelling reason to switch off your phone. Skycure’s Yair Amit and Adi Sharabani have demonstrated a startling vulnerability in iOS that can allow malicious hackers to crash any iOS device within range of a WiFi hotspot. And it doesn’t Read more about How to crash any iPhone or iPad within WiFi range[…]

ubiquiti makes some pretty cool wifi mesh networking stuff that does some cool things. however by violating GPL they are actually introducing as well as not fixing known security vulnerabilities into networks running their hardware. http://libertybsd.net/ubiquiti/

http://webwereld.nl/cloud/85889-langdurige-storing-outlook-com-blijft-een-mysterie

Starting on 27 March 2015, a very large number of people have found that their Avios balance has been reset to zero. Their list of transactions shows an "Ex-Gratia" deduction of their entire previous balance. Other people are also reporting they are unable to access their accounts at all, with their BAEC number not being Read more about Large numbers of British Airways Executive Club accounts being Locked/Zeroed Out/in Audit (‘Ex-gratia’) due to data breach[…]

ANTLabs InnGate devices are a popular Internet gateway for visitor-based networks. They’re commonly installed in hotels, convention centers and other places that provide temporary guests access to a WiFi connection. If you’ve ever used WiFi in a hotel, you’re familiar with these types of devices as they are typically tied to a specific room number Read more about Hotel routers very insecure[…]

"rowhammer", rapidly writes and rewrites memory to force capacitor errors in DRAM, which can be exploited to gain control of the system. By repeatedly recharging one line of RAM cells, bits in an adjacent line can be altered, thus corrupting the data stored. This corruption can lead to the wrong instructions being executed, or control Read more about Rowhammer allows root access to non-ECC DRAM3 memory machines (laptops)[…]

The superfish software shipped with Lenovo laptops can intercept and redirect your secure browsing sessions (eg to your bank) so that third parties can hijack them. You can test to see if your Lenovo product is infected, how to do so is included in the link below. It can also be removed, again instructions in Read more about Lenovo ships laptops with man in the middle spyware on it[…]

By learning about the habits of co-workers in over 100 financial institutions, mainly in Russia, the hackers infected computers using spear fishing techniques. They upped the balance of accounts and transferred away the excess money. They also programmed PIN machines to spit out money at specified times. Hackers stelen 1 miljard dollar bij 'grootste bankroof Read more about Hackers steal 1 billions dollars over 2 years time in greatest heist ever[…]

Luxury car manufacturer BMW has rolled out a patch for a security flaw that could have allowed hackers to open the doors of some 2.2 million vehicles. The issue affects BMW, Mini and Rolls Royce models that come equipped with ConnectedDrive – a technology that allows car owners to access internet, navigation and other services Read more about BMW finally fixes 1/2 year old flaw that lets anyone open windows and doors[…]

Anthem, the US’s second biggest health insurer with about 70 million people on its books across the country, admitted late on Wednesday, Pacific time, that it has been comprehensively ransacked by criminals. Tens of millions of records are likely to have been obtained illegally as a result of the hack, Anthem warned http://www.theregister.co.uk/2015/02/05/anthem_hacked/