Inaudible ultrasound attack can stealthily control your phone, smart speaker

American university researchers have developed a novel attack called “Near-Ultrasound Inaudible Trojan” (NUIT) that can launch silent attacks against devices powered by voice assistants, like smartphones, smart speakers, and other IoTs. The team of researchers consists of professor Guenevere Chen of the University of Texas in San Antonio (UTSA), her doctoral student Qi Xia, and Read more about Inaudible ultrasound attack can stealthily control your phone, smart speaker[…]

US House reps, staff health data stolen in cyberattack

Health data and other personal information of members of Congress and staff were stolen during a breach of servers run by DC Health Care Link and are now up for sale on the dark web. The FBI is investigating the intrusion, which came to light Wednesday after Catherine Szpindor, the House of Representatives’ chief administrative Read more about US House reps, staff health data stolen in cyberattack[…]

It’s official: BlackLotus malware can bypass UEFI secure boot

BlackLotus, a UEFI bootkit that’s sold on hacking forums for about $5,000, can now bypass Secure Boot, making it the first known malware to run on Windows systems even with the firmware security feature enabled. Secure Boot is supposed to prevent devices from running unauthorized software on Microsoft machines. But by targeting UEFI the BlackLotus Read more about It’s official: BlackLotus malware can bypass UEFI secure boot[…]

Microsoft feels free to edit websites you browse: begs people to stick to Edge on Chrome download page

Microsoft Edge has been spotted inserting a banner into the Chrome download page on Google.com begging people to stick with the Windows giant’s browser. As noted this week by Neowin, an attempt to download and install Chrome Canary using Edge Canary – both experimental browser builds – led to the presentation in the Edge browser Read more about Microsoft feels free to edit websites you browse: begs people to stick to Edge on Chrome download page[…]

Among ESXiArgs’ ransomware victims? FBI, CISA here to help

The US Cybersecurity and Infrastructure Security Agency (CISA) has released a recovery script to help companies whose servers were scrambled in the recent ESXiArgs ransomware outbreak. The malware attack hit thousands of servers over the globe but there’s no need to enrich criminals any more. In addition to the script, CISA and the FBI today Read more about Among ESXiArgs’ ransomware victims? FBI, CISA here to help[…]

Prilex POS malware can block contactless payments, force PIN use

[…] Kaspersky discovered two new Prilex variants in early 2022 and found a third in November that can target NFC-enabled credit cards and block contactless transactions, forcing payers over to the less-secure PIN machines. “The goal here is to force the victim to use their physical card by inserting it into the PIN pad reader, Read more about Prilex POS malware can block contactless payments, force PIN use[…]

Dutch hacker obtained, sold virtually all Austrians’ (and Dutch and Colombian?) personal data

A Dutch hacker arrested in November obtained and offered for sale the full name, address and date of birth of virtually everyone in Austria, the Alpine nation’s police said on Wednesday. A user believed to be the hacker offered the data for sale in an online forum in May 2020, presenting it as “the full Read more about Dutch hacker obtained, sold virtually all Austrians’ (and Dutch and Colombian?) personal data[…]

Up to 925000 Norton LifeLock Accounts Targeted in credential stuffing attack

Thousands of people who use Norton password manager began receiving emailed notices this month alerting them that an unauthorized party may have gained access to their personal information along with the passwords they have stored in their vaults. Gen Digital, Norton’s parent company, said the security incident was the result of a credential-stuffing attack rather Read more about Up to 925000 Norton LifeLock Accounts Targeted in credential stuffing attack[…]

Airline owned through open Jenkins and hardcoded AWS – TSA NoFly List found and exposed

how to completely own an airline in 3 easy steps and grab the TSA nofly list along the way note: this is a slightly more technical* and comedic write up of the story covered by my friends over at dailydot, which you can read here *i say slightly since there isnt a whole lot of Read more about Airline owned through open Jenkins and hardcoded AWS – TSA NoFly List found and exposed[…]

200 Million Twitter Users’ Data for Sale on the Dark Web for $2

[…] The short version of the latest drama is this: data stolen from Twitter more than a year ago found its way onto a major dark web marketplace this week. The asking price? The crypto equivalent of $2. In other words, it’s basically being given away for free. The hacker who posted the data haul, Read more about 200 Million Twitter Users’ Data for Sale on the Dark Web for $2[…]

The LastPass disclosure of leaked password vaults is being torn apart by security experts

Last week, just before Christmas, LastPass dropped a bombshell announcement: as the result of a breach in August, which led to another breach in November, hackers had gotten their hands on users’ password vaults. While the company insists that your login information is still secure, some cybersecurity experts are heavily criticizing its post, saying that Read more about The LastPass disclosure of leaked password vaults is being torn apart by security experts[…]

EarSpy: Spying on Phone Calls via Ear Speaker Vibrations Captured by Accelerometer

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for eavesdropping on a targeted user’s conversations, according to a team of researchers from several universities in the United States. The attack method, named EarSpy, is described in a paper published just Read more about EarSpy: Spying on Phone Calls via Ear Speaker Vibrations Captured by Accelerometer[…]

Two people charged with hacking Ring security cameras to livestream swattings

In a reminder of smart home security’s dark side, two people hacked Ring security cameras to livestream swattings, according to a Los Angeles grand jury indictment (according to a report from Bloomberg). The pair called in hoax emergencies to authorities and livestreamed the police response on social media in late 2020. James Thomas Andrew McCarty, Read more about Two people charged with hacking Ring security cameras to livestream swattings[…]

LastPass admits attackers copied password vaults

Password locker LastPass has warned customers that the August 2022 attack on its systems saw unknown parties copy encrypted files that contains the passwords to their accounts. In a December 22nd update to its advice about the incident, LastPass brings customers up to date by explaining that the August 2022 attack saw “some source code Read more about LastPass admits attackers copied password vaults[…]

A Modchip To Root Starlink User Terminals Through Voltage Glitching

[…] this modchip-based hack of a Starlink terminal brings us. [Lennert Wouters]’ team has been poking and prodding at the Starlink User Terminal, trying to get root access, and needed to bypass the ARM Trusted Firmware boot-time integrity checks. The terminal’s PCB is satellite-dish-sized, so things like laser fault injection are hard to set up Read more about A Modchip To Root Starlink User Terminals Through Voltage Glitching[…]

Russian software disguised as American finds its way into U.S. Army, CDC apps

Thousands of smartphone applications in Apple (AAPL.O) and Google’s (GOOGL.O) online stores contain computer code developed by a technology company, Pushwoosh, that presents itself as based in the United States, but is actually Russian, Reuters has found. […] The U.S. Army said it had removed an app containing Pushwoosh code in March because of the Read more about Russian software disguised as American finds its way into U.S. Army, CDC apps[…]

Medibank: Hackers release abortion data after stealing Australian medical records

Hackers who stole customer data from Australia’s largest health insurer Medibank have released a file of pregnancy terminations. It follows Medibank’s refusal to pay a ransom for the data, supported by the Australian government. Medibank urged the public to not seek out the files, which contain the names of policy holders rather than patients. CEO Read more about Medibank: Hackers release abortion data after stealing Australian medical records[…]

Suspected Kremlin hack on Liz Truss’s mobile sparks security clampdown

Spy chiefs have ordered ministers to stop using their personal phones to conduct government business following a suspected Kremlin hack on Liz Truss’s mobile. A Whitehall source said all ministers involved in national security would be expected to attend fresh training with the security services this week ‘to ensure everyone is aware how this material Read more about Suspected Kremlin hack on Liz Truss’s mobile sparks security clampdown[…]

Australia’s Medibank says data of 4 mln customers accessed by hacker

Medibank Private Ltd (MPL.AX), Australia’s biggest health insurer, said on Wednesday a cyber hack had compromised data of all of its of its nearly 4 million customers, as it warned of a A$25 million to A$35 million ($16 million to $22.3 million) hit to first-half earnings. It said on Wednesday that all personal and significant Read more about Australia’s Medibank says data of 4 mln customers accessed by hacker[…]

Crooks use POS malware to steal 167,000 credit card numbers from shops with open VNC + RDP ports

Cybercriminals have used two strains of point-of-sale (POS) malware to steal the details of more than 167,000 credit cards from payment terminals. The backend command-and-control (C2) server that operates the MajikPOS and Treasure Hunter malware remains active, according to Group-IB’s Nikolay Shelekhov and Said Khamchiev, and “the number of victims keeps growing,” they said this Read more about Crooks use POS malware to steal 167,000 credit card numbers from shops with open VNC + RDP ports[…]

Shein Owner Fined $1.9 Million For Failing To Notify 39 Million Users of Data Breach – Slashdot

Zoetop, the firm that owns Shein and its sister brand Romwe, has been fined (PDF) $1.9 million by New York for failing to properly disclose a data breach from 2018. TechCrunch reports: A cybersecurity attack that originated in 2018 resulted in the theft of 39 million Shein account credentials, including those of more than 375,000 Read more about Shein Owner Fined $1.9 Million For Failing To Notify 39 Million Users of Data Breach – Slashdot[…]

Default title

A dark web carding market named ‘BidenCash’ has released a massive dump of 1,221,551 credit cards to promote their marketplace, allowing anyone to download them for free to conduct financial fraud. Carding is the trafficking and use of credit cards stolen through point-of-sale malware, magecart attacks on websites, or information-stealing malware. BidenCash is a stolen cards marketplace launched Read more about Default title[…]

IKEA TRÅDFRI smart lighting hacked to blink and reset

Researchers at the Synopsys Cybersecurity Research Center (CyRC) have discovered an availability vulnerability in the IKEA TRÅDFRI smart lighting system. An attacker sending a single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI bulb blink, and if they replay (i.e. resend) the same frame multiple times, the bulb performs a factory reset. This causes the Read more about IKEA TRÅDFRI smart lighting hacked to blink and reset[…]