Chinese scammers, criminals and businesses are exploiting its surveillance state

Chinese tech company employees and government workers are siphoning off user data and selling it online – and even high-ranking Chinese Communist Party officials and FBI-wanted hackers’ sensitive information is being peddled by the Middle Kingdom’s thriving illegal data ecosystem. “While Western cybercrime research focuses heavily on criminals in the English- and Russian-speaking worlds, there Read more about Chinese scammers, criminals and businesses are exploiting its surveillance state[…]

In massive U-turn, FBI Warns Americans to Start Using Encrypted Messaging Apps, after discovering the problem with backdoors

America’s top cybersecurity and law enforcement officials made a coordinated push Tuesday to raise awareness about cyber threats from foreign actors in the wake of an intrusion of U.S. telecom equipment dubbed Salt Typhoon. The hackers are linked to the Chinese government and they still have a presence in U.S. systems, spying on American communications, Read more about In massive U-turn, FBI Warns Americans to Start Using Encrypted Messaging Apps, after discovering the problem with backdoors[…]

Data broker SL leaves 600K+ sensitive files exposed online, doesn’t fix it despite warnings

More than 600,000 sensitive files containing thousands of people’s criminal histories, background checks, vehicle and property records were exposed to the internet in a non-password protected database belonging to data brokerage SL Data Services, according to a security researcher. We don’t know how long the personal information was openly accessible. Infosec specialist Jeremiah Fowler says Read more about Data broker SL leaves 600K+ sensitive files exposed online, doesn’t fix it despite warnings[…]

US and UK Armed Forces Dating & Social Networking Service Exposed Over 1 Million Records Online through coding error

Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password-protected database that contained more than 1.1 million records belonging to Conduitor Limited (trading as Forces Penpals) — a service that offers dating services, and social networking for military members and their supporters. The publicly exposed database was not password-protected or encrypted. It contained Read more about US and UK Armed Forces Dating & Social Networking Service Exposed Over 1 Million Records Online through coding error[…]

Oh Look, It Was Trivial To Buy Troop And Intelligence Officer Location Data From Dodgy, Unregulated Data Brokers

There are two major reasons that the U.S. doesn’t pass an internet-era privacy law or regulate data brokers despite a parade of dangerous scandals. One, lobbied by a vast web of interconnected industries with unlimited budgets, Congress is too corrupt to do its job. Two, the U.S. government is disincentivized to do anything because it exploits this Read more about Oh Look, It Was Trivial To Buy Troop And Intelligence Officer Location Data From Dodgy, Unregulated Data Brokers[…]

Hacking Back the AI-Hacker: Prompt Injection by your LLM as a Defense Against LLM-driven Cyberattacks

Large language models (LLMs) are increasingly being harnessed to automate cyberattacks, making sophisticated exploits more accessible and scalable. In response, we propose a new defense strategy tailored to counter LLM-driven cyberattacks. We introduce Mantis, a defensive framework that exploits LLMs’ susceptibility to adversarial inputs to undermine malicious operations. Upon detecting an automated cyberattack, Mantis plants Read more about Hacking Back the AI-Hacker: Prompt Injection by your LLM as a Defense Against LLM-driven Cyberattacks[…]

Retailers Eye Radio emitting ink on fibres to Stop Shoplifting

[…] small Spanish technology company, Myruns, and telecommunications operator Telefónica SA about the possible application of a system based on an anti-theft alarm product so thin it’s imperceptible to the naked eye […] The technology from Myruns, in San Sebastian, Spain, may be just one of the efforts to curb thefts that have been studied Read more about Retailers Eye Radio emitting ink on fibres to Stop Shoplifting[…]

Synology and QNAP hurry out patches for zero-days exploited at Pwn2Own

S Synology, a Taiwanese network-attached storage (NAS) appliance maker, patched two critical zero-days exploited during last week’s Pwn2Own hacking competition within days. Midnight Blue security researcher Rick de Jager found the critical zero-click vulnerabilities (tracked together as CVE-2024-10443 and dubbed RISK:STATION) in the company’s Synology Photos and BeePhotos for BeeStation software. As Synology explains in security Read more about Synology and QNAP hurry out patches for zero-days exploited at Pwn2Own[…]

Fitness apps (Strava) still giving away locations of world leaders including Trump, Putin and Macron

Some of the world’s most prominent leaders’ movements were tracked online through a fitness app used by their bodyguards, an investigation has suggested A report by French newspaper Le Monde said several US Secret Service agents use the Strava fitness app, which has revealed highly confidential movements of US president Joe Biden, presidential rivals Donald Read more about Fitness apps (Strava) still giving away locations of world leaders including Trump, Putin and Macron[…]

Over 115,000 United Nations Documents Associated to Gender Equality Exposed Online

[…] The non-password protected, non encrypted/clear text database contained financial reports and audits (including bank account information), staff documents, email addresses, contracts, certifications, registration documents, and much more. In total, the database held 115,141 files in.PDF,.xml,.jpg,,png, or other formats, amounting to 228 GB. Many of the documents I saw were marked as confidential and should Read more about Over 115,000 United Nations Documents Associated to Gender Equality Exposed Online[…]

Samsung phones being attacked by flaw. Use the Oct 7 update!

A nasty bug in Samsung’s mobile chips is being exploited by miscreants as part of an exploit chain to escalate privileges and then remotely execute arbitrary code, according to Google security researchers. The use-after-free vulnerability is tracked as CVE-2024-44068, and it affects Samsung Exynos mobile processors versions 9820, 9825, 980, 990, 850, and W920. It Read more about Samsung phones being attacked by flaw. Use the Oct 7 update![…]

FIDO Alliance Publishes Draft Working Specifications for Passkeys, invites feedback

The FIDO Alliance has published a working draft of a new set of specifications for secure credential exchange that, when standardized and implemented by credential providers, will enable users to securely move passkeys and all other credentials across providers. The specifications are the result of commitment and collaboration amongst members of the FIDO Alliance’s Credential Read more about FIDO Alliance Publishes Draft Working Specifications for Passkeys, invites feedback[…]

Italy is losing its mind because of copyright: it just made its awful Piracy Shield even worse

Walled Culture has been writing about Italy’s Piracy Shield system for a year now. It was clear from early on that its approach of blocking Internet addresses (IP addresses) to fight alleged copyright infringement – particularly the streaming of football matches – was flawed, and risked turning into another fiasco like France’s failed Hadopi law. Read more about Italy is losing its mind because of copyright: it just made its awful Piracy Shield even worse[…]

Chinese 3x ISP hack shows why world is right about security backdoors and politicians and security people who want them are idiots

It was revealed this weekend that Chinese hackers managed to access systems run by three of the largest internet service providers (ISPs) in the US. What’s notable about the attack is that it compromised security backdoors deliberately created to allow for wiretaps by US law enforcement … […] Apple famously refused the FBI’s request to Read more about Chinese 3x ISP hack shows why world is right about security backdoors and politicians and security people who want them are idiots[…]

More details on that Windows Installer ‘make me admin’ hole

In this week’s Patch Tuesday Microsoft alerted users to, among other vulnerabilities, a flaw in Windows Installer that can be exploited by malware or a rogue user to gain SYSTEM-level privileges to hijack a PC. The vulnerability, CVE-2024-38014, was spotted and privately disclosed by security shop SEC Consult, which has now shared the full details Read more about More details on that Windows Installer ‘make me admin’ hole[…]

SolarWinds left hardcoded credentials in helpdesk product

SolarWinds left hardcoded credentials in its Web Help Desk product that can be used by remote, unauthenticated attackers to log into vulnerable instances, access internal functionality, and modify sensitive data The software maker has now issued an update to address that critical oversight; its users are encouraged to install the fix, which presumably removes the Read more about SolarWinds left hardcoded credentials in helpdesk product[…]

‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections

Security flaws in your computer’s firmware, the deep-seated code that loads first when you turn the machine on and controls even how its operating system boots up, have long been a target for hackers looking for a stealthy foothold. But only rarely does that kind of vulnerability appear not in the firmware of any particular Read more about ‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections[…]

Design flaw has Microsoft Authenticator overwriting MFA accounts, locking users out

[…] For those who rely on Microsoft Authenticator, the experience can go beyond momentary frustration to full-blown panic as they become locked out of their accounts. That’s because, due to an issue involving which fields it uses, Microsoft Authenticator often overwrites accounts when a user adds a new account via QR scan — the most Read more about Design flaw has Microsoft Authenticator overwriting MFA accounts, locking users out[…]

Crowdstrike apologises for breaking the world to own IT Workers With $10 Uber Eats Coupons that are flagged by Uber as Fraudulent

Last week, the world reacted as 8.5 million computers crashed to bluescreen, grounding flights, crippling hospitals, and bringing down 911 services. This week, the world is reacting to the company responsible—Crowdstrike—offering its staff and the companies it works with a $10 Uber Eats voucher as way of apology for all their extra work over the Read more about Crowdstrike apologises for breaking the world to own IT Workers With $10 Uber Eats Coupons that are flagged by Uber as Fraudulent[…]

So that Global Microsoft IT outage – turns out a Crowdstrike update borked your PC. Here’s some memes to make you feel better.

Businesses worldwide grappled with an ongoing major IT outage Friday, as financial services and doctors’ offices were disrupted, while some TV broadcasters went offline. Air travel has been hit particularly hard, with planes grounded, services delayed and airports issuing advice to passengers. The outage came as cybersecurity giant CrowdStrike experienced a major disruption early Friday Read more about So that Global Microsoft IT outage – turns out a Crowdstrike update borked your PC. Here’s some memes to make you feel better.[…]

Critical Cisco bug allows anyone to change all (including admin) passwords

Cisco just dropped a patch for a maximum-severity vulnerability that allows attackers to change the password of any user, including admins. Tracked as CVE-2024-20419, the bug carries a maximum 10/10 CVSS 3.1 rating and affects the authentication system of Cisco Smart Software Manager (SSM) On-Prem. Cisco hasn’t disclosed too many details about this, which is Read more about Critical Cisco bug allows anyone to change all (including admin) passwords[…]

Linksys Velop Routers Caught Sending WiFi Creds In The Clear – alerted in November 2023 still not fixed

A troubling report from the Belgian consumer protection group Testaankoop: several models of Velop Pro routers from Linksys were found to be sending WiFi configuration data out to a remote server during the setup process. That would be bad enough, but not only are these routers reporting private information to the mothership, they are doing Read more about Linksys Velop Routers Caught Sending WiFi Creds In The Clear – alerted in November 2023 still not fixed[…]

384,000 sites still pulling code from sketchy polyfill.io code library recently bought by Chinese firm

More than 384,000 websites are linking to a site that was caught last week performing a supply-chain attack that redirected visitors to malicious sites, researchers said. For years, the JavaScript code, hosted at polyfill[.]com, was a legitimate open source project that allowed older browsers to handle advanced functions that weren’t natively supported. By linking to Read more about 384,000 sites still pulling code from sketchy polyfill.io code library recently bought by Chinese firm[…]

CocoaPods Vulnerabilities from 2014 Affects almost all Apple devices, Facebook, TikTok apps and more

CocoaPods vulnerabilities reported today could allow malicious actors to take over thousands of unclaimed pods and insert malicious code into many of the most popular iOS and MacOS applications, potentially affecting “almost every Apple device.” E.V.A Information Security researchers found that the three vulnerabilities in the open source CocoaPods dependency manager were present in applications Read more about CocoaPods Vulnerabilities from 2014 Affects almost all Apple devices, Facebook, TikTok apps and more[…]