Experts have been warning for years about security blunders in the Signaling System 7 protocol – the magic glue used by cellphone networks to communicate with each other. These shortcomings can be potentially abused to, for example, redirect people’s calls and text messages to miscreants’ devices. Now we’ve seen the first case of crooks exploiting Read more about After years of warnings, mobile network hackers exploit SS7 flaws to drain bank accounts via MitM attacks[…]

A US online pet store has exposed the details of more than 110,400 credit cards used to make purchases through its website, researchers have found. In a stunning show of poor security, the Austin, Texas-based company FuturePets.com exposed its entire customer database, including names, postal and email addresses, phone numbers, credit card information, and plain-text Read more about FuturePets.com database of thousands of credit cards was left exposed for months[…]

Bruce66423 brings word that a terrorist’s WhatsApp message has been decrypted “using techniques that ‘cannot be disclosed for security reasons’, though ‘sources said they now have the technical expertise to repeat the process in future.’” The Economic Times reports: U.K. security services have managed to decode the last message sent out by Khalid Masood before Read more about Yes, your whatsapp messages can be read by the London police[…]

On Wednesday, large chunks of network traffic belonging to MasterCard, Visa, and more than two dozen other financial services companies were briefly routed through a Russian government-controlled telecom under unexplained circumstances that renew lingering questions about the trust and reliability of some of the most sensitive Internet communications. Anomalies in the border gateway protocol—which routes Read more about Russian-controlled telecom hijacks financial services’ Internet traffic[…]

The bug, CVE-2017-1000353, exists in how Jenkins implements HTTP upload/download requests. The bug lets an attacker exploit a serialised object in the preamble of commands sent to the CLI. As described by Securiteam, “since Jenkins does not validate the serialised object, any serialise[d] object can be sent.” The attacker can use the channel to send Read more about Jenkins admin? Get buzzy patching, says Cloudbees[…]

The short version is that every Intel platform with AMT, ISM, and SBT from Nehalem in 2008 to Kaby Lake in 2017 has a remotely exploitable security hole in the ME (Management Engine) not CPU firmware. If this isn’t scary enough news, even if your machine doesn’t have SMT, ISM, or SBT provisioned, it is Read more about Remote security exploit in all 2008+ Intel platforms – SemiAccurate[…]

Neatgear has cocked up its cloud management service, losing data stored locally on ReadyNAS devices’ shared folders worldwide – and customers have complained to The Register about only being informed four weeks later. This week, the San Jose-based networking business sent an email to customers, seen by The Register, confirming that an “outage” affecting ReadyCLOUD, Read more about Netgear says sorry four weeks after losing customer backups on cloud and locally(!!!!) – yes the cloud can hurt you![…]

The Shadow Brokers have leaked more hacking tools stolen from the NSA’s Equation Group – this time four-year-old exploits that attempt to hijack venerable Windows systems, from Windows 2000 up to Server 2012 and Windows 7 and 8. The toolkit puts into anyone’s hands – from moronic script kiddies to hardened crims – highly classified Read more about Shadow Brokers release 4 year old NSA hacks for Win2k to Windows 8[…]

Cyber experts at Newcastle University, UK, have revealed the ease with which malicious websites, as well as installed apps, can spy on us using just the information from the motion sensors in our mobile phones. Analysing the movement of the device as we type in information, they have shown it is possible to crack four-digit Read more about Smartphone gyros and open background tabs reveal your inputs, even when locked[…]

A security researcher has found 40 unknown zero-day vulnerabilities in Tizen, the operating system that runs on millions of Samsung products. Source: Samsung’s Android Replacement Is a Hacker’s Dream – Motherboard

The vulnerability is due to the existence of default credentials for an affected device that is running Cisco Mobility Express Software, regardless of whether the device is configured as a master, subordinate, or standalone access point. An attacker who has layer 3 connectivity to an affected device could use Secure Shell (SSH) to log in Read more about Cisco Aironet 1830 Series and 1850 Series Access Points Mobility Express with hardcoded passwords[…]

Details: ======== The corresponding embeded webserver “PST10 WebServer” typically listens to port 80 and is prone to a directory traversal attack, therefore an unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks. Proof of Concept: ================= ~$ telnet 192.168.0.1 80 Trying 192.168.0.1… Connected to 192.168.0.1. Escape Read more about Miele Professional PG 8528 dishwasher insecure – Web Server Directory Traversal[…]

The UK government has announced a cabin baggage ban on laptops and tablets on direct flights to the UK from Turkey, Lebanon, Jordan, Egypt, Tunisia and Saudi Arabia. The ban follows a similar move in the US, where officials say bombs could be hidden in a series of devices. Downing Street said it was “necessary, Read more about UK flight ban on electronic devices announced – copying Trumpist insanity[…]

The first two flaws can be triggered and lead to a buffer overflow condition if the attacker sends to the camera a too-long Wi-Fi SSID parameter or a long encrypted password parameter, respectively. That’s easy to do as Bluetooth is never disabled after the initial setup of the cameras, and attackers (e.g. burglars) can usually Read more about Burglars can easily make Google Nest security cameras stop recording[…]

Your antivirus and network protection efforts may actually be undermining network security, a new paper and subsequent US-CERT advisory have warned. The issue comes with the use of HTTPS interception middleboxes and network monitoring products. They are extremely common and are used to check that nothing untoward is going on. However, the very method by Read more about Web security products introduce man in the middle insecurities[…]

“WikiLeaks has made initial contact with us via secure@microsoft.com,” a Microsoft spokesperson told Motherboard — but then things apparently stalled. An anonymous reader quotes Fortune: Wikileaks this week contacted major tech companies including Apple and Google, and required them to assent to a set of conditions before receiving leaked information about security “zero days” and Read more about WikiLeaks will disclose CIA vulns to companies that sign standard responsible disclosures – or maybe not so standard?[…]

The duration (2016–09–22 to 2017–02–20) and potential breadth of information exposed is huge — Cloudflare has over 2 million websites on its network, and data from any of these is potentially exposed. Cloudflare has said the actual impact is relatively minor, so I believe only limited amounts of information were actually disseminated. Essentially, broad range of data Read more about Cloudbleed: How to deal with it[…]

The Check Point Mobile Threat Prevention has recently detected a severe infection in 38 Android devices, belonging to a large telecommunications company and a multinational technology company. While this is not unusual, one detail of the attacks stands out. In all instances, the malware was not downloaded to the device as a result of the Read more about Preinstalled Malware Targeting Mobile Users[…]

enderson tested four major auto manufacturers, and found they all have apps that allow previous owners to access them from a mobile device. At the RSA security conference in San Francisco on Friday, Henderson explained how people can still retain control of connected cars even after they resell them. Manufacturers create apps to control smart Read more about Used cars allow the old owners app access[…]

“An attacker could exploit this vulnerability by sending API commands via HTTP to a particular URL without prior authentication,” Cisco said today. “An exploit could allow the attacker to perform any actions in Cisco Prime Home with administrator privileges.” Note that “administrator” was italicized by the networking giant. Super serious. Cisco pitches Prime Home as Read more about Cisco’s Prime Home lets hackers hijack people’s routers, from one single point at the ISP[…]

The flawed version is in Debian 9 (Stretch), currently in testing, but not in Debian 8 (Jessie). The bug appears to be a result of a bad interaction with the encfs encrypted filesystem’s command line interface: Cryptkeeper invokes encfs and attempts to enter paranoia mode with a simulated ‘p’ keypress – instead, it sets passwords Read more about Linux encryption app Cryptkeeper has universal password: ‘p’[…]

More than a third of organisations that experienced a breach last year reported substantial customer, opportunity and revenue loss. The finding is one of the key takeaways from the latest edition of Cisco’s annual cybersecurity report, which also suggests that defenders are struggling to improve defences against a growing range of threats. The vast majority Read more about Suffered a breach? Expect to lose cash, opportunities, and customers – report[…]

A team from CSIRO’s Data 61, University of NSW and UC Berkley in the US found a whole bunch of Android VPN apps contain viruses, spyware and other adware. Researchers analysed the apps available for Android to look for nasties like trojans, spyware and adware — giving each an “anti-virus rank (AV)” based on what Read more about Viruses, spyware found in ‘alarming’ number of Android VPN apps[…]