Edit: It seems that this system creates a whole load of bogus files and dirs and monitors them, not the whole file system. This pollutes the file system and means that people can quite easily write around it. Every ransomware program goes over files, chooses the ones that look interesting, encrypts them and destroys the Read more about Cybereason Introduces: Free Behavioral-Based Ransomware Blocking[…]

New research from Lancaster University, Northwest University in China, and the University of Bath, which benefitted from funding from the Engineering and Physical Sciences Research Council (EPSRC), shows for the first time that attackers can crack Pattern Lock reliably within five attempts by using video and computer vision algorithm software. By covertly videoing the owner Read more about Your Android device’s Pattern Lock can be cracked within five attempts[…]

The group – Yinzhi Cao and Song Li of from Lehigh University in Pennsylvania, and Erik Wijmans from Washington University in St. Louis – have worked out how to access various operating system and hardware-level features that can fingerprint an individual machine, regardless of browser. These include screen resolution with zoom; CPU virtual cores; installed Read more about It’s not just your browser: Your machine can be fingerprinted easily[…]

WhatsApp’s end-to-end encryption relies on the generation of unique security keys, using the acclaimed Signal protocol, developed by Open Whisper Systems, that are traded and verified between users to guarantee communications are secure and cannot be intercepted by a middleman. However, WhatsApp has the ability to force the generation of new encryption keys for offline Read more about WhatsApp backdoor allows snooping on encrypted messages[…]

MongoDB databases are being decimated in soaring ransomware attacks that have seen the number of compromised systems more than double to 27,000 in a day. Criminals are accessing, copying and deleting data from unpatched or badly-configured databases. Administrators are being charged ransoms to have data returned. Initial attacks saw ransoms of 0.2 bitcoins (US$184) to Read more about MongoDB ransom attacks soar, body count hits 27,000 in hours[…]

The attack vector is manifest when victims select autofill while filling out registration forms: attackers hide sensitive fields like street address, date of birth, and phone number, displaying only basic entry boxes like name and email. Users who type the start of their names will generate a prompt that when selected will throw an option Read more about Autocomplete hidden form fields a novel phishing hole for Chrome, Safari crims[…]

We’re excited to announce the release of Project Wycheproof, a set of security tests that check cryptographic software libraries for known weaknesses. We’ve developed over 80 test cases which have uncovered more than 40 security bugs (some tests or bugs are not open sourced today, as they are being fixed by vendors). For example, we Read more about Google releases crypto library checker tools[…]

To everyone else, get patching Source: Dear hackers, Ubuntu’s app crash reporter will happily execute your evil code on a victim’s box

macOS FileVault2 let attackers with physical access retrieve the password in clear text by plugging in a $300 Thunderbolt device into a locked or sleeping mac. The password may be used to unlock the mac to access everything on it. To secure your mac just update it with the December 2016 patches.Anyone including, but not Read more about Hacking: macOS FileVault2 Password Retrieval[…]

Fraudsters can guess credit card numbers in as little as six seconds per attempt thanks to security gaps in Visa’s network, academics say. The brute force attacks allow criminals to bombard Visa with card payment requests across multiple sites with each attempt narrowing the possible combinations until a valid card number and expiry date are Read more about Guessing valid credit card numbers in six seconds? Priceless[…]

Netgear R7000, firmware version 1.0.7.2_1.1.93 and possibly earlier, and R6400, firmware version 1.0.1.12_1.0.11 and possibly earlier, contain an arbitrary command injection vulnerability. By convincing a user to visit a specially crafted web site, a remote unauthenticated attacker may execute arbitrary commands with root privileges on affected routers. A LAN-based attacker may do the same by Read more about Vulnerability Note VU#582384 – Multiple Netgear routers are vulnerable to arbitrary command injection[…]

An attacker can misuse PwC ACE security vulnerability in order to: – make changes to the production systems and their settings including manipulating or corrupting ABAP programs shipped by SAP and making the system and data inoperable; – plant an SAP backdoor for accessing the system and sensitive data later; and – shut down the Read more about Full Disclosure: [ESNC-2041217] Critical Security Vulnerability in PwC ACE Software for SAP Security[…]

Researchers from SEC Consult have found two backdoor accounts that exist in 80 models of professional Sony security cameras, mainly used by companies and government agencies given their high price. One set of hard-coded credentials is in the Web interface and allows a remote attacker to send requests that would enable the Telnet service on Read more about Hardcoded root accounts found in 80 Sony IP security camera models[…]

In March 2016, security experts warned that PowerShell had been fully weaponised. In the following month, a report confirmed that PowerShell was used to launch 38% of cyber attacks seen by security firm Carbon Black and its partners in 2015. Now more than 95% of PowerShell scripts analysed by Symantec researchers have been found to Read more about PowerShell security threats greater than ever, researchers warn[…]

This CLI debugging interface grants the attacker full access to the computer’s hard drive, despite the presence of BitLocker. The reason is that during the Windows 10 update procedure, the OS disables BitLocker while the Windows PE (Preinstallation Environment) installs a new image of the main Windows 10 operating system. Source: Holding Shift + F10 Read more about Holding Shift + F10 During Windows 10 Updates Opens Root CLI, Bypasses BitLocker – Slashdot[…]

Acquired administrator level access to all of the [Microsoft Azure](https://azure.microsoft.com) managed [Red Hat Update Infrastructure](https://access.redhat.com/documentation/en/red-hat-update-infrastructure/3.0.beta.1/paged/system-administrator-guide/chapter-1-about-red-hat-update-infrastructure) that supplies all the packages for all [Red Hat Enterprise Linux](https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux) instances booted from the Azure marketplace. Basically it’s easy to find all servers, then bump up a package version number, upload it to the update host and get all Read more about Acquired administrator level access to all of the Microsoft Azure managed Red Hat Update Infrastructure that supplies all the packages for all Red Hat Enterprise Linux instances booted from the Azure marketplace.[…]

The US Secret Service is tasked with keeping the President and members of his family safe. But newly released documents show that the agency has had trouble keeping tabs on its own equipment. Since 2001, the agency has lost at least 1,024 computers, 736 mobile phones, and 121 guns. Judicial Watch obtained the numbers through Read more about The Secret Service Has Lost 1,024 Computers Since 2001[…]

CCTV cameras? You’ve been looking in the wrong place Source: Origin of the beasties: Mirai botnet missing link revealed as DVR player Looks like digital video recorders offer more functionalities than IP cams and were used in 4/5 attack vectors.

At least five Russian major banks came under a continuous hacker attack, although online client services were not disrupted. The attack came from a wide-scale botnet involving at least 24,000 computers, located in 30 countries. The attack began Tuesday afternoon, and continued for two days straight, according to a source close to Russia’s Central Bank Read more about 5 major Russian banks repel massive DDoS attack[…]

By using the interference patterns with wifi, you can collect information and detect with 68.9% accuracy what people are typing. The accuracy goes up as you collect more data. Source: Your body reveals your password by interfering with Wi-Fi

In this paper we describe a new type of threat in which adjacent IoT devices will infect each other with a worm that will spread explosively over large areas in a kind of nuclear chain reaction, provided that the density of compatible IoT devices exceeds a certain critical mass. In particular, we developed and verified Read more about IoT Goes Nuclear – Creating a ZigBee Chain Reaction / How they hacked your Philips Hue and made a worm[…]

As explained in a paper titled A Formal Security Analysis of the Signal Messaging Protocol (PDF) from the International Association for Cryptologic Research, Signal has no discernible flaws and offers a well-designed and compromise-resistant architecture. Signal uses a double rachet algorithm that employs ephemeral key exchanges continually during each session, minimising the amount of text Read more about ‘Trust it’: Results of Signal’s first formal crypto analysis are in[…]