The cyber tool allowed the small Gulf country to monitor hundreds of targets beginning in 2016, from the Emir of Qatar and a senior Turkish official to a Nobel Peace laureate human-rights activist in Yemen, according to five former operatives and program documents reviewed by Reuters. The sources interviewed by Reuters were not Emirati citizens. Read more about UAE used cyber super-weapon to spy on iPhones of foes[…]
Facebook has yet again vowed to “do better” after it was caught secretly bypassing Apple’s privacy rules to pay adults and teenagers to install a data-slurping iOS app on their phones. The increasingly worthless promises of the social media giant have fallen on deaf ears however: on Wednesday, Apple revoked the company’s enterprise certificate for Read more about Furious Apple revokes Facebook’s enty app cert after Zuck’s crew abused it to slurp private data[…]
In mid-January, Qualys, another security firm, released details about three flaws affecting systemd-journald, a systemd component that handles the collection and storage of log data. Patches for the vulnerabilities – CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866 – have been issued by various Linux distributions. Exploitation of these code flaws allows an attacker to alter system memory in Read more about Defanged SystemD exploit code for security holes now out in the wild[…]
Earlier this month, security researcher Troy Hunt identified the first tranche of that mega-dump, named Collection #1 by its anonymous creator, a set of cobbled-together breached databases Hunt said represented 773 million unique usernames and passwords. Now other researchers have obtained and analyzed an additional vast database called Collections #2–5, which amounts to 845 gigabytes Read more about Hackers Are Passing Around a Megaleak of 2.2 Billion Records[…]
Sophisticated hackers have long exploited flaws in SS7, a protocol used by telecom companies to coordinate how they route texts and calls around the world. Those who exploit SS7 can potentially track phones across the other side of the planet, and intercept text messages and phone calls without hacking the phone itself. This activity was Read more about Criminals Are Tapping into the Phone Network Backbone using known insecure SS7 to Empty Bank Accounts[…]
Airbus has admitted that a “cyber incident” resulted in unidentified people getting their hands on “professional contact and IT identification details” of some Europe-based employees. The company said in a brief statement published late last night that the breach is “being thoroughly investigated by Airbus’ experts”. The company has its own infosec business unit, Stormguard. Read more about Personal data slurped in Airbus hack – but firm’s industrial smarts could be what crooks are after[…]