Researchers uncover Chinese spyware used to target Android devices

The tool, named “EagleMsgSpy,” was discovered by researchers at U.S. cybersecurity firm Lookout. The company said at the Black Hat Europe conference on Wednesday that it had acquired several variants of the spyware, which it says has been operational since “at least 2017.” Kristina Balaam, a senior intelligence researcher at Lookout, told TechCrunch the spyware Read more about Researchers uncover Chinese spyware used to target Android devices[…]

China complete pwn of US all telco means a physical rebuild is necessary

The Biden administration on Friday hosted telco execs to chat about China’s recent attacks on the sector, amid revelations that US networks may need mass rebuilds to recover. Details of the extent of China’s attacks came from senator Mark R Warner, who on Thursday gave both The Washington Post and The New York Times insights Read more about China complete pwn of US all telco means a physical rebuild is necessary[…]

Mystery Palo Alto Networks 0-day RCE now actively exploited – shut off access to Management Interface NOW

A critical zero-day vulnerability in Palo Alto Networks’ firewall management interface that can allow an unauthenticated attacker to remotely execute code is now officially under active exploitation. According to the equipment maker, the vulnerability requires no user interaction or privileges to exploit, and its attack complexity is deemed “low.” There’s no CVE number assigned to Read more about Mystery Palo Alto Networks 0-day RCE now actively exploited – shut off access to Management Interface NOW[…]

Data broker gathers records on 100M+ people, gets stolen, put up for sale

What’s claimed to be more than 183 million records of people’s contact details and employment info has been stolen or otherwise obtained from a data broker and put up for sale by a miscreant. The underworld merchant, using the handle KryptonZambie, has put a $6,000 price tag on the information in a cybercrime forum posting. Read more about Data broker gathers records on 100M+ people, gets stolen, put up for sale[…]

Hacker bans thousands of Call of Duty gamers through anti-cheat software, shows how dangerous this poorly written kernel acces junk is.

In October, video game giant Activision said it had fixed a bug in its anti-cheat system that affected “a small number of legitimate player accounts,” who were getting banned because of the bug. In reality, according to the hacker who found the bug and was exploiting it, they were able to ban “thousands upon thousands” Read more about Hacker bans thousands of Call of Duty gamers through anti-cheat software, shows how dangerous this poorly written kernel acces junk is.[…]

How to trick ChatGPT into writing exploit code using hex

OpenAI’s language model GPT-4o can be tricked into writing exploit code by encoding the malicious instructions in hexadecimal, which allows an attacker to jump the model’s built-in security guardrails and abuse the AI for evil purposes, according to 0Din researcher Marco Figueroa. […] In a recent blog, Figueroa detailed how one such guardrail jailbreak exposed Read more about How to trick ChatGPT into writing exploit code using hex[…]

a robot vacuum behind a running dog. The dog is terrified

Hacked Robot Vacuums Shout Slurs at Their Owners, Chase down their dogs

[…] hackers gained control of the devices and used the onboard speakers to blast racial slurs at anyone within earshot. One such person was a lawyer from Minnesota named Daniel Swenson. He was watching TV when he heard some odd noises coming from the direction of his vacuum. He changed the password and restarted it. Read more about Hacked Robot Vacuums Shout Slurs at Their Owners, Chase down their dogs[…]

MoneyGram says hackers stole customers’ personal information and transaction data

U.S. money transfer giant MoneyGram has confirmed that hackers stole its customers’ personal information and transaction data during a cyberattack last month. The company said in a statement Monday that an unauthorized third party “accessed and acquired” customer data during the cyberattack on September 20. The cyberattack — the nature of which remains unknown — Read more about MoneyGram says hackers stole customers’ personal information and transaction data[…]

Pro-Palistian Hacktivists Claim Responsibility for Taking Down the Internet Archive, piss off pro Palestinians globally

[…] A pro-Palestenian hacktivist group called SN_BLACKMETA has taken responsibility for the hack on X and Telegram. “They are under attack because the archive belongs to the USA, and as we all know, this horrendous and hypocritical government supports the genocide that is being carried out by the terrorist state of ‘Israel,’” the group said Read more about Pro-Palistian Hacktivists Claim Responsibility for Taking Down the Internet Archive, piss off pro Palestinians globally[…]

Internet Archive hacked, data breach impacts 31 million users

Internet Archive’s “The Wayback Machine” has suffered a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records. News of the breach began circulating Wednesday afternoon after visitors to archive.org began seeing a JavaScript alert created by the hacker, stating that the Internet Archive was breached. Read more about Internet Archive hacked, data breach impacts 31 million users[…]

Insecure Robot Vacuums From Chinese Company Deebot Collect Photos and Audio to Train Their AI

Ecovacs robot vacuums, which have been found to suffer from critical cybersecurity flaws, are collecting photos, videos and voice recordings — taken inside customers’ houses — to train the company’s AI models. The Chinese home robotics company, which sells a range of popular Deebot models in Australia, said its users are “willingly participating” in a Read more about Insecure Robot Vacuums From Chinese Company Deebot Collect Photos and Audio to Train Their AI[…]

Man-in-the-Middle PCB Unlocks HP Ink Cartridges

It’s a well-known secret that inkjet ink is being kept at artificially high prices, which is why many opt to forego ‘genuine’ manufacturer cartridges and get third-party ones instead. Many of these third-party ones are so-called re-manufactured ones, where a third-party refills an empty OEM cartridge. This is increasingly being done due to digital rights Read more about Man-in-the-Middle PCB Unlocks HP Ink Cartridges[…]

Flaw in Kia’s web portal let researchers track, hack cars. Again.

[…] Today, a group of independent security researchers revealed that they’d found a flaw in a web portal operated by the carmaker Kia that let the researchers reassign control of the Internet-connected features of most modern Kia vehicles—dozens of models representing millions of cars on the road—from the smartphone of a car’s owner to the Read more about Flaw in Kia’s web portal let researchers track, hack cars. Again.[…]

Fortinet confirms data breach after hacker claims to steal 440GB of files

Cybersecurity giant Fortinet has confirmed it suffered a data breach after a threat actor claimed to steal 440GB of files from the company’s Microsoft Sharepoint server. Fortinet is one of the largest cybersecurity companies in the world, selling secure networking products like firewalls, routers, and VPN devices. The company also offers SIEM, network management, and Read more about Fortinet confirms data breach after hacker claims to steal 440GB of files[…]

Apple Vision Pro’s Eye Tracking Exposed What People Type

[…] Today, a group of six computer scientists are revealing a new attack against Apple’s Vision Pro mixed reality headset where exposed eye-tracking data allowed them to decipher what people entered on the device’s virtual keyboard. The attack, dubbed GAZEploit and shared exclusively with WIRED, allowed the researchers to successfully reconstruct passwords, PINs, and messages Read more about Apple Vision Pro’s Eye Tracking Exposed What People Type[…]

1.3 million Android-based TV boxes backdoored; researchers still don’t know how

Researchers still don’t know the cause of a recently discovered malware infection affecting almost 1.3 million streaming devices running an open source version of Android in almost 200 countries. Security firm Doctor Web reported Thursday that malware named Android.Vo1d has backdoored the Android-based boxes by putting malicious components in their system storage area, where they Read more about 1.3 million Android-based TV boxes backdoored; researchers still don’t know how[…]

1.7M potentially pwned in US payment services provider breach, wishes victims good luck

Around 1.7 million people will receive a letter from Florida-based Slim CD, if they haven’t already, after the company detected an intrusion dating back nearly a year. Slim CD provides payment processing solutions, thus credit card numbers along with their expiry dates are among the data types potentially compromised in the incident. The cardholder’s name Read more about 1.7M potentially pwned in US payment services provider breach, wishes victims good luck[…]

Avis alerts 300k US car renters that insider crooks stole their info

Avis Rent A Car System has alerted 299,006 customers across multiple US states that their personal information was stolen in an August data breach. The digital break-in occurred between August 3 and August 6, according to the car rental giant in filings with the Maine and California attorneys general. On August 14, Avis determined that Read more about Avis alerts 300k US car renters that insider crooks stole their info[…]

YubiKeys are vulnerable to unpatchable cloning attacks thanks to newly discovered physical side channel

The YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard, contains a cryptographic flaw that makes the finger-size device vulnerable to cloning when an attacker gains temporary physical access to it, researchers said Tuesday. The cryptographic flaw, known as a side channel, resides in a small microcontroller used Read more about YubiKeys are vulnerable to unpatchable cloning attacks thanks to newly discovered physical side channel[…]

Florida data broker NPD says it was ransacked by cyber-thieves

A Florida firm has all but confirmed that millions of people’s sensitive personal info was stolen from it by cybercriminals and publicly leaked. That information, totaling billions of records, includes the names, Social Security numbers, physical and email addresses, and phone numbers of folks in the United States, UK, and Canada. It’s the sort of Read more about Florida data broker NPD says it was ransacked by cyber-thieves[…]

Bicycles Can Be Hacked Easily Now

[…] New research suggests that certain brands of bike parts have vulnerabilities that could allow them to be remotely compromised during competitions. The research was unveiled this week at the Usenix Workshop on Offensive Technologies by researchers from Northeastern University and UC San Diego. In their paper, researchers note that, much like modern cars, today’s Read more about Bicycles Can Be Hacked Easily Now[…]

A Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHub

A secretive network of around 3,000 “ghost” accounts on GitHub has quietly been manipulating pages on the code-hosting website to promote malware and phishing links, according to new research seen by WIRED. Since at least June last year, according to researchers at cybersecurity company Check Point, a cybercriminal they dubbed “Stargazer Goblin” has been hosting Read more about A Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHub[…]

Indian WazirX halts withdrawals after losing $230M worth crypto assets – still cowboy country there

[…] The Mumbai-based firm said one of its multisig wallets had suffered a security breach. A multisig wallet requires two or more private keys for authentication. WazirX said its wallet had six signatories, five of whom were with WazirX team. Liminal, which operates a wallet infrastructure firm, said in a statement to TechCrunch that its Read more about Indian WazirX halts withdrawals after losing $230M worth crypto assets – still cowboy country there[…]

AT&T says criminals stole phone records of ‘nearly all’ customers in another data breach there – also, Snowflake again

In a statement, AT&T said that the stolen data contains phone numbers of both cellular and landline customers, as well as AT&T records of calls and text messages — such as who contacted who by phone or text — during a six-month period between May 1, 2022 and October 31, 2022. AT&T said some of Read more about AT&T says criminals stole phone records of ‘nearly all’ customers in another data breach there – also, Snowflake again[…]