‘Kernel memory leaking’ Intel / ARM processor design flaw forces Linux, Windows, OSX redesign, massive slowdowns to be expected

t is understood the bug is present in modern Intel processors produced in the past decade. It allows normal user programs – from database applications to JavaScript in web browsers – to discern to some extent the layout or contents of protected kernel memory areas.The fix is to separate the kernel’s memory completely from user Read more about ‘Kernel memory leaking’ Intel / ARM processor design flaw forces Linux, Windows, OSX redesign, massive slowdowns to be expected[…]

Hackers Used DC Police Surveillance System to Distribute Ransomware

A Romanian man and woman are accused of hacking into the outdoor surveillance system deployed by Washington DC police, which they used to distribute ransomware.The two suspects are named Mihai Alexandru Isvanca and Eveline Cismaru, Romanian nationals, both arrested last week by Romanian authorities part of Operation Bakovia that culminated with the arrest of five Read more about Hackers Used DC Police Surveillance System to Distribute Ransomware[…]

Nissan Canada Finance hacked, up to 1.1m Canucks exposed

Nissan Canada’s vehicle-financing wing has been hacked, putting personal information on as many as 1.13 million customers in the hands of miscreants. […] According to Nissan Canada, the exposed data includes at least customer names, addresses, vehicle makes and models, vehicle identification numbers (VINs), credit scores, loan amounts and monthly payment figures. “We are still Read more about Nissan Canada Finance hacked, up to 1.1m Canucks exposed[…]

Another AI attack, this time against ‘black box’ machine learning

Unlike adversarial models that attack AIs “from the inside”, attacks developed for black boxes could be used against closed system like autonomous cars, security (facial recognition, for example), or speech recognition (Alexa or Cortana).The tool, called Foolbox, is currently under review for presentation at next year’s International Conference on Learning Representations (kicking off at the Read more about Another AI attack, this time against ‘black box’ machine learning[…]

HP laptops found to have hidden keylogger – BBC News

Hidden software that can record every letter typed on a computer keyboard has been discovered pre-installed on hundreds of HP laptop models.Security researcher Michael Myng found the keylogging code in software drivers preinstalled on HP laptops to make the keyboard work.HP said more than 460 models of laptop were affected by the “potential security vulnerability”.It Read more about HP laptops found to have hidden keylogger – BBC News[…]

Airgapping via PLC

CyberX demonstrated how to inject specially-crafted ladder logic code into a Siemens S7-1200 PLC. The code uses memory copy operations to generate frequency-modulated RF signals slightly below the AM band (340kHz-420kHz), with the modulation representing encoded data.The emitted RF signals are a byproduct of repeatedly writing to PLC memory in a specific way.Once transmitted the Read more about Airgapping via PLC[…]

New Ruski hacker clan exposed: They’re called MoneyTaker, and they’re gonna take your money • The Register

The group has conducted more than 20 successful attacks on financial institutions and legal firms in the USA, UK and Russia in the last two months alone, according to Russian incident response firm Group-IB. MoneyTaker has primarily targeted card processing systems, including the AWS CBR (Russian Interbank System) and purportedly SWIFT (US).In addition to banks, Read more about New Ruski hacker clan exposed: They’re called MoneyTaker, and they’re gonna take your money • The Register[…]

Mailsploit: It’s 2017, and you can spoof the ‘from’ in email to fool filters

Penetration tester Sabri Haddouche has reintroduced the world to email source spoofing, bypassing spam filters and protections like Domain-based Message Authentication, Reporting and Conformance (DMARC), thereby posing a risk to anyone running a vulnerable and unpatched mail client.What he’s found is that more than 30 mail clients including Apple Mail, Thunderbird, various Windows clients, Yahoo! Read more about Mailsploit: It’s 2017, and you can spoof the ‘from’ in email to fool filters[…]

NiceHash Hacked, $62 Million of Bitcoin May Be Stolen

New submitter Chir breaks the news to us that the NiceHash crypto-mining marketplace has been hacked. The crypto mining pool broke the news on Reddit, where users suggest that as many as 4,736.42 BTC — an amount worth more than $62 million at current prices — has been stolen. The NiceHash team is urging users Read more about NiceHash Hacked, $62 Million of Bitcoin May Be Stolen[…]

The Underground Uber Networks Driven by Russian Hackers

Uber’s ride-sharing service has given birth to some of the most creative criminal scams to date, including using a GPS-spoofing app to rip off riders in Nigeria, and even ginning up fake drivers by using stolen identities.Add to those this nefariously genius operation: Cybercriminals, many working in Russia, have created their own illegitimate taxi services Read more about The Underground Uber Networks Driven by Russian Hackers[…]

PayPal Says 1.6 Million Customer Details Stolen in Breach at Canadian Subsidiary

PayPal says that one of the companies it recently acquired suffered a security incident during which an attacker appears to have accessed servers that stored information for 1.6 million customers.The victim of the security breach is TIO Networks, a Canadian company that runs a network of over 60,000 utility and bills payment kiosks across North Read more about PayPal Says 1.6 Million Customer Details Stolen in Breach at Canadian Subsidiary[…]

Prison hacker who tried to free friend now likely to join him inside

In a sustained campaign, Voits managed to get the login details and passwords for 1,600 county employees, including for the Xjail computer system that is used to track inmates. By March he had the logins to the prison management system and tried to amend the records of one inmate to arrange their early release. His Read more about Prison hacker who tried to free friend now likely to join him inside[…]

Pawnbroker pwnd: Cash Converters says hacker slurped customer data

Pawnbroking and secondhand goods outlet Cash Converters has suffered a data breach. Customers were notified of the leak on Thursday by email, samples of which have been posted on social media. Cash Converters said it had discovered that a third party gained unauthorised access to customer data within the company’s UK webshop. Credit card data Read more about Pawnbroker pwnd: Cash Converters says hacker slurped customer data[…]

Uber loses personal info on 600K drivers and 57M users in 2016. Pays hackers $100K in hope they delete it. Forgets to mention this in apology.

the individuals were able to download files containing a significant amount of other information, including: The names and driver’s license numbers of around 600,000 drivers in the United States. Drivers can learn more here. Some personal information of 57 million Uber users around the world, including the drivers described above. This information included names, email Read more about Uber loses personal info on 600K drivers and 57M users in 2016. Pays hackers $100K in hope they delete it. Forgets to mention this in apology.[…]

Introducing GoCrack: A Managed distributed Password Cracking Tool

FireEye’s Innovation and Custom Engineering (ICE) team released a tool today called GoCrack that allows red teams to efficiently manage password cracking tasks across multiple GPU servers by providing an easy-to-use, web-based real-time UI (Figure 1 shows the dashboard) to create, view, and manage tasks. Simply deploy a GoCrack server along with a worker on Read more about Introducing GoCrack: A Managed distributed Password Cracking Tool[…]

Hackers Compromised the Trump Organization 4 Years Ago—and the Company Never Noticed

In 2013, a hacker (or hackers) apparently obtained access to the Trump Organization’s domain registration account and created at least 250 website subdomains that cybersecurity experts refer to as “shadow” subdomains. Each one of these shadow Trump subdomains pointed to a Russian IP address, meaning that they were hosted at these Russian addresses. (Every website domain Read more about Hackers Compromised the Trump Organization 4 Years Ago—and the Company Never Noticed[…]

Turns out that dating apps can give away your location, show who you like and who and where you are

It seems just about everyone has written about the dangers of online dating, from psychology magazines to crime chronicles. But there is one less obvious threat not related to hooking up with strangers – and that is the mobile apps used to facilitate the process. We’re talking here about intercepting and stealing personal information and Read more about Turns out that dating apps can give away your location, show who you like and who and where you are[…]

Equifax hackers targeted 15.2 million UK records – a lot more than the 400k they originally said

Equifax has admitted that almost double the number of UK customers had their information stolen in a major data breach earlier this year than it originally thought, and that millions more could have had their details compromised. The credit rating firm said it is contacting nearly 700,000 customers in the UK to alert them that Read more about Equifax hackers targeted 15.2 million UK records – a lot more than the 400k they originally said[…]

Equifax breach included 10 million US driving licenses

10.9 million US driver’s licenses were stolen in the massive breach that Equifax suffered in mid-May, according to a new report by The Wall Street Journal. In addition, WSJ has revealed that the attackers got a hold of 15.2 million UK customers’ records, though only 693,665 among them had enough info in the system for Read more about Equifax breach included 10 million US driving licenses[…]

Hackers nick $60m from Taiwanese bank in tailored SWIFT attack

Hackers managed to pinch $60m from the Far Eastern International Bank in Taiwan by infiltrating its computers last week. Now, most of the money has been recovered, and two arrests have been made in connection with the cyber-heist. On Friday, the bank admitted the cyber-crooks planted malware on its PCs and servers in order to Read more about Hackers nick $60m from Taiwanese bank in tailored SWIFT attack[…]

4 TOR marketplaces being DDOSed

Four of the world’s key illicit marketplaces—Dream, Tochka, Trade Route, and Wall Street—went down suddenly on Friday. And no one seems to know why. Now, someone is trying to take the four largest drug marketplaces offline, seemingly by flooding them with a torrent of traffic. These sites offer a mail-order service for pretty much any Read more about 4 TOR marketplaces being DDOSed[…]

KRACK attacks WPA2 – ie all the WiFis

We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to Read more about KRACK attacks WPA2 – ie all the WiFis[…]

Equifax breach: 2.5m US citizens larger than thought. A timeline.

Equifax said late Monday that an outside review determined about 2.5 million additional U.S. consumers were potentially impacted, for a revised total of 145.5 million. The company said the review also found that just 8,000 Canadian citizens were impacted, rather than up to 100,000 Canadians, as previously announced. Equifax was alerted to the breach by Read more about Equifax breach: 2.5m US citizens larger than thought. A timeline.[…]

Broadcom SoC allow remote code execution in many wifi equiped phones, routers

Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. […] However, since the “Channel Number” field is not validated, an attacker can Read more about Broadcom SoC allow remote code execution in many wifi equiped phones, routers[…]

Ccleaner infection: what happened? Turns out it was targeting companies & had been running for longer than thought

Ccleaner v5.33, software that allows you to clean up the cruft that comes with use and with newly installed machines, was infected with Floxif malware which installed itself on peoples machines together with the ccleaner. Floxif is a malware downloader that gathers information about infected systems and sends it back to its Command & Control Read more about Ccleaner infection: what happened? Turns out it was targeting companies & had been running for longer than thought[…]