DEFCON hackers’ dossier on US voting machine security is just as grim as feared

Hackers probing America’s electronic voting systems have painted an astonishing picture of the state of US election security, less than six weeks before the November midterms. The full 50-page report [PDF], released Thursday during a presentation in Washington DC, was put together by the organizers of the DEF CON hacking conference’s Voting Village. It recaps Read more about DEFCON hackers’ dossier on US voting machine security is just as grim as feared[…]

Cisco Video Surveillance Manager Appliance Default Root Password Vulnerability (again)

A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco Connected Safety and Security Unified Computing System (UCS) platforms could allow an unauthenticated, remote attacker to log in to an affected system by using the root account, which has default, static user credentials. The vulnerability is due to the presence of undocumented, default, static Read more about Cisco Video Surveillance Manager Appliance Default Root Password Vulnerability (again)[…]

Windows handwriting recognition on? Then all your typing is stored in plain text on your PC.

If you’re one of the people who own a stylus or touchscreen-capable Windows PC, then there’s a high chance there’s a file on your computer that has slowly collected sensitive data for the past months or even years. This file is named WaitList.dat, and according to Digital Forensics and Incident Response (DFIR) expert Barnaby Skeggs, Read more about Windows handwriting recognition on? Then all your typing is stored in plain text on your PC.[…]

Mikrotik routers pwned en masse, send network data to mysterious box

More than 7,500 Mikrotik routers have been compromised with malware that logs and transmits network traffic data to an unknown control server. This is according to researchers from 360 Netlab, who found the routers had all been taken over via an exploit for CVE-2018-14847, a vulnerability first disclosed in the Vault7 data dump of supposed Read more about Mikrotik routers pwned en masse, send network data to mysterious box[…]

Mobile spyware maker mSpy leaks 2 million records

mSpy, a commercial spyware solution designed to help you spy on kids and partners, has leaked over 2 million records including software purchases and iCloud usernames and authentication tokens of devices running mSky. The data appears to have come from an unsecured database that allowed security researchers to pull out millions of records. “Before it Read more about Mobile spyware maker mSpy leaks 2 million records[…]

Data center server BMCs are terribly outdated and insecure

BMCs can be used to remotely monitor system temperature, voltage and power consumption, operating system health, and so on, and power cycle the box if it runs into trouble, tweak configurations, and even, depending on the setup, reinstall the OS – all from the comfort of an operations center, as opposed to having to find Read more about Data center server BMCs are terribly outdated and insecure[…]

It’s either legal to port-scan someone without consent or it’s not, fumes researcher: Halifax bank port scans you when you visit the page

Halifax Bank scans the machines of surfers that land on its login page whether or not they are customers, it has emerged. Security researcher Paul Moore has made his objection to this practice – in which the British bank is not alone – clear, even though it is done for good reasons. The researcher claimed Read more about It’s either legal to port-scan someone without consent or it’s not, fumes researcher: Halifax bank port scans you when you visit the page[…]

Critical OpenEMR Flaws Left Medical Records Vulnerable

Security researchers have found more than 20 bugs in the world’s most popular open source software for managing medical records. Many of the vulnerabilities were classified as severe, leaving the personal information of an estimated 90 million patients exposed to bad actors. OpenEMR is open source software that’s used by medical offices around the world Read more about Critical OpenEMR Flaws Left Medical Records Vulnerable[…]

Kremlin hackers ‘jumped air-gapped networks’ to pwn US power utilities

The US Department of Homeland Security is once again accusing Russian government hackers of penetrating America’s critical infrastructure. Uncle Sam’s finest reckon Moscow’s agents managed to infiltrate computers networks within US electric utilities – to the point where the miscreants could have virtually pressed the off switch in control rooms, yanked the plug on the Read more about Kremlin hackers ‘jumped air-gapped networks’ to pwn US power utilities[…]

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Hackers used phishing emails to break into a Virginia bank in two separate cyber intrusions over an eight-month period, making off with more than $2.4 million total. Now the financial institution is suing its insurance provider for refusing to fully cover the losses. According to a lawsuit filed last month in the Western District of Read more about Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M[…]

Bluetooth security: Flaw could allow nearby attacker to grab your private data

A cryptographic bug in many Bluetooth firmware and operating system drivers could allow an attacker within about 30 meters to capture and decrypt data shared between Bluetooth-paired devices. The flaw was found by Lior Neumann and Eli Biham of the Israel Institute of Technology, and flagged today by Carnegie Mellon University CERT. The flaw, which Read more about Bluetooth security: Flaw could allow nearby attacker to grab your private data[…]

The SIM Hijackers: how hackers take your phone number and then all of your accounts

In the buzzing underground market for stolen social media and gaming handles, a short, unique username can go for between $500 and $5,000, according to people involved in the trade and a review of listings on a popular marketplace. Several hackers involved in the market claimed that the Instagram account @t, for example, recently sold Read more about The SIM Hijackers: how hackers take your phone number and then all of your accounts[…]

Top Voting Machine Vendor Admits It Installed Remote-Access Software on Systems Sold to States

Remote-access software and modems on election equipment ‘is the worst decision for security short of leaving ballot boxes on a Moscow street corner.’ The nation’s top voting machine maker has admitted in a letter to a federal lawmaker that the company installed remote-access software on election-management systems it sold over a period of six years, Read more about Top Voting Machine Vendor Admits It Installed Remote-Access Software on Systems Sold to States[…]

Robocall Firm Exposes Hundreds of Thousands of US Voters’ Records

Personal details and political affiliations exposed The server that drew Diachenko’s attention, this time, contained 2,584 files, which the researcher later connected to RoboCent. The type of user data exposed via Robocent’s bucket included: ⬖  Full Name, suffix, prefix ⬖  Phone numbers (cell and landlines) ⬖  Address with house, street, city, state, zip, precinct ⬖  Read more about Robocall Firm Exposes Hundreds of Thousands of US Voters’ Records[…]

‘007’ code helps stop Spectre exploits before they exist

At arXiv, Singaporean and US researchers have published work, appropriately dubbed “007”, which checks code to see if it’s trying to exploit Spectre; and at Virus Bulletin, Fortinet’s Axelle Apvrille takes a look at the bug from an Android point of view. Apvrille’s work backs up what we’ve heard from other researchers: so far, Spectre Read more about ‘007’ code helps stop Spectre exploits before they exist[…]

‘Mega’ Data Breaches Cost Companies a Staggering Fortune, IBM Study Finds

IBM Security on Wednesday released its latest report examining the costs and impact associated with data breaches. The findings paint a grim portrait of what the clean up is like for companies whose data becomes exposed—particularly for larger corporations that suffer so-called “mega breaches,” a costly exposure involving potentially tens of millions of private records. Read more about ‘Mega’ Data Breaches Cost Companies a Staggering Fortune, IBM Study Finds[…]

Unpatched Netgear router and FTP server without password leads to US military manuals hawked on dark web

Sensitive US Air Force documents have leaked onto the dark web as part of an attempted sale of drone manuals. Threat intel firm Recorded Future picked up on an auction for purported export-controlled documents pertaining to the MQ-9 Reaper drone during its regular work monitoring the dark web for criminal activities last month. Recorded Future’s Read more about Unpatched Netgear router and FTP server without password leads to US military manuals hawked on dark web[…]

Thomas Cook website spills personal info – and it’s fine with that

Norwegian programmer Roy Solberg came across an enumeration bug that leaked the full name of all travelers on a booking, the email addresses used, and flight details from Thomas Cook Airlines’ systems using only a booking reference number. Simply changing the booking number unveiled a new set of customer details. The exposed info covered trips Read more about Thomas Cook website spills personal info – and it’s fine with that[…]

Former NSO Group Employee Accused of Stealing Phone Spy Tools

Israeli hacking firm NSO Group is mostly known for peddling top-shelf malware capable of remotely cracking into iPhones. But according to Israeli authorities, the company’s invasive mobile spy tools could have wound up in the hands of someone equally, if not far more, devious than its typical government clients. A 38-year-old former NSO employee has Read more about Former NSO Group Employee Accused of Stealing Phone Spy Tools[…]

Fitness app Polar even better at revealing secrets than Strava and Garmin

Online investigations outfit Bellingcat has found that fitness tracking kit-maker Polar reveals both the identity and daily activity of its users – including soldiers and spies. Many users of Polar’s devices and app appear not to have paid attention to their privacy settings, as a result a Bellingcat writer found 6,460 individuals from 69 countries. Read more about Fitness app Polar even better at revealing secrets than Strava and Garmin[…]

Newer Diameter Telephony Protocol (4G / LTE) Just As Vulnerable As SS7

Security researchers say the Diameter protocol used with today’s 4G (LTE) telephony and data transfer standard is vulnerable to the same types of vulnerabilities as the older SS7 standard used with older telephony standards such as 3G, 2G, and earlier. Both Diameter and SS7 (Signaling System No. 7) have the same role in a telephony Read more about Newer Diameter Telephony Protocol (4G / LTE) Just As Vulnerable As SS7[…]

Every Android Device Since 2012 Impacted by RAMpage Vulnerability

Almost all Android devices released since 2012 are vulnerable to a new vulnerability named RAMpage, an international team of academics has revealed today. The vulnerability, tracked as CVE-2018-9442, is a variation of the Rowhammer attack. Rowhammer is a hardware bug in modern memory cards. A few years back researchers discovered that when someone would send Read more about Every Android Device Since 2012 Impacted by RAMpage Vulnerability[…]

Personal Information of 340 Million People and Businesses Leaked By Florida Marketing Firm Exactis

A little-known, Florida-based marketing firm called Exactis may be responsible for a significant amount of personal data being exposed. According to a report from Wired, the firm left 340 million individual records on a publicly accessible server that any person could have gotten ahold of. The leak was discovered earlier this month by security researcher Read more about Personal Information of 340 Million People and Businesses Leaked By Florida Marketing Firm Exactis[…]

Significant Vulnerabilities in Axis Cameras – patch now!

One of the vendors for which we found vulnerable devices was Axis Communications. Our team discovered a critical chain of vulnerabilities in Axis security cameras. The vulnerabilities allow an adversary that obtained the camera’s IP address to remotely take over the cameras (via LAN or internet). In total, VDOO has responsibly disclosed seven vulnerabilities to Read more about Significant Vulnerabilities in Axis Cameras – patch now![…]