Items tagged with Hack
Hackers need physical access to a computer or need to trick a user into installing malware to steal data from an air-gapped PC (one that is not physically connected to a network). Air-gapped computers can have malware installed to steal data, but getting the data out is harder. That may not be the case with new research shared by The Hacker News that claims hackers can exfiltrate sensitive data from a PC by changing the brightness of the screen. This hack allegedly works on air-gapped computers. The hack is said to play an important role in stealing sensitive data from an infected, but an air-gapped computer. Details of the process come from Mordechai Guri, head of cybersecurity research center...
Read more...
Sources who claim to be close to the investigation are reporting that the FBI is currently probing an Israeli firm called NSO Group Technologies for its role in possible hacks on American residents and companies. The probe is allegedly looking at suspected intelligence gathering on governments according to the sources. The probe has been ongoing since 2017, when the FBI was trying to ascertain whether NSO had obtained code from hackers that was needed to infect smartphones. NSO has said that it sells spy software and technical support exclusively to governments and that the tools are meant to be used in pursuing terrorists and other criminals. The company claims that its software can't be used...
Read more...
A group of UN human rights experts are calling for an investigation into the Crown Prince of the Kingdom of Saudi Arabia, who they allege in 2018 deployed digital spyware enabling surveillance of Jeff Bezos. Bezos is known as the CEO of Amazon, but he's also the owner of The Washington Post. According to the UN human rights experts, the Crown Prince was possibly involved in the surveillance of Bezos in what they claim was an effort to influence, if not silence, The Washington Post's reporting on Saudi Arabia. The experts say that the allegations are relevant due to the ongoing evaluation of claims about the Crown Prince's involvement in the 2018 murder of Saudi national and Washington Post journalist...
Read more...
Researchers have sounded a warning bell at BlackBerry Cylance about a new trojan malware called PyXie RAT. The malware can perform all sorts of nefarious deeds, including keylogging, stealing login credentials, and recording videos. PyXie RAT can also distribute other attacks, including ransomware. The newly discovered PyXie RAT campaign is being run by a sophisticated cyber-criminal operation that is targeting healthcare and education organizations. The malware is custom-built and Python-based. When a machine is infected with the software, it can control most Windows systems and allows the hacker to monitor data and steal sensitive data. Other functions that the software can perform include...
Read more...
The thought of a stranger hijacking your camera and being able to see what you are doing without your knowledge is the stuff of nightmares for most people. Our phones tend to follow us into every area of our lives. Checkmarx decided to see if the cameras that are built into Android phones might be vulnerable to hacking. For their testing, the team took a Pixel 2 XL and Pixel 3 smartphone and began to probe the Google Camera app. The team found that there were a number of "concerning vulnerabilities" in the Google Camera app. They also found that the same vulnerabilities impact the camera apps of other smartphone vendors in the Android ecosystem. They specifically cited Samsung's camera app as...
Read more...
It would seem like common sense if you are among the people attending a hacking conference to secure your devices against attacks. After all, you and your tech gear are walking into the proverbial lion's den. If you were ever going to have your fitness tracker, smartphone, laptop, or other tech device hacked, DEFCON is where it will likely happen. Security Boulevard has issued some steps that attendees to the conference will want to follow to protect their devices before turning up at the convention, but the same steps could be used for protecting your devices every day. Some suggest using burner mobile phones or laptops, but there are other things that attendees can do to prepare themselves...
Read more...
Researchers from Check Point Software Technologies Ltd. have discovered a flaw in one of the most widely deployed pieces of software in the world, which also happens to be the backend for the contacts list on Apple devices like the iPhone and iPad. The software resource that Check Point found the flaw in is called SQLite, a database engine that is used in computer operating systems, desktops, mobile phones, and lots more. SQLite is used in Windows, MacOS, iOS, Google Chrome, and Android, among many others. The fact that the SQLite database engine is so widely deployed has made it a rich target for would-be hackers. Hackers could exploit SQLite and gain administrative control of an iPhone,...
Read more...
There are plenty of vulnerabilities in the biometrics that are commonly used for unlocking devices today, including fingerprint readers and Apple's Face ID. Researchers at the Black Hat USA 2019 conference this week demonstrated a new attack that allowed them to bypass a victim's Face ID and login to the user's phone. However, the method that the hackers had to use is a little disturbing, as they had to use an unconscious victim and place a pair of modified glasses on their face. To pull off the hack, the researchers placed tape carefully over the lenses of a pair of glasses and then put the glasses on the victim's face to show how Face ID could be bypassed in this specific scenario. The exploit...
Read more...
Hacks are happening all the time with some giving information on user accounts like the Flipboard hack we talked about recently. Other hacks are much grander in scale, like the attack against the city of Baltimore that resulted in most of the cities systems being locked out. Another significant hack has happened, and this one is a hack of a hotel management company that backs some of the largest hotel chains in the world. The hotel management company in question is Pyramid Hotel Group, and it manages many Marriott locations. The company had a server that left an unsecured database containing security logs that could give nefarious types an idea about cybersecurity weaknesses of the hotels. The...
Read more...
Flipboard is a news aggregator app, and the company has announced that it fell victim to hacks. The hacks potentially exposed user account information and left that information where it could be copied for nine months. The exposed user details included Flipboard user names, encrypted passwords, and email addresses. Flipboard was clear that no social security numbers, credit card details, or other financial data was lost in the breach because the app doesn't collect any of that information. The company published a FAQ about the hack that noted as a precaution it has reset all user passwords, despite the fact that passwords stored in the database hackers had access to were cryptographically protected....
Read more...
If you try to market a product as “unhackable,” it stands to reason that someone is going to attempt to hack your device to knock you down a peg or two. That is exactly what happened with eyeDisk, which was first brought to light last year with a successful Kickstarter campaign. eyeDisk was able to raise over $21,000 from nearly 250 backers and began shipping the thumb drive in 32GB and 128GB capacities earlier this year. The device uses a combination of AES-256 encryption and iris recognition to lock down the device and keep it safe from harm's way. In fact, eyeDisk was billed as "the world’s first USB flash drive that uses iris recognition technology for unbeatable data security."...
Read more...
In the web browser world, Google Chrome is tops and is offered on multiple platforms including Windows 10, macOS, Linus, iOS and Android. however, web developer named Jim Fisher has found an exploit that nefarious developers can use to trick Chrome on Android users into thinking they are on a legitimate website. Fisher shows on his blog how a website can replace the Chrome for Android address bar and tabs UI using a few tricks. All Chrome for Android users know that when you scroll down a page using the browser, the top of the UI with your address bar and tabs are hidden from view. Fisher found that the scrolling of the page could be "jailed" so when the user scrolls back up the page, the...
Read more...
Yes A lot of gamers were hoping that Nintendo would be rolling out some new Switch hardware at E3 2019 as rumors had suggested. Sadly, Nintendo has now confirmed that there will be no new hardware at that event. However, something else interesting about the Switch has surfaced recently that allows gamers to get more performance out of the existing Switch hardware. With the Switch being a hybrid system, game designers have to design games around docked and undocked performance modes. Inside the Switch is an NVIDIA Tegra processor that changes its clock speed depending on if the Switch is in docked or undocked mode. Hackers have found a way to gain access to change the clock speed of the Tegra...
Read more...
It turns out that a security breach affecting some users of Microsoft's Outlook.com, Hotmail.com, and MSN.com webmail services is worse than originally thought. In an email that was previously sent to users, Microsoft said a hacker managed to swipe a support agent's login credentials, potentially exposing email addresses, subject lines, and other information, but not the actual contents of any emails. As Maury Povich would say, 'That was a lie'. More accurately, that is not the full story. As far as we know, Microsoft did not actually lie to the users who received that specific email, in which the company admitted that email addresses, folder names, subject lines, and email recipient addresses...
Read more...
