Cyber Security Alerts

Tap ‘n Ghost Attack Creatively Targets Android Devices

Researchers use malicious NFC tags and booby-trapped physical surfaces to connect Android devices to malicious wireless networks. Researchers have created a novel proof-of-concept (PoC) attack named Tap ‘n Ghost, which targets Near Field Communication (NFC)-enabled Android smartphones. This allows an attacker to take control of a target phone simply by tricking the victim into placing […]

Hacked Hair Straighteners Can Threaten Homes

A lack of a Bluetooth Low Energy (BLE) pairing mechanism leaves the smart IoT devices open to malicious manipulation. Researchers have found a way to successfully hack connected hair straighteners to turn them on and increase the heating element up to its maximum temperature—causing a serious fire hazard for unsuspecting owners. Pen Test Partners decided […]

1,300 Popular Android Apps Access Data Without Proper Permissions

Study finds Android apps circumvented privacy opt-in rules and collected sensitive user information against user permission. Over 1,300 popular Android apps defy user permissions and gather sensitive data with no consent, according to a study by a coalition of academics from the International Computer Science Institute. The report examined popular mobile apps available through the […]

Why Cities Are a Low-Hanging Fruit For Ransomware

In this first part of a two part series, Shawn Taylor with Forescout talks to Threatpost about lessons learned from helping Atlanta remediate and recover from its massive ransomware attack. Ransomware attacks against local governments and cities are repeatedly making headlines, with crippling results on city operations and budgets. Last month, the Florida city of […]

Researcher Bypasses Instagram 2FA to Hack Any Account

An independent researcher earned a $30,000 bug bounty after discovering a weakness in the mobile recovery process. A researcher earned a $30,000 bug bounty from Facebook after discovering a weakness in the Instagram mobile recovery process that would allow account takeover for any user, via mass brute-force campaigns. Independent researcher Laxman Muthiyah took a look […]

Heather Mills Gets An Apology and ‘Substantial’ Settlement in Spyware Case

Rupert Murdoch’s News Group has agreed to pay damages to Paul McCartney’s ex as part of the massive phone-hacking scandal by UK tabloids. The 2010-2011 News of the World phone hacking scandal – in which it was revealed that the tabloid dropped malware on celebrity targets’ phones in order to gather dirt for news stories […]

Unusual Linux Ransomware Targets NAS Servers

QNAPCrypt continues to spread via brute-force attacks. A rare instance of ransomware targeting Linux-based file storage systems (network-attached storage servers, specifically) has been spotted, spreading via 15 separate but related campaigns. The adversaries behind the effort are continuing their depredations on an ongoing basis, according to researchers, so targets are expected to proliferate. Researchers at […]

Google Partners With UCSB To Build Quantum Processors For Artificial Intelligence

Google today announced that it is expanding its research around quantum computing and that it has hired UC Santa Barbara’s (UCSB) John Martinis and his team — one of the most prolific research groups in this area — to work on new quantum processors based on superconducting electronics. Researchers in Martinis’ lab were among the […]

Criminal groups are offering $360000 salaries to accomplices who can help them scam CEOs about their porn-watching habits

Scammers are claiming to hack people's webcams and access footage of them watching porn as part of a terrifying new…

Phishing Scam Cloaks Malware With Fake Google reCAPTCHA

Phishing emails target a bank’s users with malware – and make their landing page look more legitimate with fake Google reCAPTCHAs. A recently-discovered phishing scam was found peddling malware, using a new technique to mask its malicious landing page: A fake Google reCAPTCHA system. The campaign targeted a Polish bank and its users with emails, […]