Researchers use malicious NFC tags and booby-trapped physical surfaces to connect Android devices to malicious wireless networks. Researchers have created a novel proof-of-concept (PoC) attack named Tap ‘n Ghost, which targets Near Field Communication (NFC)-enabled Android smartphones. This allows an attacker to take control of a target phone simply by tricking the victim into placing […]
A lack of a Bluetooth Low Energy (BLE) pairing mechanism leaves the smart IoT devices open to malicious manipulation. Researchers have found a way to successfully hack connected hair straighteners to turn them on and increase the heating element up to its maximum temperature—causing a serious fire hazard for unsuspecting owners. Pen Test Partners decided […]
Study finds Android apps circumvented privacy opt-in rules and collected sensitive user information against user permission. Over 1,300 popular Android apps defy user permissions and gather sensitive data with no consent, according to a study by a coalition of academics from the International Computer Science Institute. The report examined popular mobile apps available through the […]
In this first part of a two part series, Shawn Taylor with Forescout talks to Threatpost about lessons learned from helping Atlanta remediate and recover from its massive ransomware attack. Ransomware attacks against local governments and cities are repeatedly making headlines, with crippling results on city operations and budgets. Last month, the Florida city of […]
An independent researcher earned a $30,000 bug bounty after discovering a weakness in the mobile recovery process. A researcher earned a $30,000 bug bounty from Facebook after discovering a weakness in the Instagram mobile recovery process that would allow account takeover for any user, via mass brute-force campaigns. Independent researcher Laxman Muthiyah took a look […]
Rupert Murdoch’s News Group has agreed to pay damages to Paul McCartney’s ex as part of the massive phone-hacking scandal by UK tabloids. The 2010-2011 News of the World phone hacking scandal – in which it was revealed that the tabloid dropped malware on celebrity targets’ phones in order to gather dirt for news stories […]
QNAPCrypt continues to spread via brute-force attacks. A rare instance of ransomware targeting Linux-based file storage systems (network-attached storage servers, specifically) has been spotted, spreading via 15 separate but related campaigns. The adversaries behind the effort are continuing their depredations on an ongoing basis, according to researchers, so targets are expected to proliferate. Researchers at […]
Google today announced that it is expanding its research around quantum computing and that it has hired UC Santa Barbara’s (UCSB) John Martinis and his team — one of the most prolific research groups in this area — to work on new quantum processors based on superconducting electronics. Researchers in Martinis’ lab were among the […]
Phishing emails target a bank’s users with malware – and make their landing page look more legitimate with fake Google reCAPTCHAs. A recently-discovered phishing scam was found peddling malware, using a new technique to mask its malicious landing page: A fake Google reCAPTCHA system. The campaign targeted a Polish bank and its users with emails, […]