The North Korea-linked APT group ScarCruft (aka APT37 and Group123) continues to expand its arsenal by adding a Bluetooth Harvester. North Korea-linked APT group ScarCruft (aka APT37, Reaper, and Group123) continues to expand its arsenal by adding a Bluetooth Harvester. ScarCruft has been active since at least 2012, it made the headlines in early February […]
Facebook fixed a critical zero-day flaw in WhatsApp that has been exploited to remotely install spyware on phones by calling the targeted device. Facebook has recently patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568, that has been exploited to remotely install spyware on phones by calling the targeted device. WhatsApp did not name the threat […]
Yoroi Cyber Security Annual Report 2018 – In 2018 cyber-security experts observed an increased number of cyber attacks, malware endure to be the most aggressive and pervasive threat. For this reason, analyzing the last year occurred events would help cyber-security professionals to prevent further attacks during the next few months. In many cases the attacks […]
A vulnerability in a GPS tracker used by elderly people and kids could be exploited by an attacker to spy on individuals using it. Researchers at Fidus Information Security discovered a vulnerability in GPS trackers used by elderly people and kids could be exploited to spy on them. Experts discovered that the safety device can […]
The popular French white hat hacker Robert Baptiste (aka @fs0c131y) discovered how to brick all Samsung mobile phones. French white hat hacker Robert Baptiste (aka @fs0c131y) discovered how to brick all Samsung mobile phones. Baptiste bought a Samsung mobile phone a few months ago and decided to analyze it. After a few hours of tests, he discovered an unprotected receiver in […]
Two hacking groups associated with large-scale crypto mining campaigns, Pacha Group and Rocke Group, wage war to compromise as much as possible cloud-based infrastructure. The first group tracked as Pacha Group has Chinese origins, it was first detected in September 2018 and is known to deliver the Linux.GreedyAntd miner. The Pacha Group’s attack chain starts […]
The paradox, the USB stick eyeDisk that uses iris recognition to unlock the drive could reveal the deviceâs password in plain text in a simple way. eyeDisk is a USB stick that uses iris recognition to unlock the drive, it is advertised as the “Unhackable USB Flash Drive,” instead it could reveal the deviceâs password […]
The Turkish Personal Data Protection Authority fined Facebook $270,000 for the Photo API bug that exposed personal photos of 300,000 Turkish users. The Turkish Personal Data Protection Authority (KVKK) has fined Facebook 1.65 million Turkish lira ($270,000) for the Photo API bug that exposed personal photos of 300,000 Turkish users. In December, Facebook announced that […]
Researchers at Cisco Talos discovered an use-after-free() vulnerability in SQLite that could be exploited by an attacker to remotely execute code on an affected device. Cisco Talos experts discovered an use-after-free() flaw in SQLite that could be exploited by an attacker to remotely execute code on an affected device. An attacker can trigger the flaw by sending […]
Security researcher Gjoko Krstic from Applied Risk discovered over 100 vulnerabilities that expose buildings to cyber attacks. Security researcher Gjoko Krstic from Applied Risk discovered over 100 vulnerabilities in management and access control systems from four major vendors. An attacker can exploit the vulnerabilities to gain full control of the vulnerable products and access to […]