Security Affairs Archives - Page 929 of 1047

Pierluigi Paganini August 11, 2018

Quiet Skies, TSA surveillance program targets Ordinary U.S. Citizens

Journalists revealed a new surveillance program that targets US citizens, the program was previously-undisclosed and code named ‘Quiet Skies’. According to the Transportation Security Administration (TSA), that has admitted the Quiet Skies, the program has monitored about 5,000 U.S. citizens on domestic flights in recent months. Quiet Skies was criticized by privacy advocates because the […]

Pierluigi Paganini August 11, 2018

Group-IB: The Shadow Market Is Flooded with Cheap Mining Software

Group-IB is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations. Group-IB, an international company specializing in the prevention of cyberattacks, is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations. According to Group-IB’s Threat Intelligence, over a year, the number of shadow-forum ads […]

Pierluigi Paganini August 11, 2018

Experts explained how to hack macs in enterprises through MDM

Researchers demonstrated how a sophisticated threat actor can hack a brand new Apple Mac computer in enterprise environments through MDM. A security duo composed by Jesse Endahl, CPO and CSO at macOS management firm Fleetsmith, and Max Bélanger, staff engineer at Dropbox, demonstrated at the Black Hat security conference how a persistent attacker could compromise […]

Pierluigi Paganini August 10, 2018

The analysis of the code reuse revealed many links between North Korea malware

Security researchers at Intezer and McAfee have conducted a joint investigation that allowed them to collect evidence that links malware families attributed to North Korean APT groups such as the notorious Lazarus Group and Group 123. The experts focused their analysis on the code reuse, past investigations revealed that some APT groups share portions of code […]

Pierluigi Paganini August 10, 2018

Expert devised a new WiFi hack that works on WPA/WPA2

The popular expert Jens ‘Atom’ Steube devised a new WiFi hack that allows cracking WiFi passwords of most modern routers. Jens ‘Atom’ Steube, the lead developer of the popular password-cracking tool Hashcat, has developed a new WiFi hacking technique that allows cracking WiFi passwords of most modern routers. Jens ‘Atom’ Steube, the lead developer of […]

Pierluigi Paganini August 10, 2018

Social Mapper – Correlate social media profiles with facial recognition

Trustwave developed Social Mapper an Open Source Tool that uses facial recognition to correlate social media profiles across different social networks. Security experts at Trustwave have released Social Mapper, a new open-source tool that allows finding a person of interest across social media platform using facial recognition technology. The tool was developed to gather intelligence from […]

Pierluigi Paganini August 10, 2018

Security expert discovered a bug that affects million Kaspersky VPN users

A security issue exists in Kaspersky VPN <=v1.4.0.216 which leaks your DNS Address even after you’re connected to any virtual server. (Tested on Android 8.1.0) What is a DNS leaks? In this context, with the term “DNS leak” we indicate an unencrypted DNS query sent by your system OUTSIDE the established VPN tunnel. Kaspersky VPN is […]

Pierluigi Paganini August 09, 2018

DeepLocker – AI-powered malware are already among us

Security researchers at IBM Research developed a “highly targeted and evasive” AI-powered malware dubbed DeepLocker and will present today. What about Artificial Intelligence (AI) applied in malware development? Threat actors can use AI-powered malware to create powerful malicious codes that can evade sophisticated defenses. Security researchers at IBM Research developed a “highly targeted and evasive” attack tool powered […]

Pierluigi Paganini August 09, 2018

BIND DNS software includes a security feature that could be abused to cause DoS condition

The Internet Systems Consortium (ISC) announced the presence of a serious flaw in the BIND DNS software that can be exploited by remote attackers to cause a denial-of-service (DoS) condition. The vulnerability tracked as CVE-2018-5740 was discovered by Tony Finch of the University of Cambridge. The flaw has been assigned a CVSS score of 7.5, the […]

Pierluigi Paganini August 09, 2018

Researchers find vulnerabilities in WhatsApp that allow to spread Fake News via group chats

WhatsApp has been found vulnerable to multiple security flaws that could allow malicious users to spread fake news through group chats. WhatsApp, the most popular messaging application in the world, has been found vulnerable to multiple security flaws that could allow malicious users to intercept and modify the content of messages sent in both private […]