Popular chrome extension gets hijacked.
We log into our developer account and boom – our Copyfish extension is gone! It seems the hackers/thieves/idiots moved it to THEIR developer account. We currently have no access to it!
Category: security
An impressively detailed start-to-end explanation of how an exploit is created. This exploit is unusually powerful in that it does not require the user to perform any action – no need to open attachments, click on hyperlinks etc. The only requirement is that Wifi is turned on. For iOS users, this exploit has been patched in the latest iOS 10.3.3.
Broadpwn is a fully remote attack against Broadcom’s BCM43xx family of WiFi chipsets, which allows for code execution on the main application processor in both Android and iOS. It is based on an unusually powerful 0-day that allowed us to leverage it into a reliable, fully remote exploit.
Yet another wide-spread Android malware.
Check Point researchers discovered another widespread malware campaign on Google Play, Google’s official app store. The malware, dubbed “Judy”, is an auto-clicking adware which was found on 41 apps developed by a Korean company. The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it. …
Source: The Judy Malware: Possibly the largest malware campaign found on Google Play | Check Point Blog
DIY hardware and software now makes it possible to capture and replay car fob wireless signals. Obviously this can be used for very bad things..
yes, I tested this on two cars and a truck and successfully implemented the attack and door locks opened. Scary to think that anyone can spend less than a few dollars and be-able to grab my laptop if left in the open.
Source: Using RTL-SDR to Open Car Doors
Someone accidentally stopped the ongoing WannaCry attacks by registering a domain.
In certain sandbox environments traffic is intercepted by replying to all URL lookups with an IP address belonging to the sandbox rather than the real IP address the URL points to, a side effect of this is if an unregistered domain is queried it will respond as it it were registered (which should never happen).
Source: How to Accidentally Stop a Global Cyber Attacks | MalwareTech
The collateral damage from leaked NSA hacking tools is just beginning to be felt.
Computer users in as many as 74 countries were reported to be disrupted by the ransomware attack, mostly affecting Britain and Russia.
Source: Hackers Hit Dozens of Countries Exploiting Stolen N.S.A. Tool
Internet vigilante to the rescue? Someone – or some group of people – decided the best way to save the Internet from the scourge of insecure IoT devices is to disable them permanently. I like how he/she/they describes his/her/their project.
I consider my project a form of “Internet Chemotherapy” I sometimes jokingly think of myself as The Doctor. Chemotherapy is a harsh treatment that nobody in their right mind would administer to a healthy patient, but the Internet was becoming seriously ill in Q3 and Q4/2016 and the moderate remedies were ineffective. The side effects of the treatment were harmful but the alternative (DDoS botnet sizes numbering in the millions) would have been worse. I can only hope hope that when the IoT relapse comes we’ll have better ways to deal with it. Besides getting the number of IoT DDoS bots to a manageable level my other key goal has been to raise awareness. The IoT problem is much worse than most people think, and I have some alarming stories to tell.
Source: This Hacker Is My New Hero
NSA develops cyberweapons. Cyberweapons gets leaked. Everyone who’s unprotected gets compromised.
Thousands of Microsoft Windows machines worldwide are infected with an NSA-developed backdoor that hackers installed by reusing leaked executable code from an outdated hacking toolkit belonging to the spy agency, multiple security researchers tell CyberScoop. The mysterious Shadow Brokers group published a package of internal NSA documents last week, containing among other things the computer code for a series of exploits, implants and other hacking tools. In the days since the leak first became public, hackers have mulled over the trove and begun reverse-engineering and recycling some of the capabilities, CyberScoop previously reported. One of these hacking tools, a backdoor implant codenamed DOUBLEPULSAR — which is used to run malicious code on an already compromised box — has already been installed on 30,000 to 50,000 hosts, according to Phobos Group founder Dan Tentler. Other researchers have also engineered different detection scripts to quickly scan the internet for infected computers. John Matherly, […]
Agree to some extent. In some places getting a certificate is just a means to get through the door. But yes it has very little to do with actual skills.
Here’s an excerpt from a 2016 Ars Technica article: Recruiter Thomas Ptacek, whose Chicago-based agency Starfighter specializes in recruiting security folk, describes the CISSP as “a joke,” and claims that in his experience a job description requiring a CISSP was a warning flag to industry elite not to apply. “I don’t think there are that many high-level practitioners outside of management who put much stock in the CISSP,” he says. Dan Tentler, founder of the attack simulation consultancy Phobos Group, compares hiring infosec workers based on passing an exam to hiring other professionals on the same basis: “Would you feel comfortable letting a doctor be your primary care physician if all it took was to pass a written multiple choice exam?” He believes that “ISC2 is making money hand over fist,” and that the organization is “diluting the market with
Source: Information Security Certifications are Worthless and Causing More Harm than Good
Ouch. Talk about poor customer service. A particularly irate customer who bought an IoT garage door-opener posts a nasty review and his device was denied server access, effectively making it useless or “bricking” it. Imagine posting a bad review about your Smart TV and it stops working. Hmmm.
Startup tells customer “Your unit will be denied server connection.”
Source: IoT garage door opener maker bricks customer’s product after bad review | Ars Technica