by CIRT Team
The Problem with Mobile Phones [source: ssd.eff]
Mobile phones have become ubiquitous and basic communications tools—now used not only for phone calls, but also for accessing the Internet, sending text messages, and documenting the world. Unfortunately, mobile phones were not designed for privacy and security. Not only do they do a poor job of protecting your communications, they also expose you to new kinds of surveillance risks—especially location tracking. Most mobile phones...
Read More
by CIRT Team
New Bug Allows iPhone Passcode to be Hacked [source: interestingengineering]
Apple pushed back on the researcher’s demonstration calling the method an error. The company was proven to be correct when the expert double-checked his testing. A security researcher took to his Twitter account on Friday to reveal a bug on iOS devices that can allow passcodes to be bypassed through a brute force attack. The video demonstration caused Apple to push back calling the finding...
Read More
by CIRT Team
A hacker devised a method to unlock any iPhone and iPad device [source: securityaffairs]
A security researcher has devised a method to brute force a passcode on every Apple iPhone or iPad, even the up-to-date ones. Since iOS 8 rolled out in 2014, iPhone and iPad devices are protected with encryption, without providing passcode it is quite impossible to unlock the device. If the user enters more than 10 times a wrong passcode, the Apple device is wiped. Now the...
Read More
by CIRT Team
Wireless system can power devices inside the body [source: news.mit]
MIT researchers, working with scientists from Brigham and Women’s Hospital, have developed a new way to power and communicate with devices implanted deep within the human body. Such devices could be used to deliver drugs, monitor conditions inside the body, or treat disease by stimulating the brain with electricity or light. The implants are powered by radio frequency waves, which can safely pass through human...
Read More
by CIRT Team
New RedEye Ransomware Attack Destroy Computers [source: gbhackers]
Newly Discovered RedEye Ransomware spreading via Twitter and target the victims to encrypt the data and lock the file to demand the ransom amount in Bitcoin. Also, RedEye Ransomware is capable of destroying the victim’s computer after the warning time to pay the ransom amount. This New Ransomware variant created by the same author who is behind the Annabelle ransomware that was actively spreading earlier of this...
Read More
by CIRT Team
BackSwap Trojan steals funds from your bank account [source: securityaffairs]
Security experts at ESET have spotted a new strain of banking trojan named BackSwap Trojan that implements new techniques to steal money from bank customers. The new techniques allow the malware to bypass anti-malware solutions and security features implemented by browsers to prevent Man-In-The-Browser attacks. Banking malware use to inject malicious code into the web page, either via the browser’s JavaScript console or directly into the address...
Read More
by CIRT Team
New VPNFilter malware targets at least 500K networking devices[talosintelligence]
INTRO For several months, Talos has been working with public- and private-sector threat intelligence partners and law enforcement in researching an advanced, likely state-sponsored or state-affiliated actor’s widespread use of a sophisticated modular malware system we call “VPNFilter.” We have not completed our research, but recent events have convinced us that the correct way forward is to now share our findings so that affected parties...
Read More
by CIRT Team
DNS-Hijacking Malware Targeting iOS, Android and Desktop Users Worldwide [source: thehackernews]
Widespread routers’ DNS hijacking malware that recently found targeting Android devices has now been upgraded its capabilities to target iOS devices as well as desktop users. Dubbed Roaming Mantis, the malware was initially found hijacking Internet routers last month to distribute Android banking malware designed to steal users’ login credentials and the secret code for two-factor authentication. According to security researchers at Kaspersky Labs, the criminal group behind the...
Read More
by CIRT Team
The ZipperDown Vulnerability could affect roughly 10% of iOS Apps [source: securityaffairs]
Experts from Chinese jailbreakers Pangu Lab, have recently discovered the ZipperDown flaw that could affect roughly 10% of iOS Apps. ZipperDown, is a recently discovered vulnerability that could affect thousands of iOS apps and maybe also Android users. The ZipperDown flaw was first reported by experts from Chinese jailbreakers Pangu Lab, that described it as described as a programming error. The experts estimate 15,978 out of 168,951 iOS apps are affected, roughly 10% of...
Read More
by CIRT Team
Red Hat Linux DHCP Client Found Vulnerable to Command Injection Attacks [thehackernews]
A Google security researcher has discovered a critical remote command injection vulnerability in the DHCP client implementation of Red Hat Linux and its derivatives like Fedora operating system. The vulnerability, tracked as CVE-2018-1111, could allow attackers to execute arbitrary commands with root privileges on targeted systems. Whenever your system joins a network, it’s the DHCP client application which allows your system to automatically receive network configuration...
Read More
