We usually get to hear of vulnerabilities that cybercriminals exploit to expose or steal data. This time it’s the other way around; the criminals are at the receiving end. A vulnerability has helped researchers expose malware C&C servers. A vulnerability in a penetration testing tool that was being used by hackers is now helping researchers […]
A team of cybersecurity researchers from the University of New Haven yesterday released a video demonstrating how vulnerabilities that most programmers often underestimate could have allowed hackers to evade privacy and security of your virtual reality experience as well as the real world. According to the researchers—Ibrahim Baggili, Peter Casey and Martin Vondráček—the underlying vulnerabilities, […]
Academics describe scenarios that put the use of blockchain technology at risk Network security specialists from the International Institute of Cyber Security reported a couple of weeks ago an unusual incident in Coinbase, a cryptocurrency exchange platform: an attack on its blockchain. In the attack, a hacker somehow managed to take control of more than […]
Cybersecurity researchers have discovered a way to hide malicious code in Intel SGX enclaves, a hardware-based memory encryption feature in modern processors that isolates sensitive code and data to protect it from disclosure or modification. In other words, the technique allows attackers to implant malware code in a secure memory that uses protection features of […]
Linus Henze, a security researcher, has uncovered a security flaw in macOS Mojave Keychain that can allow bad actors to steal the stored passwords without administrator privileges. In a video, Henze demoed how anybody can get access to your password stored in Apple’s secure vault. This isn’t the first time when Henze has discovered a […]
Facebook was recently caught extracting data from its “research” app in exchange of $20 gift cards. Apple punished the social media company by revoking its Enterprise Certificate for a brief period. It has been now found that thousands of Indian users were a part of the data extraction project. According to a report by LiveMint, over […]
On Tuesday, Techcrunch reported that Facebook is paying teenagers to install a “Research” VPN app in iOS devices in exchange for $20 gift cards. The main motive behind the app was to analyze the web activity and smartphone usage patterns of teenagers. The social media company invited participants to the dubious research program by putting […]
If you are thinking that Facebook is sitting quietly after being forced to remove its Onavo VPN app from Apple’s App Store, then you are mistaken. It turns out that Facebook is paying teenagers around $20 a month to use its VPN app that aggressively monitors their smartphone and web activity and then sends it […]
Update: After the report surfaced, Facebook said it would shut down the iOS version of its Research app, however, Apple says it has already blocked Facebook’s app because it violated Apple’s policies. Here is the complete statement: “We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization. Facebook has been […]
A team at a robot cybersecurity startup has released a free, open-source tool for information security professionals to help them easily ‘footprint’ and detect unprotected robots, not only connected to the Internet, but also to the industrial environments where they operate. Dubbed “Aztarna,” the framework has been developed by Alias Robotics, a Spanish cybersecurity firm […]
The coordinated efforts were part of the URLhaus initiative that Abuse.ch launched in March 2018, and whose primary objective is to collect and share URLs about active malware campaigns so the information security (infosec) community can take action by blacklisting or taking down URLs. In a report published today, Abuse.ch says the URLhaus project has […]
Until now quantum computers have competed with classic computers in solving problems. But, researchers are planning to leverage the power of quantum computing for making a neural network that acts like a brain. The Neuromorphic Quantum Computing (Quromorphic) project led by Michael Hartmann and his colleagues from Heriot-Watt University is all about combining two dominant technologies […]
The Goldluck malware has been around for more than a year. The malware basically gave hackers privileges which allowed them to send premium messages and earn money. Historically, Goldluck has been associated with popular classic game apps on Android. Today, security researchers revealed that “more than a dozen iPhone apps covertly communicating with a server […]
Mark Zuckerberg and his wife Priscilla Chan have raised nearly $5 billion by selling almost 29 million Facebook shares to fund an ambitious research programme called the Chan-Zuckerberg Initiative (CZI). A part of the research programme includes the development of a brain-machine interface and devices that can essentially translate thoughts into commands. In a paper published […]
Biometric authentication is currently a widely used option for maintaining the security of devices and systems. With the emergence of vein-based authentication, biometric verification has moved beyond facial recognition and fingerprints. Vein-based authentication involves scanning of the size, shape, and location of the users’ veins under their hand’s skin to verify the person. On paper […]
A security researcher has published the proof-of-concept code which demonstrates how to create a fully functional Facebook worm. It’s a clickjack bomb that can spam your wall by exploiting a vulnerability on Facebook. The researcher, who works under the pseudonym of Lasq, says he has seen this flaw getting abused on the platform by a […]
Industry standard specification does not guarantee the safety of the self-encrypting drives despite verification
The Lazarus hackers have been using the FastCash Trojan on obsolete AIX servers to steal tens of millions of dollars The researchers of the information security and digital forensics firm Symantec have discovered the malware tool that Lazarus, North Korea’s famous hacker group, has been using for a couple of years to steal millions of dollars […]
Cybersecurity firm FireEye claims to have discovered evidence that proves the involvement of a Russian-owned research institute in the development of the TRITON malware that caused some industrial systems to unexpectedly shut down last year, including a petrochemical plant in Saudi Arabia. TRITON, also known as Trisis, is a piece of ICS malware designed to […]
Vulnerabilities and security flaws in vehicle security systems aren’t as surprising for us as it is that even the most renowned car manufacturers aren’t able to provide consumers with fool-proof systems. Wired reports that Tesla recently fixed a vulnerability in the security systems of its cars after a group of researchers in Belgium proved that the […]
Detours is a software package for monitoring and instrumenting API calls on Windows. Detours has been used by many ISVs and is also used by product teams at Microsoft. Detours is now available under a standard open source license (MIT). This simplifies licensing for programmers using Detours and allows the community to support Detours using […]