"iPhone Triangulation Attack Abused Undocumented Hardware Feature"

"iPhone Triangulation Attack Abused Undocumented Hardware Feature"

Since 2019, Operation Triangulation spyware attacks on iPhone devices have used undocumented features in Apple chips to evade hardware-based security protections. Over the past year, analysts have been reverse-engineering the sophisticated attack chain to get further details on the campaign discovered in June 2023. The use of obscure hardware features, most likely reserved for debugging and factory testing, to execute spyware attacks against iPhone users suggests that an advanced threat actor carried out the campaign.

Submitted by Gregory Rigby on

"Cyberattack Disrupts Operations of First American, Subsidiaries"

"Cyberattack Disrupts Operations of First American, Subsidiaries"

The systems and operations of First American Financial Corporation and several of its subsidiaries appear to have been significantly disrupted by a cyberattack. First American provides title insurance and settlement services to the real estate and mortgage industries. It’s one of the largest title insurance companies in the United States.

Submitted by Adam Ekwall on

"CBS, Paramount Owner National Amusements Says it was Hacked"

"CBS, Paramount Owner National Amusements Says it was Hacked"

National Amusements, the cinema chain and corporate parent giant of media giants Paramount and CBS has recently confirmed it experienced a data breach in which hackers stole the personal information of tens of thousands of people.  The company announced that the hackers stole personal information from 82,128 people during a December 2022 data breach.  Details of the December 2022 breach only came to light a year later, after the company began notifying those affected last week.

Submitted by Adam Ekwall on

"Mint Mobile Discloses New Data Breach Exposing Customer Data"

"Mint Mobile Discloses New Data Breach Exposing Customer Data"

Mint Mobile has recently disclosed a new data breach that exposed the personal information of its customers, including data that can be used to perform SIM swap attacks.  Mint is a mobile virtual network operator (MVNO) offering budget, pre-paid mobile plans.  On December 22nd, the company began notifying customers via emails titled "Important information regarding your account," stating that they suffered a security incident and a hacker obtained customer information.

Submitted by Adam Ekwall on

"Crypto Drainer Steals $59m Via Google and X Ads"

"Crypto Drainer Steals $59m Via Google and X Ads"

Security researchers at Scam Sniffer have discovered a new series of "crypto drainer" malware attacks that have stolen $59m from victims so far after luring them to phishing pages via Google and X ads.  The researchers defined a crypto drainer as a type of malware that tricks the user into approving a transaction, which then automatically drains their cryptocurrency wallets.  The researchers revealed that one particular version, MS Drainer, was behind the new spate of attacks.

Submitted by Adam Ekwall on

"Fake VPN Chrome Extensions Force-Installed 1.5 Million Times"

"Fake VPN Chrome Extensions Force-Installed 1.5 Million Times"

Security researchers at ReasonLabs have discovered that three malicious Chrome extensions posing as VPNs were downloaded 1.5 million times, acting as browser hijackers, cashback hack tools, and data stealers.  The researchers noted that the malicious extensions are spread via an installer hidden in pirated copies of popular video games like Grand Theft Auto, Assassins Creed, and The Sims 4, which are distributed from torrent sites.  The researchers notified Google of its findings, and the tech giant removed the offending extensions from the Chrome Web Store.

Submitted by Adam Ekwall on

"Ransomware Leak Site Victims Reached Record-High in November"

"Ransomware Leak Site Victims Reached Record-High in November"

According to security researchers at Corvus Insurance, ransomware groups seemed to return with a vengeance in November after a quieter month in October, with the highest number of listed victims ever recorded.  The researchers observed 484 new ransomware victims posted to leak sites in November.  This represents a 39.08% increase from October and a 110.43% increase compared with November 2022.  The researchers noted that this is the eleventh month in a row with a year-on-year increase in ransomware victims and the ninth in a row with victim counts above 300.

Submitted by Adam Ekwall on

"Cybersecurity of Genomic Data: NIST IR 8432"

"Cybersecurity of Genomic Data: NIST IR 8432"

The National Cybersecurity Center of Excellence (NCCoE) has released NIST Internal Report (IR) 8432, "Cybersecurity of Genomic Data," which delves into current genomic data security practices, challenges, and proposed solutions identified by genomic data stakeholders from industry, government, and academia. The growth of the US bioeconomy has been fueled by genomic data, including DNA sequences, variants, and gene activity. The value of this information has sparked cybersecurity and privacy concerns.

Submitted by Gregory Rigby on

"Unplugging Doubt"

"Unplugging Doubt"

Sauvik Das, assistant professor at Carnegie Mellon's Human-Computer Interaction Institute, and fellow researchers have explored how to disable smart speakers' microphones and provide users with perceptible assurance that they are not being recorded. Many users know that their smart speakers have built-in microphones, but they are unsure when the speakers are recording data and what data is eventually transmitted and processed. Smart speaker manufacturers are commonly companies that gain significant benefits from collecting users' personal data, but there are privacy risks.

Submitted by Gregory Rigby on

"Vulnerabilities Discovered in Internet Standard SSH"

"Vulnerabilities Discovered in Internet Standard SSH"

Critical vulnerabilities in the Secure Shell (SSH) protocol have been discovered by a team of researchers at Ruhr University Bochum. They discovered that certain security-related parts of the standard are broken, allowing attackers to delete data from the secure connection. SSH is mainly used where servers are managed remotely. This protocol is supported by more than 15 million servers on the Internet. SSH is also implemented in network devices such as routers. SSH attacks can be dangerous because, in the worst-case scenario, attackers can gain complete control of the server.

Submitted by Gregory Rigby on
Subscribe to