News aggregator

New Android Malware Apps Use Motion Sensor to Evade Detection

THN - Fri, 18/01/2019 - 09:37
Even after so many efforts by Google for preventing its Play Store from malware, shady apps somehow managed to fool its anti-malware protections and get into its service to infect Android users with malware. Two such Android apps have recently been spotted on the Google Play Store by security researchers with the Trend Micro malware research team, infecting thousands of Android users who have

Ep. 015 – USB anti-hacking, bypassing 2FA and government insecurity [PODCAST]

Sophos - Naked Security - Fri, 18/01/2019 - 09:22
Here's the latest Naked Security podcast - enjoy!

YouTube bans dangerous and harmful pranks and challenges

Sophos - Naked Security - Fri, 18/01/2019 - 08:33
The platform can't keep us from driving while blindfolded, but at least it can remove videos that glorify our more brainless moments.

A Twitter Bug Left Android Users' Private Tweets Exposed For 4 Years

THN - Fri, 18/01/2019 - 04:49
Twitter just admitted that the social network accidentally revealed some Android users' protected tweets to the public for more than 4 years — a kind of privacy blunder that you'd typically expect from Facebook. When you sign up for Twitter, all your Tweets are public by default, allowing anyone to view and interact with your Tweets. Fortunately, Twitter also gives you control of your

Microsoft font gives away forgery in bankruptcy case

Sophos - Naked Security - Thu, 17/01/2019 - 12:34
In a case that could be straight out of a legal TV drama, a computing font has cost a couple two houses in a Canadian bankruptcy case.

Email crooks swindle woman out of $150K from home sale

Sophos - Naked Security - Thu, 17/01/2019 - 12:13
She sent her bank account details three times, she said. Unfortunately, they wound up in crooks' hands, and her money wound up in their pockets.

Change your password! VoIP provider leaves huge database exposed online

Sophos - Naked Security - Thu, 17/01/2019 - 11:28
A researcher has discovered an exposed database containing gigabytes of call logs, SMS data, and internal system credentials belonging to US Voice-over-IP (VoIP) service provider

Two charged with hacking company filings out of SEC’s EDGAR system

Sophos - Naked Security - Thu, 17/01/2019 - 09:51
They're charged with phishing and inflicting malware to get into the EDGAR filing system, stealing thousands of filings, and selling access.

Ukrainian Police Arrest 6 Hackers Linked to DDoS and Financial Attacks

THN - Thu, 17/01/2019 - 07:37
Ukrainian Police have this week busted out two separate groups of hackers involved in carrying out DDoS attacks against news agencies and stealing money from Ukrainian citizens, respectively. According to the authorities, the four suspected hackers they arrested last week, all aged from 26 to 30 years, stole more than 5 million Hryvnia (around 178,380 USD) from the bank accounts of Ukrainian

Unprotected Government Server Exposes Years of FBI Investigations

THN - Thu, 17/01/2019 - 05:45
A massive government data belonging to the Oklahoma Department of Securities (ODS) was left unsecured on a storage server for at least a week, exposing a whopping 3 terabytes of data containing millions of sensitive files. The unsecured storage server, discovered by Greg Pollock, a researcher with cybersecurity firm UpGuard, also contained decades worth of confidential case files from the

Hackers infect e-commerce sites by compromising their advertising partner

THN - Wed, 16/01/2019 - 16:04
Magecart strikes again, one of the most notorious hacking groups specializes in stealing credit card details from poorly-secured e-commerce websites. According to security researchers from RiskIQ and Trend Micro, cybercriminals of a new subgroup of Magecart, labeled as "Magecart Group 12," recently successfully compromised nearly 277 e-commerce websites by using supply-chain attacks. Magecart

Flight Booking System Flaw Affected Customers of 141 Airlines Worldwide

THN - Wed, 16/01/2019 - 10:56
Almost half of the fight travelers around the world were found exposed to a critical security vulnerability discovered in online flight ticket booking system that allowed remote hackers to access and modify their travel details and even claim their frequent flyer miles. Israeli network security researcher Noam Rotem discovered the vulnerability when he booked a flight on the Israeli airline

Are you sure those WhatsApp messages are meant for you?

Sophos - Naked Security - Wed, 16/01/2019 - 10:26
Abby Fuller got a shock when she logged into WhatsApp using a new telephone number. She found someone else’s messages waiting for her.

Intel patches another security flaw in SGX technology

Sophos - Naked Security - Wed, 16/01/2019 - 10:19
Of the six advisories Intel released last week, the most interesting is a flaw discovered in the company’s Software Guard Extensions (SGX).

Beware buying Fortnite’s V-Bucks, you could be funding organised crime

Sophos - Naked Security - Wed, 16/01/2019 - 09:50
Credit card thieves are laundering money by purchasing the in-game currency V-Bucks, then selling it back at a discount to players.

Feds can’t force you to unlock your phone with finger or face, says judge

Sophos - Naked Security - Wed, 16/01/2019 - 09:02
The landmark decision asserts the same legal protection for biometrics that we're given for passcodes.

Fortnite Flaws Allowed Hackers to Takeover Gamers' Accounts

THN - Wed, 16/01/2019 - 08:58
Check Point researchers have discovered multiple security vulnerabilities in Fortnite, a massively popular online battle game, one of which could have allowed remote attackers to completely takeover player accounts just by tricking users into clicking an unsuspectable link. The reported Fortnite flaws include a SQL injection, cross-site scripting (XSS) bug, a web application firewall bypass

Unprotected VOIP Server Exposed Millions of SMS Messages, Call Logs

THN - Wed, 16/01/2019 - 07:21
A California-based Voice-Over-IP (VoIP) services provider VOIPO has accidentally left tens of gigabytes of its customer data, containing millions of call logs, SMS/MMS messages, and plaintext internal system credentials, publicly accessible to anyone without authentication. VOIPo is one of a leading providers of Voice-Over-IP (VoIP) services in the United States offering reseller VoIP, Cloud

5 Popular Web Hosting Services Found Vulnerable to Multiple Flaws

THN - Wed, 16/01/2019 - 05:15
A security researcher has discovered multiple one-click client-side vulnerabilities in the some of the world's most popular and widely-used web hosting companies that could have put millions of their customers as well as billions of their sites' visitors at risk of hacking. Independent researcher and bug-hunter Paulos Yibelo, who shared his new research with The Hacker News, discovered roughly

Two Hackers Charged with Hacking SEC System in Stock-Trading Scheme

THN - Tue, 15/01/2019 - 17:34
The U.S. authorities have charged two Ukrainian hackers for hacking into the Securities and Exchange Commission's EDGAR filing system and stealing sensitive market-moving reports of companies before their public release. EDGAR, or Electronic Data Gathering, Analysis, and Retrieval, is an online filing system wherein companies submit their financial filings. The system processes around 1.7


Subscribe to Shiga Tecnologia aggregator