Alexa, Google Home Eavesdropping Hack Not Yet Fixed

Months after researchers disclosed a new way to exploit Alexa and Google Home smart speakers to spy on users, those same researchers now warn that Amazon and Google have yet to create effective ways to prevent the eavesdropping hack. The researchers who in October disclosed the “Smart Spies” hack...

This Week in Security News: Skimming and Phishing Scams Ahead of Black Friday and Polish Hacking Team Wins Capture the Flag Competition

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about recent skimming and phishing scams as we head into the holidays and how you can protect yourself and your organization. Also, re...

News Wrap: Voice Assistant Laser Hack, Twitter Insider Threats, Data Breach Fine Fails

Threatpost editors break down the top news stories for the week ended Nov. 8. The hot stories of the week include: Despite trillions of dollars in data-breach fine payouts, each year the number of compromised companies and individuals with private data exposed rise – a Threatpost feature looks at...

Rogue TrendMicro Employee Sold Customer Data to Tech Support Scammers

Do you always uncomfortable trusting companies with your data? If so, you're not alone. While companies do much to protect themselves from external threats, insiders always pose the highest risk to a company's data. Unfortunately, when we say companies can't eliminate insider threat completely,...

Alexa, Siri, Google Smart Speakers Hacked Via Laser Beam

Researchers have discovered a new way to hack Alexa and Siri smart speakers merely by using a laser light beam. No physical access of the victims’ device, or owner interaction, is needed to launch the hack, which allows attackers to send voice assistants inaudible commands such as unlocking doors...

WhatsApp Spyware Attack: Uncovering NSO Group Activity

On the heels of Facebook filing a lawsuit against Israeli company NSO Group — alleging that it was behind the massive WhatsApp hack earlier this year — privacy experts say that the move is “popping the unaccountable bubble” that commercial spyware companies have carved out for themselves. After...

Facebook Sues NSO Group Over Alleged WhatsApp Hack

Facebook has filed a lawsuit against Israeli company NSO Group, creator of the Pegasus spyware, alleging that it was behind the massive WhatsApp hack earlier this year. In May 2019, a zero-day vulnerability was found in WhatsApp’s messaging platform, exploited by attackers who were able to inject...

Bedside Hotel Robot Hacked to Stream In-Room Video

A Japanese hotel chain called “Henn na” that uses robots in lieu of human staff is wrestling with bedside bots that researchers hacked to view video footage from guest rooms. The chain’s parent, HIS Group, owns 10 locations throughout Japan that leverage robots with facial recognition capability...

“BriansClub” Hack Rescues 26M Stolen Cards

"BriansClub," one of the largest underground stores for buying stolen credit card data, has itself been hacked. The data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, includin...

A pervert Yahoo employee hacked 6,000 accounts using internal system

By Waqas A former Yahoo engineer hacked 6,000 Yahoo Mail account to extract the personal information of victims primarily sexual images and videos. This is a post from HackRead.com Read the original post: A pervert Yahoo employee hacked 6,000 accounts using internal system...

iOS Exploit 'Checkm8' Could Allow Permanent iPhone Jailbreaks

A researcher is warning of an un-patchable bug affecting hundreds of millions of iPhones that gives attackers system-level access to handsets via an unblockable jailbreak hack. Right now, the scope of the attack is limited. The exploit is dubbed “checkm8” by a security researcher who goes by the...

Masad Spyware Uses Telegram Bots for Command-and-Control

A freshly discovered commercial spyware dubbed the “Masad Clipper and Stealer” is using Telegram bots as its command-and-control C2 hub. Masad harvests information from Windows and Android users and also comes with a full cadre of other malicious capabilities, including the ability to steal...

bibliotheque.nievre.fr Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-979263 Security Researcher Rbcafe Helped patch 270 vulnerabilities Received 3 Coordinated Disclosure badges Received 8 recommendations , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affecting bibliotheque.nievre.fr website...

A week in security (September 2 – 8)

Last week on Malwarebytes Labs, we looked at a smart social engineering toolkit, delved into TrickBot tampering with trusted texts, and explained five ways to help keep remote workers safe. Other cybersecurity news A new Chinese Deepfake app is under fire for privacy concerns related to the use o...

Twitter temporarily disables 'Tweeting via SMS' after CEO gets hacked

Twitter today finally decided to temporarily disable a feature, called 'Tweeting via SMS,' after it was abused by a hacking group to compromise Twitter CEO Jack Dorsey last week and sent a series of racist and offensive tweets to Dorsey's followers. Dorsey's Twitter account was compromised last...

Massive iPhone Hack Targets Uyghurs

China is being blamed for a massive surveillance operation that targeted Uyghur Muslims. This story broke in waves, the first wave being about the iPhone. Earlier this year, Google's Project Zero found a series of websites that have been using zero-day vulnerabilities to indiscriminately install...

Twitter CEO Jack Dorsey’s account hacked with racial slurs

By Waqas A group of hackers going by the handle of "Chuckle Squad" hacked the official Twitter account of Twitter CEO Jack Dorsey on Friday afternoon. This is a post from HackRead.com Read the original post: Twitter CEO Jack Dorsey’s account hacked with racial slurs...

An Unprecedented iPhone Hack, a Wi-Fi Leg Implant, and More News

Catch up on the most important news from today in two minutes or less...

A Huge Ransomware Attack Messes With Texas

A coordinated strike against 23 local governments is called the largest such hack from a single source...

Brazilian Cell Phone Hack

I know there's a lot of politics associated with this story, but concentrate on the cybersecurity aspect for a moment. The cell phones of a thousand Brazilians, including senior government officials, were hacked -- seemingly by actors much less sophisticated than rival governments. Brazil's...