Canadian Telcos Patch an APT-Ready Flaw in Disability Services

Canadian telcos have patched a widespread local file-disclosure flaw in disability services that allow people who are deaf, hard of hearing, or have a speech disorder to place calls through a text telephone or other assistive devices. The vulnerability opens the door for widespread attacks on...

Side-Channel PoC Attack Lifts Private RSA Keys from Mobile Phones

Researchers have developed a proof-of-concept side-channel attack that allows them to pull encryption keys from a single decryption for a modern version of OpenSSL. The attack impacts mobile devices — without physical access to the handsets. A group of researchers at Georgia Tech were able to...

Darkhotel Exploits Microsoft Zero-Day VBScript Flaw

Researchers have discovered that the Darkhotel APT is exploiting a recently-patched zero-day vulnerability impacting Microsoft VBScript. Researchers at Trend Micro recently disclosed the flaw in Microsoft Visual Basic Scripting Engine VBScript, an active scripting language developed by Microsoft...

GandCrab’s Rotten EGGs Hatch Ransomware in South Korea

The VenusLocker group appears to be back, hatching a fresh GandCrab ransomware campaign, so to speak, using the EGG niche file type. The emails with EGG attachments are meant to specifically take aim at South Korean users. Trend Micro researchers, who first observed the offensive campaign in earl...

Philips Vulnerability Exposes Sensitive Cardiac Patient Information

A vulnerability in the Philips IntelliSpace Cardiovascular ISCV line of medical data management products would allow privilege escalation and arbitrary code execution – opening the door for an attacker to siphon out all kinds of confidential patient information, including medical images and full...

Unique Malspam Campaign Uses MS Publisher to Drop a RAT on Banks

UPDATE A malspam campaign targeting a slew of banks is turning researchers’ heads with its unusual use of a Microsoft Office Publisher file to infect victims’ systems with a well-known backdoor. Researchers with Trustwave said that they have seen a spate of emails with a Microsoft Office Publishe...

Severe PHP Exploit Threatens WordPress Sites with Remote Code Execution

UPDATE Researchers have created a proof-of-concept exploit that would enable bad actors to target a severe vulnerability in the PHP programming language behind several major CMS companies, including WordPress. The vulnerability remains unresolved – more than a year after it was reported. The...

AT&T Faces $224M Legal Challenge Over SIM-Jacking Rings

Cryptocurrency investor and Dogecoin founder Michael Terpin has filed a $223.8 million lawsuit against AT&T, alleging the mobile phone giant turned a blind eye to SIM fraud. Terpin alleges that more than 3 million cryptocurrency tokens worth $24 million were lifted from his digital wallet at an...

ThreatList: Almost Half of the World’s Top Websites Deemed ‘Risky’

Nearly half of the world’s most popular websites are risky places to visit, according to a fresh analysis of top Alexa sites. Vulnerable code, the running of active content from risky background sites, and large amounts of code downloads marked a good chunk of the top 50 websites used in all of t...

Only ATM Heists Set to Accelerate After $13M Break-In

Mere days after the Feds warned banks about an impending ATM cash heist, hackers managed to siphon $13 million from the Pune, India-based Cosmos Bank – using cloned versions of the bank’s debit cards over the course of two days. It’s unlikely to be the last ATM theft that makes news, given how...

Highly Flexible Marap Malware Enters the Financial Scene

A newly discovered downloader malware has been discovered as part of a new campaign primarily targeting financial institutions. Researchers at Proofpoint said today that the downloader – dubbed “Marap” after its command-and-control phone-home parameter, “param,” spelled backwards – is notable for...

New Trickbot Variant Touts Stealthy Code-Injection Trick

Trickbot has been around since 2016 – but a new variant of the infamous financial trojan has caught the eyes of researchers with a stealthy code-injection technique. Researchers at Cyberbit this week said that they have found a new Trickbot iteration that features a sneaky method of performing...

‘China’s MIT’ Linked to Espionage Campaign Against Alaska, Economic Partners

An extensive cyberespionage campaign was disclosed today, targeting high-value international and U.S. government agencies and companies and emanating from an IP address associated with Tsinghua University, colloquially known as “China’s MIT.” The actors have gone after a range of targets, includi...

Google Expands Bug-Bounty Program to Battle Abuse Methods

Google is now offering rewards for newly-discovered techniques that bad actors could use to bypass its systems protecting against abuse, fraud and spam. The company has expanded its bug bounty program scope beyond security vulnerabilities to also focus on mitigations around potential abuse method...

Open MQTT Servers Raise Physical Threats in Smart Homes

Tens of thousands of consumer-grade Internet of Things IoT servers have been found wide-open on the internet, allowing cybercriminals to potentially compromise homeowners’ physical security. Bad actors can gain complete access to smart-home footprints to track owners’ movements, see if smart door...

ThreatList: Telecom Sector Plagued with Advanced Malware

The telecom sector is being plagued with dangerous types of malware that can lead to significant loss of confidential or regulated data, a report has found. Lastline’s findings, published today, found that telecom sector threats are “ahead of the curve,” based on an analysis of threats to the...

Google Chrome Bug Opens Access to Private Facebook Information

A browser bug in Google Chrome has been discovered that lets bad actors uncover private data stored on Facebook, Google sites and other platforms, by using video and audio HTML tags, and the filtering functions in websites. The bug in question exists in the Blink engine, which is used to power...

Microsoft Cortana Flaw Allows Web Browsing on Locked PCs

As voice assistants like Alexa and Google Home gain traction in the smart-home market, they have also been under increased speculation around how they approach privacy. Now, researchers say they have discovered a newly-disclosed flaw in Microsoft’s Cortana assistant for Windows 10 machines that...

BlackIoT Botnet: Can Water Heaters, Washers Bring Down the Power Grid?

We live in a world where washing machines text us when a load of laundry is finished and refrigerators can email grocery lists; but for all the convenience, it turns out that these high-wattage appliances can potentially be marshaled into something very inconvenient indeed: A wide-scale attack on...

Office 365 Phishing Campaign Hides Malicious URLs in SharePoint Files

UPDATE Researchers have detected a new phishing campaign that mainly targets Office 365 customers to harvest their credentials. The campaign, dubbed “PhishPoint,” is spread to victims via emails containing a SharePoint document and invitation to collaborate. However, when clicked, the file contai...

ThreatList: Financial-Themed Phishing Hooks Targets in Q2

The financial sector continued to be a main target of phishing attacks in the second quarter. Kaspersky Lab’s Spam and Phishing in Q2 2018 report found that one-third 35.7 percent of observed attempts were related to financial services including banks, payment services and online stores, targetin...

Podcast: Bugcrowd Founder on Printer Bugs, IoT Bounty Hunting, and New VDP Project

Bugcrowd has had a busy summer. Recently, the bug-bounty company partnered with HP to launch the first-ever bug bounty program for printers, with rewards of up to $10,000 for discovered vulnerabilities. Bugcrowd also recently announced Disclose.io, an open-sourced project to standardize best...

Patch Tuesday: Microsoft Addresses Two Zero-Days in 60-Flaw Roundup

Microsoft has rolled out its August Patch Tuesday fixes, addressing 19 critical vulnerabilities, including fixes for two zero-day vulnerabilities that are under active attack. Overall, the company patched a total of 60 flaws, spanning Microsoft Windows, Edge, Internet Explorer IE, Office, .NET...

Victims Lose Access to Thousands of Photos as Instagram Hack Spreads

An Instagram hack is spreading across the internet, with increasing numbers of victims finding their accounts hijacked and personal details altered — and account recovery so far impossible. Starting in the beginning of the month, people started experiencing random log-outs on their accounts; from...

Intel CPUs Undermined By Fresh Speculative Execution Flaws

UPDATE Three new speculative execution design flaws in Intel CPUs were disclosed today, this time impacting Intel’s Software Guard Extensions SGX technology, its OS and system management mode SMM and hypervisor software. The three vulnerabilities would allow attacks on Intel Core and Xeon...

Microsoft Flaw Allows Full Multi-Factor Authentication Bypass

A vulnerability in Microsoft’s Active Directory Federation Services ADFS has been uncovered that would allow malicious actors to bypass multi-factor authentication MFA safeguards. Many organizations rely on ADFS to manage identities and resources across their entire enterprise, and ADFS functions...

Google Services Track User Movements In Privacy Faux Pas

Device privacy continues be a top concern this year as consumers start thinking about when, how and why their personal data is collected. Google is the latest technology giant to find itself in hot water around privacy after a new report alleged that Google services track customers’ movements –...

Researchers Break IPsec VPN Connections with 20-Year-Old Protocol Flaw

A new Bleichenbacher oracle cryptographic attack has been set loose on the world, using a 20-year-old protocol flaw to compromise the Internet Key Exchange IKE protocol used to secure IP communications. Specifically, the attack targets IKE’s handshake implementation used for IPsec-based VPN...

Adobe Patch Tuesday: Fixes for Critical Acrobat and Reader Flaws

Adobe has released 11 total fixes for an array of products during today’s Patch Tuesday release, including two critical patches for Acrobat and Reader. This month’s release comes on the heels of Adobe fixing a whopping 112 vulnerabilities in its July Patch Tuesday release last month, including...

Black Hat Exclusive Video: The IoT Security Threat Looms for Enterprises

IoT devices are everywhere – from connected smart-home gadgets to industrial IoT systems. And it’s not stopping anytime soon – consumer IoT spending is set to reach $62 billion in 2018, making it the fourth largest industry segment, according to market research firm IDC. Many of these IoT devices...

ThreatList: Almost All Security Pros Believe Election Systems Are at Risk

As the U.S. midterm election season gets underway in earnest, concerns about the ability to hack the vote is more in the spotlight than ever. A fresh survey from Venafi has found that a full 93 percent of security pros are concerned about cyber-attacks targeting election infrastructure. The poll,...

Podcast: Black Hat USA and DEF CON 2018 Wrap

Las Vegas was filled with researchers, executives, and hackers last week for the Black Hat USA and DEF CON 2018 conferences. In our wrap-up podcast, Threatpost’s Lindsey O’Donnell and Tara Seals talk about their favorite parts of the show. Among the most interesting topics at the shows included I...

New Variant of KeyPass Ransomware Discovered

A new variant of the KeyPass ransomware has been gaining traction in August and is using new techniques like manual control to customize its encryption process, researchers said Monday. Researchers at Kaspersky Lab who posted about the trojan said that it is being propagated by means of fake...

Black Hat 2018: IoT Security Issues Will Lead to Legal ‘Feeding Frenzy’

LAS VEGAS – The troves of insecure internet of things IoT devices have not yet led to widespread legal implications. But that’s set to change, a well-known attorney warned at Black Hat USA last week. Ijay Palansky, partner at the law firm Armstrong Teasdale, said at the conference last week that...

GoDaddy Leaks ‘Map of the Internet’ via Amazon S3 Cloud Bucket Misconfig

UPDATE GoDaddy, the world’s largest domain name registrar, has exposed high-level configuration information for tens of thousands of systems and competitively sensitive pricing options for running those systems in Amazon AWS, thanks to yet another cloud storage misconfiguration. The documents wer...

DEF CON 2018: ‘Man in the Disk’ Attack Surface Affects All Android Phones

A function of the Android storage mechanism opens up an attack surface that affects all Android devices, and allows an attacker to corrupt data, steal sensitive information or even take control of a mobile phone. Simply put, the issue – dubbed “man in the disk” – allows a bad actor to hijack the...

Black Hat Video Exclusive: Mobile APTs Redefining Phishing Attacks

LAS VEGAS: Mike Murray, vice president of security intelligence at Lookout, talks with Threatpost’s Tom Spring to discuss the latest trends in mobile advanced persistence threats APTs. He said mobile is redefining traditional inbox phishing. On smartphones, phishing includes dangerous links insid...

DEF CON 2018: Voting Hacks Prompt Push Back from Election Officials, Vendors

LAS VEGAS – DEF CON 26, building on its work in hacking ballot machines last year, saw three days of probing into various aspects of the end-to-end voting infrastructure in place in the U.S., including a voter registration database and election reporting websites. Several vulnerabilities and...

DEF CON 2018: Critical Bug Opens Millions of HP OfficeJet Printers to Attack

LAS VEGAS – Tens of millions of fax-ready HP OfficeJet inkjet printers are vulnerable to a simple hack that gives an attacker full control over a targeted printer. Once compromised, the all-in-one OfficeJet could act as a springboard for deeper network penetration by an attacker. Here at DEF CON,...

DEF CON 2018: Apple 0-Day (Re)Opens Door to ‘Synthetic’ Mouse-Click Attack

LAS VEGAS – By tweaking just two lines of code, a researcher stumbled on an Apple zero-day that could allow a local attacker to virtually “click” a security prompt and thus load a kernel extension on systems running Apple’s latest High Sierra operating system. Kernel access on a Mac gives an...

DEF CON 2018: Hacking Medical Protocols to Change Vital Signs

LAS VEGAS – In recent years there has been more attention paid to the security of medical devices; however, there has been little security research done on the unique protocols used by these devices. Many of the insulin pumps, heart monitors and other gadgets found in hospital rooms use aging...

DEF CON 2018: Telltale URLs Leak PII to Dozens of Third Parties

LAS VEGAS – When we order food online, book a plane ticket or purchase seats for a show, we often get an email confirmation with a handy link that, when clicked, takes us directly to our confirmation, with no need to log back into the site. These pages have our confirmation code, the ability to...

Chris Valasek and Charlie Miller: How to Secure Autonomous Vehicles

LAS VEGAS – Concerns over cybersecurity issues in vehicles are nothing new – with worries peaking after the 2015 hack of a Jeep Cherokee that enabled control of key functions of the car. And now, the rise of autonomous vehicles are driving a new set of challenges and concerns for the infosec...

Black Hat 2018: Voice Authentication is Broken, Researchers Say

LAS VEGAS – We live in a world increasingly dominated by voice-enabled smart digital assistants. More and more we rely on Amazon’s Alexa to tell us if we have any new messages. We ask Google Home smart speakers to remind us of calendar appointments. Some banks even allow users to use their voice ...

With Healthcare Security Flaws, Safety’s Increasingly at Stake

LAS VEGAS – The healthcare space continues to face threats when it comes to cybersecurity – and researchers are concerned that security threats are evolving from impacting patient data privacy to actually threatening patient safety. A lax culture around cybersecurity from medical device...

Understanding TRITON and the Missing Final Stage of the Attack

In December 2017 it was reported that a Middle Eastern oil and gas petrochemical facility had undergone a safety system shutdown as the result of a malware attack. The malware, named TRITON also TRISIS or HatMan exceeded other industrial cyberattacks because it directly interacted with and...

Black Hat 2018: Widespread Critical Flaws Found in Smart-City Gear

Smart-city technology continues to roll out in municipalities worldwide – everything from automated alerts about weather hazards and traffic issues to smart lighting and connected trash systems. However, like the rest of the Internet of Things IoT ecosystem, security is always a concern, as...

Black Hat 2018: Stealthy Kernel Attack Flies Under Windows Mitigation Radar

There are lots of Holy Grails when it comes to compromising endpoints. One of them has long been an attack that leads to kernel ring0 access on a Windows system. That translates into so-called “God Mode” for hackers — and “game over” for victims. This is why Microsoft has gone to great lengths ov...

Hacking For Sport: A Journey in Reverse Engineering a Toshiba Wireless SD Card

LAS VEGAS -Like many good hacks, necessity was the mother of invention for researcher Guillaume Valadon. When the head of the network security laboratory at ANSSI tried turn a cheap non-wired digital photo frame lying around his house into a wireless one with a Toshiba FlashAir SD storage card...

New Actor DarkHydrus Targets Middle East with Open-Source Phishing

Government entities and educational institutions in the Middle East are under attack in an ongoing credential-harvesting campaign, mounted by a newly-named threat group known as DarkHydrus. In a twist on the norm, the group is leveraging the open-source Phishery tool to carry out its dark work. T...