Category: Hacking

Researchers have developed a new attack against Bluetooth-enabled devices that takes advantage of the fact that these devices are always listening for connections and can be used by attackers to connect to nearby devices and then exploit one of several new vulnerabilities in the protocol to compromise the devices. The attack is known as BlueBorne…

It would seem that data breaches have now reached their logically absurd peak. The compromise of Equifax, revealed last Thursday evening, is the kind of incident you get when attackers get bored of stealing cases of bottled water and decide to steal the entire mountain spring instead. As reported by Bloomberg, the breach affects the…

A vulnerability in nearly all of the current versions of Android can be used by attackers to execute an overlay attack to trick users into installing malware, ransomware, or other malicious apps. The flaw affects most of the Android devices in use right now, except for those that have been updated to Oreo, the newest…

Researchers have developed a method for sending human-inaudible ultrasonic voice commands to voice-enabled assistants such as Alexa, Siri, and Google Assistant that could be used to force the assistants to visit attacker-controlled websites or take control of other connected smart devices. The technique is known as DolphinAttack and was developed by academic researchers at Zhejiang…

A severe remote code execution vulnerability has been sitting unnoticed in the Apache Struts web-app development framework for nine years, a flaw that researchers say threatens critical systems in banks, airlines, and many other organizations. The vulnerability lies in the way that the Struts framework handles untrusted data and researchers at lgtm, the company that…

The adware attack campaign that was spreading through Facebook Messenger late last month was enabled by the use of fake Chrome extensions and also stole victims’ Facebook access tokens. The campaign began spreading in the last couple of weeks of August through the use of Messenger messages that included the recipient’s name and a shortened…

Police in Ukraine have arrested a 51-year-old man in connection with spreading the notorious Petya ransomware earlier this summer. In their statement, the Ukraine Cyberpolice did not say that the man was accused of creating Petya, only that he allegedly helped spread it. The outbreak of a ransomware connected to Petya in June was centered in Ukraine…

The ransomware that wreaked havoc on San Francisco’s Muni mass transit system last Thanksgiving has resurfaced and is infecting enterprises in several countries around the world. The Mamba ransomware used in these attacks isn’t one of the big-name variants like Cryptolocker or Petya, but it has the potential to cause serious problems. Last November the malware infected…

Malware authors and cybercrime gangs, like professionals in legitimate fields, watch their competition closely and take what works and add it to their own arsenals. The latest evidence of this comes in the form of a new function added to the Trickbot banking trojan that allows it to spread in worm-like fashion using SMB. That…