PINDROP BLOG

Category: Hacking

July 26, 2017 | Dennis Fisher
Attackers Can Take Over Your Local Car Wash From the Internet
LAS VEGAS–Researchers are continuing to find new and interesting ways to demonstrate the fragility and poor security of IoT devices, and the latest test bed is your local car wash. A weakness in the design of the software that runs a large number of automated car washes in the U.S can allow a remote attacker…
Read More →
July 26, 2017 | Dennis Fisher
Facebook CSO: It’s Time to Focus on Real Problems
LAS VEGAS–The security community needs to get back to solving real problems facing real users in the real world, Facebook’s CSO said, and the company is putting up a million dollars to help do that. Alex Stamos, the top security official at Facebook, said security professionals are spending too much time focusing on elaborate hacks…
Read More →
July 21, 2017
Google to Drop Trust For WoSign in September
Google has finalized its plan to remove trust in Chrome for all certificates issued by Chines CA WoSign, a result of the certificate authority run afoul of the intricate rules that govern CAs. As far back as 2015, officials began noticing certificates issued by WoSign that had one or more problems and violated rules established…
Read More →
July 20, 2017
U.S., European Law Enforcement Take Down AlphaBay Dark Web Market
Authorities in the United States and Europe have shut down two huge criminal marketplace operating on the dark web, one of which officials say was responsible for more than $1 billion in illicit transactions in the last three years. The investigations into the AlphaBay and Hansa marketplaces have been going on since last year, and…
Read More →
July 18, 2017
GhostCtrl Android Malware Hijacks Audio, Roots Devices
A recently discovered piece of Android malware called GhostCtrl apparently evolved from the well-known OmniRAT tool for desktop platforms and has the ability to steal or delete a wide variety of user and device data. GhostCtrl has an interesting pedigree and history. The backdoor is connected to a data-stealing worm known as Retadup that was detected…
Read More →
July 18, 2017
New Data Shows Attackers Focusing More Attention on iOS
A new report released this morning by Skycure shows that attackers are beginning to focus more and more of their attention on iOS, even as attacks on Android are leveling out . This would be the first time in iOS’s 10 year history that attacks on that platform have outpaced that of its main competitor, Google’s Android.   The…
Read More →
July 17, 2017
Cisco Fixes Remote Code Execution Flaw in WebEx Extensions
Cisco has patched a serious remote code execution flaw in its WebEx extensions for both Google Chrome and Mozilla Firefox, a bug that could be exploited quite easily. The vulnerability affects several different browser extensions produced by WebEx, including the Cisco WebEx Meetings Server, Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center), and Cisco…
Read More →
July 14, 2017
Attackers Compromising Fresh WordPress Installs
Attackers are scanning for new WordPress installations that haven’t been configured yet and compromising them and then using that access to take over entire sites. The attacks have been going on since May and researchers have seen many IP addresses that typically are engaged in other attack campaigns joining in this one, too. Using automated tools,…
Read More →
July 13, 2017
Congressmen Seek to Outlaw Cyber Intel Sharing With Russia
A group of House Democrats has introduced a bill that would formalize a policy of the United States not sharing cyber intelligence with Russia. The proposed law is a direct response to comments President Donald Trump made earlier this week after he met with Russian President Vladimir Putin. After the meeting, Trump said on Twitter…
Read More →
July 13, 2017
Verizon Says Data Breach Exposure Limited
Verizon has acknowledged that millions of customer records, including phone numbers and account PINs, were exposed in a misconfigured cloud database, but says no one aside from a security researcher accessed the data. The data was in an Amazon cloud bucket administered by a third-party vendor used by Verizon in Israel. Chris Vickery, a researcher…
Read More →
In a race of information vs. misinformation, what will deep fakes and data breaches look like? Register for our webinar to learn how to defend against these types of threats