fbpx

Download free GDPR compliance checklist!

Tag Archives for " hacking "

Iranian hackers’ Android malware spies on dissidents by stealing 2FA codes

An Iranian hacking group made Android malware that appears built to spy on regime critics by stealing their two-factor codes.

The attackers first use a phishing trojan to collect login details, and then try those with the real site. If the victim has two-factor authentication turned on, the newly-reported malware intercepts the incoming SMS messages and quietly sends copies to the intruders.

Source: Iranian hackers’ Android malware spies on dissidents by stealing 2FA codes | Engadget

ECHR dismisses Privacy International case on UK state hacking

The European Court of Human Rights (ECHR) dismissed the claim Privacy International and coalition of internet and communications service providers and campaign groups for failure to pursue all domestic remedies.

Coalition in ECHR challenged the conduct of hacking operations abroad by one of the UK’s intelligence agencies, the Government Communications Headquarters (GCHQ), and originated in the Investigatory Powers Tribunal (IPT), which hears claims against the UK intelligence agencies.

Source: PI’s statement on the ECtHR decision in Privacy International v. UK | Privacy International

Hackers are exploiting a critical flaw affecting >350,000 WordPress sites

Hackers are actively exploiting a vulnerability that allows them to execute commands and malicious scripts on Websites running File Manager, a WordPress plugin with more than 700,000 active installations, researchers said on Tuesday.

Attackers are using the exploit to upload files that contain webshells that are hidden in an image. Word of the attacks came a few hours after the security flaw was patched. Website security firm Wordfence said that it had blocked more than 450,000 exploit attempts in the past few days.

Source: Hackers are exploiting a critical flaw affecting >350,000 WordPress sites | Ars Technica

Marriott International faces class action suit over mass data breach

Technology consultant leads legal action after hackers stole personal details of 300m guests.

Hotel group Marriott International is facing a class action lawsuit in London’s high court from millions of customers, who are seeking compensation after their personal details were stolen in one of the world’s largest data breaches .

Source: Marriott International faces class action suit over mass data breach

U.S. Government Contractor Embedded Software in Apps to Track Phones

Anomaly Six LLC , a small U.S. company with ties to the U.S. defense and intelligence communities has embedded its software in numerous mobile apps, allowing it to track the movements of hundreds of millions of mobile phones world-wide.

Virginia-based company founded by two U.S. military veterans with a background in intelligence, said in marketing material it is able to draw location data from more than 500 mobile applications, in part through its own software development kit, or SDK, that is embedded directly in some of the apps.

Source: U.S. Government Contractor Embedded Software in Apps to Track Phones – WSJ

WhatsApp spyware attack: senior clergymen in Togo among activists targeted

A prominent Catholic bishop and a priest in Togo have been told they were targeted by spyware made by the private surveillance firm NSO Group, in the first known case of its kind involving members of the clergy.

WhatsApp announced last year that 1,400 of its users were attacked with the malware, which is made by Israel’s NSO Group, over a two-week period last April.

Source: WhatsApp spyware attack: senior clergymen in Togo among activists targeted | Technology | The Guardian

Years before big hack, Twitter contractors reportedly spied on celebs

Years before the July 15th attack on Twitter that let hackers compromise some of the social network’s most high-profile accounts to tweet Bitcoin scams, Twitter contractors apparently were able to use Twitter’s internal tools to spy on some celebrities, including Beyoncé, chronicling longtime security concerns at the company.

The tools in question typically allow certain Twitter staffers to do things like reset accounts or respond to content violations, but they could apparently also be used to spy on or hack an account.

Source: Years before big hack, Twitter contractors reportedly spied on celebs, including Beyoncé – The Verge

The Twitter hack shows a major cybersecurity vulnerability: employees

Attackers keep finding ways to leverage human weakness to get around security measures.

On Wednesday, Twitter fell victim to hackers who used a “coordinated social engineering attack” to compromise some of Twitter’s highest-profile accounts—including those belonging to Barack Obama, Elon Musk, Bill Gates, and Kanye West—to launch a crypto scam targeting those users’ followers.

While cybersecurity advances have hardened IT infrastructure and made it increasingly difficult to hack systems remotely, criminals have a logical way around these measures: targeting the employees who are already inside the systems.

Source: The Twitter hack shows a major cybersecurity vulnerability: employees.

Germany proposes first-ever use of EU cyber sanctions over Russia hacking

Berlin has officially called for the use of a new EU sanctions framework to target Russian individuals following the 2015 hack attack against the German parliament’s IT system, an inquiry has revealed.

If agreed, the plan, which was recommended by Berlin last month, would be the first use of an EU cyber sanctions regime adopted in 2017.

Source: Germany proposes first-ever use of EU cyber sanctions over Russia hacking | News | DW | 12.07.2020

Hackers are hiding virtual credit card skimmers in image file metadata

Hackers put Magecart JavaScript code into the EXIF metadata of image files, which is then loaded and executed by compromised stores.

Hiding malicious code inside of images is nothing new, but it’s the first time security researchers have seen them used to obscure credit card skimmers.

Source: Hackers are hiding virtual credit card skimmers in image file metadata | Engadget

1 2 3 24
>