Search Results for “Forbes”


April 16, 2020
Thomas Brewster / Forbes

Thomas Brewster / Forbes  
Syrian Surveillance Campaign Uses Coronavirus to Lure Targets Into Downloading Malware-Delivering Apps

A long-running surveillance campaign tied to Syrian nation-state actors recently started using the novel coronavirus as its newest lure to entice its targets to download malware-laden Android apps, researchers at Lookout Security report. The campaign, which first started in January 2018, targets Arabic-speaking users, likely in Syria and the surrounding region. Lookout found 71 malicious Android applications, none of which appeared on Google’s app store, that were connected to the same command-and-control (C2) server, which is located in a block of addresses held by Tarassul Internet Service Provider, an ISP owned by the Syrian Telecommunications Establishment (STE). The COVID-19 associated app code contained “unintentional traces” of a persona dubbed Allosh, who was associated with a previous hacking campaign carried out by the Syrian actors. The apps should not pose much of a threat to users outside Syria.

March 21, 2020
Thomas Brewster / Forbes

Thomas Brewster / Forbes  
New COVID-19 Scam Emerges With Malicious Android App That Promises Safety Face Mask, Propagates Itself to Victims’ Contact List

Yet another Covid-19 Scam has emerged, this time with an Android app that promises to help users buy a safety mask but instead scans all contacts and then forwards text messages to them, trying to convince them to download the app too, according to Zscaler researcher Shivang Desai, who discovered the app. The malicious app starts with a text message saying, “Get safety from coronavirus by using Face mask, click on this link download the app and order your own face mask – hxxp://coronasafetymask.tk.” It then directs the victim to a portal for downloading the app, which not only spreads the worm but will also rack up carrier charges for the texts it sends. The more contacts a user has, the higher the potential bill, especially if the contacts friends live abroad.

May 1, 2020
Thomas Brewster / Forbes

Thomas Brewster / Forbes  
Xiaomi Mobile Phones Have Been Recording Massive Amounts of Device Activities Including Browsing Queries, Researchers

Chinese mobile phone giant Xiaomi has been recording massive amounts of activities on the devices, including browsing queries in Xiaomi’s default browser. Security researcher Gabi Cirlig discovered that the data from Xiaomi’s mobile devices were sent to remote servers hosted by another Chinese tech giant, Alibaba, which were ostensibly rented by Xiaomi. Another security researcher, Andrew Tierney, investigated further and found browsers shipped by Xiaomi on Google Play, Mi Browser Pro, and the Mint Browser, were collecting the same data. Those browsers have a combined 15 million downloads, according to Google Play statistics. Xiaomi denied the research findings and said: “privacy and security is of top concern.”

Related: Gizchina.com, xda-developers, Digit, BusinessLine – Home, Slashdot, TechSpot, fossBytes, WCCFtech, Android Central, BGR, The Next Web, channelnews, xda-developers, Android Police, BGR, TechWorm, BleepingComputer.com

Tweets:@cybergibbons

Gizchina.com: Xiaomi mobiles accused of collecting more data than they should
xda-developers: Researchers accuse Xiaomi web browsers of collecting browsing data – even in Incognito mode
Digit: Xiaomi smartphones are tracking private web and phone usage of millions of users: Report
BusinessLine – Home: Xiaomi allegedly records user activities, sends the data to remote servers: Report
Slashdot: Xiaomi Found Recording ‘Private’ Web and Phone Use, Researchers Claim
TechSpot: Xiaomi accused of recording users’ incognito web browsing
fossBytes: Xiaomi Devices Found Tracking And Recording Browsing Data Of Millions
WCCFtech: Xiaomi is Caught Recording User’s Private Data and Phone Usage
Android Central : Xiaomi accused of sneakily collecting vast amounts of private data
BGR : Xiaomi accused of sending ‘private’ web and phone data to China
The Next Web: Xiaomi is collecting browser data even in incognito mode, researchers say
channelnews: Chines Phone Brand Collecting “Insane Amount” Of Private Data
xda-developers: Xiaomi.EU releases MIUI 12 builds for 20+ Xiaomi Mi and Redmi devices
Android Police : Xiaomi’s Mint Browser records web searches and other data, even in Incognito Mode
BGR : Xiaomi denies linking user data to personally identifiable information
TechWorm: Xiaomi Refutes Claims Of Secretly Sending Its User Data To China
BleepingComputer.com: Xiaomi tracks private browser and phone usage, defends behavior

@cybergibbons: Want to see the @Xiaomi @XiaomiIndia @manukumarjain privacy issue in under 4 minutes? This demo should illustrate the problem. It's undeniable. This is detailed browsing history, tied to me, sent from Incognito mode. What's your take?


April 3, 2020
Davey Winder / Forbes

Davey Winder / Forbes  
Ethical Hacker Receives $75,000 Bug Bounty Payment From Apple for Finding Seven Zero-Day Flaws in Safari That Allowed iPhone Camera Hijacking

Ethical hacker, Ryan Pickren, founder of proof of concept sharing platform BugPoC, found seven zero-day vulnerabilities in Apple Safari that enabled him to construct an attack chain, using just three of them, to hijack the iPhone camera successfully. Pickren found a total of seven zero-day vulnerabilities in Safari (CVE-2020-3852, CVE-2020-3864, CVE-2020-3865, CVE-2020-3885, CVE-2020-3887, CVE-2020-9784, & CVE-2020-9787) of which three could be used in the camera hacking kill chain. Pickren earned a $75,000 bounty payment from Apple for his efforts.

Related: MacRumors, Cyber Kendra, iPhone Hacks, Patently Apple, AppleInsider, Cult of Mac, iMore, The Hacker News, Ryan Pickren, 9to5Mac

Tweets:@lukOlejnik @TheHackersNews


April 25, 2020
Thomas Brewster / Forbes

Thomas Brewster / Forbes  
Facebook Lawyers Present Evidence in Lawsuit That Spyware Maker NSO Group Exploited U.S. Servers to Hack WhatsApp

In its lawsuit against Israeli spyware purveyor NSO Group, Facebook accuses the maker of the Pegasus surveillance malware of hacking WhatsApp servers and customers in the United States and laid out how the Israeli business had availed itself of American tech to launch the attacks. In its response to the NSO Group’s petition to dismiss Facebook’s lawsuit because NSO doesn’t operate in the United States, Facebook’s lawyers included two IP addresses, and a handful of websites it claims were used by NSO Group to attack WhatsApp users in spring 2019. Amazon Web Services in the U.S. hosted one, the others by Californian company QuadraNet and a German provider.

May 12, 2020
Ravie Lakshmanan / The Hacker News

Ravie Lakshmanan / The Hacker News  
More Than 4,000 Android Apps That Use Google’s Firebase Are Leaking Sensitive User Data From Inadequately Secured Databases

More than 4,000 Android apps that use Google’s mobile application cloud-hosted development platform Firebase are leaking from their databases sensitive information on their users, Bob Diachenko from Security Discovery in partnership with Comparitech discovered.  Among the data leaked are users’ email addresses, usernames, passwords, phone numbers, full names, chat messages, and location data. The team analyzed 15,735 Android apps, which comprised about 18 percent of all apps on Google Play store and discovered that 4.8% are not adequately secured. After Google was notified of the findings on April 22, the search giant said it’s reaching out to affected developers to patch the issues.

Related: TechNadu, Reddit-hacking, Reddit – cybersecurity, Techradar, Comparitech, Forbes

Tweets:@happygeek


April 7, 2020
Shaun Nichols / The Register

Shaun Nichols / The Register  
Chinese State Hacking Crews That Target Mostly Linux Servers Stayed Undetected for More Than a Decade

A collection of five small crews of hackers thought to be state-sponsored operating as an offshoot of China’s Winnti group managed to stay undetected for more than a decade by going open source, according to a report by Blackberry Cylance. The group assembled in the wake of Winnti and exploited Linux servers, plus the occasional Windows Server box and mobile device, for years. The researchers believe the hackers use three different backdoors, two rootkits, and two other build tools that can be used to construct additional rootkits on a per-target basis for open-source servers.

Related: LinuxSecurity – Security Articles, Verdict, BetaNews, Forbes, Cylance, MobileSyrup.com, ZDNet


May 14, 2020
Sean Lyngaas / Cyberscoop

Sean Lyngaas / Cyberscoop  
UK Electricity Load Balancing Company Elexon Said Cyberattack Hit Internal Computers Cutting Off Employee Email Access

UK electricity load balancing company Elexon said that a cyberattack had hit its internal computers, cutting off email access for employees. The attack hit Elexon’s corporate IT network and didn’t hit the industrial control part of its infrastructure. The electricity supply was not affected, and the company said it had identified the root cause of the attack and is taking steps to restore affected internal systems.

Related: Elexon, ZDNet Security, The State of Security, Forbes, IT Pro, CyberSecurity Help s.r.o., Verdict, TechNadu, CISO MAG, SecurityWeek, The Guardian

Tweets:@emilygosden @ELEXONUK @ELEXONUK @shah_sheikh @markaorlando @ng_eso

Elexon: BSC Bulletin 336 – ELEXON’s internal IT systems have been impacted by a cyber attack
ZDNet Security: UK electricity middleman hit by cyber-attack
The State of Security: UK Power Grid Network Middleman Struck by Digital Attack
Forbes : Cyber Attack On U.K. Electricity Market Confirmed: National Grid Investigates – Forbes
IT Pro: Key UK energy company hit by cyber attack | IT PRO
CyberSecurity Help s.r.o.: UK key energy market player Elexon hit by cyber attack
Verdict: Elexon cyberattack: No blackout but supply chain vulnerability exposed
TechNadu: “ELEXON” Announced Security Incident but Crucial Services Remain Up
CISO MAG: UK’s Electricity Body Elexon Suffers Cyberattack
SecurityWeek: UK Electricity Market Administrator Elexon Targeted by Hackers
The Guardian: Lights stay on despite cyber-attack on UK’s electricity system 

@emilygosden: Yikes. National Grid's control room business @ng_eso, which is responsible for keeping the lights on, tells me it's investigating "any potential impact on our own IT networks" after this cyber-attack on Elexon, which ESO technically owns and works with closely...
@ELEXONUK: Our internal IT systems have been impacted by a cyber-attack. BSC Central Systems and EMR are currently unaffected. Please note that we are currently unable to send or receive any emails. See more information here: https://bit.ly/2WTP22C. Apologies for any inconvenience.
@ELEXONUK: Update on our internal IT issues: We have identified the root cause of a cyber attack and are working to resolve the issue. BSC Systems (and their data) and EMR are currently unaffected and working as normal. Please see this notice for more information: https://bit.ly/2LuXHmF
@shah_sheikh: Cyberattack hits internal IT systems of key player in British power market: Elexon, a company that facilitates transactions on the British electricity market, said Thursday that a cyberattack had hit its internal computers, cutting off email access for… https://cyberscoop.com/elexon-cyberattack-uk-electricity-market/?utm_source=dlvr.it&utm_medium=twitter
@markaorlando: Cyberattack hits British electricity intermediary Elexon: “While the cyberdefense of utilities that deliver electricity often get public attention, the attack on Elexon is an example of how lesser-known players in the power market also face threats.”
@ng_eso: We’re aware of a cyber attack on ELEXON’s internal IT systems. We’re investigating any potential impact on our own IT networks. Electricity supply is not affected. We have robust cybersecurity measures across our IT and operational infrastructure to protect against cyber threats.


April 2, 2020
Romain Dillet / TechCrunch

Romain Dillet / TechCrunch  
Zoom CEO Apologizes for Security and Privacy Glitches, Says Company Will Implement 90-Day Feature Freeze and Work with Third-Party Experts to Produce Transparency Report

Wildly popular videoconferencing app Zoom has been battered with a series of privacy and security controversies since its meteoric rise during the COVID-19 crisis even as the company has quickly signed up 200 million new users. In the wake of these controversies, CEO Eric S. Yuan has written a lengthy blog post to address some of the concerns around Zoom. In particular, Yuan said that Zoom is enacting a 90-day feature freeze during which the company won’t ship any new feature until it is done fixing the current feature set. Zoom will also work with third-party experts and prepare a transparency report. Yuan apologized for the glitches saying that “We did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying, and socializing from home.”

Related: Forbes, CNET, Neowin, BusinessLine – Home, iPhone Hacks, Engadget, The Verge, Business Insider, TechJuice, HOTforSecurity, Computer Business Review, GeekWire, Reuters: Top News, PhoneArena, Android Authority, ZDNet Security, ExtremeTech, MobileSyrup.com, WCCFtech, Trusted Reviews, TechNadu, RTE, E-Commerce Times, GBHackers On Security, 9to5Mac, Digital Trends, Telecomlive.com, Android Central , iMore, Windows Central ,South China Morning Post, Big News Network, Thomas Brewster – Forbes, Android Authority, Graham Cluley, Telecompaper Headlines, MobileSyrup.com, The Financial Express, Security AffairsUbergizmo, ET news, Fast Company, USA Today, SlashGear » security, City A.M. – Technology, The State of Security, TechWorm, The Hill, CBSNews.com, The Next Web, E Hacking News, BBC News, Digital Trends, BetaNews, The Verge, Tom’s Guide News, Zoom

Tweets:@josephfcox @TheHackersNews @runasand @ashk4n

Forbes : Zoom Just Made These Powerful COVID-19 Security And Privacy Moves Following Outcry
CNET: Zoom boss says it’ll freeze feature updates to address security issues
Neowin: Zoom to fix security and privacy issues in 90-day feature freeze
BusinessLine – Home: Zoom announces 90-day freeze on feature updates to focus on privacy and security
iPhone Hacks: Zoom Announces 90 Days Feature Freeze, Will Work on Improving the Security Of Its Platform
Engadget: Zoom vows to win back user trust with extensive security review
The Verge: What Zoom doesn’t understand about the Zoom backlash
Business Insider: Zoom’s CEO apologizes for its many security issues as daily users balloon to 200 million
TechJuice: ‘Zoombombing’ is becoming an issue amid rising popularity due to coronavirus
HOTforSecurity: Zoom-bombing: FBI warns of rise in teleconference hijacking amid stay-at-home order
Computer Business Review: Zoom Security Storm: Company Apologises, Hackers Squabble
GeekWire: Zoom Security Storm: Company Apologises, Hackers Squabble
Reuters: Zoom pulls in more than 200 million daily video users during worldwide lockdowns
PhoneArena: SpaceX employees forbidden from using the Zoom app over privacy concerns
Android Authority: Zoom won’t add new features for 90 days as it tackles privacy, security woes
ZDNet Security: Zoom: We’re freezing all new features to sort out security and privacy
TechCrunch: Zoom freezes feature development to fix security and privacy issues
ExtremeTech: Zoom’s Security and Privacy Practices Kind of Zuck
MobileSyrup.com: Zoom vows to fix issues around privacy and security within 90-days
WCCFtech: Zoom Gets Banned at SpaceX Following Privacy Concerns
Trusted Reviews: Why Zoom is attracting so much criticism right now
RTE: Zoom stops product development to fix security issues
E-Commerce Times: Zoom’s Soaring Popularity Is a Double-Edged Sword
9to5Mac: Zoom penetration tests commissioned to improve ‘trust, safety and privacy’
Digital Trends: SpaceX tells workers to ditch Zoom over ‘significant’ privacy concerns
Android Central : Zoom apologizes over security and privacy issues and freezes new features
iMore: Zoom apologizes over security and privacy issues and freezes new features
Windows Central : Zoom apologizes over security and privacy issues and freezes new features
Channel News Asia: Elon Musk’s SpaceX bans Zoom over privacy concerns
Tech Insider: Elon Musk’s SpaceX bans Zoom over security and privacy concerns
Thomas Brewster – Forbes: Why Zoom Really Needs Better Privacy: $1.3 Million Orders Show The US Government’s COVID-19 Response Is Now Relying On It
Android Authority: Zoom won’t add new features for 90 days as it tackles privacy, security woes
Graham Cluley: Zoom promises to improve its security and privacy as usage (and concern) soars
Telecompaper Headlines: Zoom promises full security review as users pass 200 mln per day
MobileSyrup.com: Zoom vows to fix issues around privacy and security within 90-days
The Financial Express: Has Zoom got it right on security?
Security Affairs: Crooks use tainted Zoom apps to target users at home due to Coronavirus outbreak
Ubergizmo: Zoom Pledges To Spend The Next 90 Days Fixing Its Privacy And Security Issues
ET news: Security snafus exhumed amid Zoom boom
Fast Company: Elon Musk’s SpaceX bans employees from using Zoom over ‘significant privacy and security concerns’
USA Today: Zoom to focus on security, privacy, CEO says, as usage booms during coronavirus crisis
SlashGear » security: Zoom CEO responds: What happens next for hit video calling app
City A.M. – Technology: Zoom vows to fix security issues as it hits 200m daily users
The State of Security: Zoom promises to improve its security and privacy as usage (and concern) soars
TechWorm: Zoom Security Vulnerability Leaks Windows Login Credentials To Hackers
The Hill: Zoom vulnerabilities draw new scrutiny amid coronavirus fallout
CBSNews.com: FBI warns of online attacks on video conference app Zoom
The Next Web: After a litany of security fuck-ups, Zoom promises weekly updates
E Hacking News: Hackers use fake Zoom domains to spread malware
BBC News: Zoom boss apologises for security issues and promises fixes
Digital Trends: Zoom freezes development of new features to fix privacy issues
Trusted Reviews: Why Zoom is attracting so much criticism right now
BetaNews: Zoom issues an apology for privacy and security issues, will enact a feature freeze to focus on fixes
The Verge: Zoom announces 90-day feature freeze to fix privacy and security issues
Tom’s Guide News: Zoom privacy and security issues: Here’s everything that’s wrong (so far)
Zoom: A Message to Our Users

@josephfcox: Zoom announces several changes, such as a "feature freeze" and moving all engineering resources to fixing privacy and security issues; enhancing its bug bounty program https://blog.zoom.us/wordpress/2020/04/01/a-message-to-our-users/
@TheHackersNews: UPDATE: After facing backlash over #privacy & security concerns, #Zoom today issued updates to patch some recently disclosed flaws & also announced to enhance its #bugbounty program and shift all of its engineering resources to resolve further issues. https://thehackernews.com/2020/04/zoom-windows-password.html
@runasand: Letter from @zoom_us CEO @ericsyuan outlines what the company has done and will do moving forward to address issues and concerns, including shifting “engineering resources to focus on our biggest trust, safety, and privacy issues.”
@ashk4n: I have to say the response from @zoom_us to all the privacy, security, and #abusability issues surrounding their platform is very good: CEO acknowledges the specific problems, lays out steps they’re taking to fix them, and clear communicates steps to users


April 11, 2020
Sergiu Gatlan / Bleeping Computer

Sergiu Gatlan / Bleeping Computer  
San Francisco Airport Suffered a Data Beach of Two Websites During March, Attackers May Have Gained Access to Login Credentials

San Francisco International Airport (SFO) disclosed a data breach after two of its websites, SFOConnect.com and SFOConstruction.com, were hacked during March 2020, according to a notice of data breach sent by the airport to employees. The notice said the attackers might have gained access to the login credentials of users registered on the two breached sites. Those affected by the breach include people who accessed these websites from outside the airport network through Internet Explorer on a Windows-based personal device or a device not maintained by SFO. The airport forced a reset of all SFO related email and network passwords on Monday, March 23, 2020.