Cybersecurity

Security Expert Reveals MacOS Malware Capable of Synthetic Mouse Clicks

Security Expert Reveals MacOS Malware Capable of Synthetic Mouse Clicks

Patrick Wardle of Digita Security revealed at the recently-held DefCon in Las Vegas a malware that can perform synthetic clicks on MacOS, which can allow attackers to bypass permission prompts and compromise the user’s system. Wardle said that such a malware, which synthetically interacts with the user interface, can be used to bypass layers of security so the attacker can access the user’s location, steal their contacts or even take over the computer’s kernel core system to fully control the computer. Wardle added that he came across the “synthetic clicks“ bypass technique by incorrectly pasting code.   Source: Wired

11-Year Old Gives Hacking Demonstration of US Voting System  

11-Year Old Gives Hacking Demonstration of US Voting System  

In a recent hacking competition sponsored by non-profit R00tz Asylum, 11 year old Bianca Lewis showed how easy it was for hackers to compromise the infrastructure of the US voting system. The contest was part of the recently held Def Con conference in Las Vegas which was attended by more than 300 young hackers. By attacking a replica website, Lewis showed that it was possible to change the number of votes or even delete candidates off the system. It was noted that Congress last month rejected an amendment that would have allotted $380m for boosting electoral security for 2019. Source: […]

All-in-one Printers, Fax Machines Can be Used to Hack Company Networks, Researchers Warn

All-in-one Printers, Fax Machines Can be Used to Hack Company Networks, Researchers Warn

Check Point Software researchers warned this week that hackers can now take over company networks by exploiting a bug in fax machines and all-in-one printers. The researchers said that it is possible to steal company secrets just by faxing over lines of malicious code disguised as an image file. The file is then decoded and stored in the fax’s memory which the attacker can use to take over the machine. While HP said that they had already addressed the vulnerability, the researchers added that the new attack vector can still be used on faxes from other brands. Source: CNBC

Platform for Selling of Exploits, Zero-Day Vulnerabilities Launched

Platform for Selling of Exploits, Zero-Day Vulnerabilities Launched

Dubai-based exploit buyer Crowdfense announced this week the launch of its platform where researchers can sell zero-day security flaws and exploit chains. Scheduled to be opened on September 3, the company’s Vulnerability Research Platform will serve as a venue for the submission, discussion, and sales of vulnerabilities. The platform will also offer step-by-step guides, technical evaluations, pricing and follow-up communication channels. The company’s bug bounty program, which was launched earlier this year, offers researchers rewards from $500,000 up to $3 million for zero-day bugs and partial exploit chains. Source: ZDNet

Cortana Exploit Used to Bypass Windows 10 Security

Cortana Exploit Used to Bypass Windows 10 Security

Kzen Networks security researchers Amichai Shulman and Tal Be’ery, with Israel Institute of Technology’s Ron Marcovich and Yuval Ron, revealed this week a vulnerability in Microsoft’s Cortana which can allow attackers to bypass the security of a locked Windows 10 computer. The bug, CVE-2018-8140, allows attackers to use a limited range of vocal commands to Cortana even when the keyboard is locked. However, activating the voice assistant unlocks the keyboard, allowing the attacker to launch local commands without the need for authentication or user validation.   The researchers said that using this method, it was possible to retrieve data from […]

North Korean Hackers Reuse Old Code in New Attacks

North Korean Hackers Reuse Old Code in New Attacks

McAfee and Intezer revealed this week that North Korean hackers may be re-using old malware and computer infrastructure which leave evidence that could be used to trace incidents back to them. McAfee senior principal engineer Christiaan Beek said that while the hackers do improve as time goes, the code that they use show a lot of overlap with other campaigns such as elements of the malware used in WannaCry. Intezer’s Jay Rosenberg says that the state-sponsored hacking groups’ reasons for re-using the code are likely the same as any other developer, which is to save time and resources to ensure […]

Complaints Filed Against German Police for Use of State-Sponsored Malware

Complaints Filed Against German Police for Use of State-Sponsored Malware

German authorities are likely to receive a number of complaints from civil rights activists and lawmakers for its use of state-sponsored malware in its investigations. It was pointed out that the complaints are being filed only now because of the one year deadline for making objections to the Constitutional Court, and the law that allows authorities to use hacking came into effect in August 24 of last year. The complainants are arguing that the authorities use of malware has an indirect detrimental effect on IT security as a whole, and creates a strong incentive for state actors in Germany not […]

US Military Banned from Using GPS-Equipped Devices, Fitness Trackers

US Military Banned from Using GPS-Equipped Devices, Fitness Trackers

The US Department of Defense instructed the military this week to stop using devices and applications equipped with global positioning system (GPS) as the technology can be used by the enemy to gain information on the military’s activities.    It is said that the incident involving fitness app Strava likely triggered the move as firm’s “Global Heat Map,” previously exposed the location and movement of active soldiers in countries including Iraq and Syria. However, it was pointed out that implementing the new policy could be a challenge as so many apps now use GPS, with some in subtle ways which […]

New WiFi Attack Capable of Cracking WPA2 Protocol

New WiFi Attack Capable of Cracking WPA2 Protocol

Security researcher Jens “Atom” Steube shared this week a new method of compromising passwords on WPA/WPA2-secured routers that have Pairwise Master Key Identifiers (PMKID) features enabled. The developer of the Hashcat password cracking tool said that he discovered the attack while exploring ways to compromise the new WPA3 security protocol which was announced just last January. Unlike WP3, WP2 does not feature individualized data encryption to scramble connections, or new protections against brute-force attempts to crack passwords. Steube says the new attack method is clientless and requires no involvement from users. Information, which is translated in regular hex encoded strings, […]

Accenture: Iran a Growing Cybersecurity Threat

Accenture: Iran a Growing Cybersecurity Threat

Accenture revealed in its Cyber Threatscape Report 2018 that Iran has become an emerging player in the cyberattack space, using mobile malware as its “weapon of choice”. Accenture says that while Iranian threat actors prefer to target unofficial app stores that do not employ verification processes, some do still try to get into Google Play to implant malicious code into legitimate apps. The consulting firm also warned against an Iranian group called Pipefish that is now able to use a cache of exploits to execute commands remotely on their victim’s systems. Pipefish is said to be active across the Middle […]