Cybersecurity

Researchers Reveal New Data Exfiltration Attack Using Smart Light Bulbs

Researchers Reveal New Data Exfiltration Attack Using Smart Light Bulbs

Researchers from the University of Texas at San Antonio recently concluded that some smart light bulbs can leak multimedia preferences and may be used to extract data from personal devices. Using LIFX and Philips Hue bulbs in their study, researchers Anindya Maiti and Murtuza Jadliwala said that attackers can exfiltrate data by observing audio-visualizations. However, the technique will only work with bulbs that support infrared lighting, without needing authorization control from the local network. The attacker also needs to plant a malware that will encode private data from the target device and send it to the smart light bulbs. Although […]

Millions of Texas Voter Records Leaked Online

Millions of Texas Voter Records Leaked Online

A New Zealand data breach expert said this week that he had found a single 16 GB file that contained the sensitive information on an estimated 14.8 million Texan voters left exposed online on an unsecured server.   The breach hunter who goes by the name of Flash Gordon, says that the data was likely compiled by Data Trust, an analytics firm created by the GOP to provide their campaigns with voter data. While UpGuard’s Chris Vickery says that most of the data is public, Data Trust would have used it for political purposes. The information could have been supplemented […]

Google Removes Iran-linked Blogs, YouTube Accounts

Google Removes Iran-linked Blogs, YouTube Accounts

Google revealed this week that it had removed 39 YouTube channels and 6 Blogger accounts with links to state-run Islamic Republic of Iran Broadcasting. In line with similar efforts by Facebook and Twitter, Google said that it is working with cybersecurity firm FireEye Inc. to identify accounts aligned with Iran’s propaganda operations targeting audiences in the US, UK, Middle East and Latin America. FireEye shares went up to 10% this week at $16.38 after after Google and Facebook named the company as its cybersecurity consultant.   Source: Reuters

Beijing Angered Over Australia’s Ban on Huawei from Mobile Network Project

Beijing Angered Over Australia’s Ban on Huawei from Mobile Network Project

China had reportedly taken offense over Australia’s banning of Huawei from supplying equipment for a 5G network project. The move was dismissed by Beijing as an excuse to put the Chinese telecoms giant at a disadvantage. Australia meanwhile said that following the advice of security experts, it is choosing not to work with the company due to possible risks of foreign interference. Huawei was already previously banned by Australia from working on a Pacific undersea fiber-optic network project, further increasing tensions between the two countries.   Source: Reuters

Russia to Stop Buying Certain US Electronics Despite Sanctions

Russia to Stop Buying Certain US Electronics Despite Sanctions

Russian lawmaker Alexei Kondratiev said this week that the country will cease to purchase certain electronic goods and components from the US, despite the new sanctions announced by the State Department last August 8. The deputy head of the defense and security commission in Russia’s upper house of parliament added that other countries such as China are likely to have analogous models of what Russia purchases from the United States, and since the arms market is built in universal exchange, the Russian government will just find another way. Source: Reuters

Facebook Removes Over 600 Russian and Iranian Pages

Facebook Removes Over 600 Russian and Iranian Pages

Facebook revealed this week that it has removed a total of 652 pages with content originating from Russia and Iran for “coordinated inauthentic behavior”, targeted users in the Middle East, Latin America, the UK and the US. The social network said that cybersecurity firm FireEye alerted it about a network of pages and accounts called Liberty Front Press which they found to be connected to Iranian State Media. The pages had apparently created networks of accounts meant to mislead others about their identity and activity. However, Facebook says it has failed to identify a link or coordinated efforts between the […]

Microsoft Stops Russian Hacking Attempts on Conservative Sites

Microsoft Stops Russian Hacking Attempts on Conservative Sites

Microsoft revealed last Monday that its Digital Crimes Unit was able to stop Russian hackers from stealing user data from the websites of several conservative groups. The DCU was able to stop a hacking group called Fancy Bear or APT28 from taking control of six domains that promote democracy and advocate for cybersecurity. Also called Strontium, the hackers are known to have ties to the Russian government. Microsoft said that the groups could pose a security threat to the upcoming 2018 elections. However, the company clarified that they have no evidence the domains had been used in any successful attacks […]

New Study Shows Drop in Third-Party Cookies on EU News Sites

New Study Shows Drop in Third-Party Cookies on EU News Sites

A new study by the Reuters Institute at the University of Oxford showed a 22% drop in the usage of third-party cookies across EU news sites after the introduction of the GDPR. Including 200 news sites from seven countries —Finland, France, Germany, Italy, Poland, Spain, and the UK, the researchers found that news sites in the UK now use 45% less tracking cookies than before the GDPR launch. Meanwhile, German news sites saw the smallest change, with 6% fewer cookies in July. Despite this, the study also found a positive change in Poland, with the number of cookies increasing by […]

HackNotice Service Provides Alerts for Website Intrusions, Data Leaks

HackNotice Service Provides Alerts for Website Intrusions, Data Leaks

Data breach expert Steve Thomas recently announced a new service that he created called HackNotice which alerts users if their information has been leaked through data breaches. Thomas, a security veteran who has worked on the PwnedList site and SecurityScorecard, developed the service with fellow security professionals Shu Chow and Mathias Bustamante. Users can sign up for free at HackNotice.com where they can make a watchlist for email addresses and websites that they want to monitor. A Chrome extension which notified the user if the site they are visiting has been hacked is now also available for download. Source: Bleeping […]

Apple Removes 25,000 Apps from China App Store

Apple Removes 25,000 Apps from China App Store

Apple had reportedly deleted around 25,000 apps from its App Store in China, which amounts to 1.4% of the total number of apps on the platform. According to state broadcaster CCTV, the aps that had been deleted had been caught selling lottery tickets and were offering gambling services which were considered illegal. In addition to this, the Global Times also reported that Apple had removed 2000 other gambling-related apps and 500 more associated with the keyword “lottery”.   Source: CNBC