Latest News

2020/02/27

New Wi-Fi Encryption Vulnerability Affects Over A Billion Devices

Cybersecurity researchers today uncovered a new high-severity hardware vulnerability residing in the widely-used Wi-Fi chips manufactured by Broadcom and Cypress—apparently powering over a billion devices, including smartphones, tablets, laptops, routers, and IoT gadgets.
Dubbed 'Kr00k' and tracked as CVE-2019-15126, the flaw could let nearby remote attackers intercept and decrypt some wireless network packets transmitted over-the-air by a vulnerable device.
The attacker does not need to be connected to the victim's wireless network and the flaw works against vulnerable devices using WPA2-Personal or WPA2-Enterprise protocols, with AES-CCMP encryption, to protect their network traffic
2020/02/25

Apple Takes Heat Over ‘Vulnerable’ iOS Cut-and-Paste Data

Any cut-and-paste data temporarily stored to an iPhone or iPad’s memory can be accessed by all apps installed on the specific device – even malicious ones. That data can then reveal private information such as a user’s GPS coordinates, passwords, banking data or a spreadsheet copied into an email.

Shedding light onto the potential harm of this scenario is German software engineer, Tommy Mysk, who is trying to raise awareness around what he believes is an Apple vulnerability. To illustrate his concerns, Mysk created a rogue proof-of-concept (PoC) app called KlipboardSpy and an iOS widget named KlipSpyWidget.
2020/02/11

Emotet Now Hacks Nearby Wi-Fi Networks to Spread Like a Worm

A newly uncovered Emotet malware sample has the ability to spread to insecure Wi-Fi networks that are located nearby to an infected device.

If the malware can spread to these nearby Wi-Fi networks, it then attempts to infect devices connected to them — a tactic that can rapidly escalate Emotet’s spread, said researchers. The new development is particularly dangerous for the already-prevalent Emotet malware, which since its return in September has taken on new evasion and social engineering tactics to steal credentials and spread trojans to victims (like the United Nations) .
2020/02/05

TrickBot Switches to a New Windows 10 UAC Bypass to Evade Detection

The TrickBot trojan has evolved again to bolster its ability to elude detection, this time adding a feature that can bypass Windows 10 User Account Control (UAC) to deliver malware across multiple workstations and endpoints on a network, researchers have discovered.

Researchers at Morphisec Labs team said they discovered code last March that uses the Windows 10 WSReset UAC Bypass to circumvent user account control and deliver malware in recent samples of TrickBot, according to a report released last week. UAC is a Windows security feature designed to prevent changes to an operating system by unauthorized users, application or malware.
2020/01/30

Critical Flaws in Magento e-Commerce Platform Allow Code-Execution

Critical vulnerabilities in Adobe’s Magento e-commerce platform – a favorite target of the Magecart cybergang – could lead to arbitrary code execution.

Adobe issued patches on Tuesday as part of its overall release of the Magento 2.3.4 upgrade, giving the fixes a “priority 2” rating. In Adobe parlance, priority 2 means that administrators should apply the updates within 30 days.

Out of the flaws, Adobe has fixed three that it rates as critical in severity, meaning that successful exploits could “allow malicious native code to execute, potentially without a user being aware.”