Malware

05 Dec

SiriusXM Vulnerability Allows Hackers to Unlock and Start Cars Remotely

Attacks, Malware

Curry also discussed another flaw that affects Hyundai and Genesis vehicles manufactured after 2012. The vulnerability could be used to remotely control locks, engines, headlights, and trunks by using the registered email addresses. “By adding a CRLF character at the end of an already existing victim email address during registration, we could create an account that bypassed the JWT and email parameter comparison check,” stated Curry. However, since then, SiriusXM and Hyundai have released patches…

Read More
05 Dec

Antivirus Provider Dr. Web Discovers Numerous Malicious Apps on Google Play Store

Attacks, Malware

Prior to downloading any apps from the Play store, users should read reviews to help verify their legitimacy. It is important to make sure Play Protect is active and being used as well. If users identify any of the apps mentioned above on their devices, they should be deleted immediately. https://www.bleepingcomputer.com/news/security/android-malware-apps-with-2-million-installs-spotted-on-google-play/?&web_view=true

Read More
05 Dec

CISA Adds One Known Exploited Vulnerability to Catalog

Attacks, Insights, Malware

Original release date: December 5, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates. Binding Operational Directive (BOD)…

Read More
05 Dec

FCC’s proposal to strengthen emergency alert security might not go far enough

Data Breaches, Malware, Social Engineering

In October, the US Federal Communications Commission (FCC) launched a notice of proposed rulemaking (NPRM) to strengthen the security of the nation’s emergency alert system (EAS) and wireless emergency alerts (WEA). These systems warn the public about emergencies through alerts on their televisions, radios, and wireless phones via AM, FM, satellite radio, broadcast, cable, and satellite TV. Although EAS Participants are required to broadcast presidential alerts, they voluntarily participate in broadcasting state and local EAS…

Read More
05 Dec

When blaming the user for a security breach is unfair – or just wrong

Data Breaches, Malware, Social Engineering

In his career in IT security leadership, Aaron de Montmorency has seen a lot — an employee phished on their first day by someone impersonating the CEO, an HR department head asked to change the company’s direct deposit information by a bogus CFO, not to mention multichannel criminal engagement with threat actors attacking from social media to email to SMS text. In these cases, the users almost fell for it, but something didn’t feel right.…

Read More
02 Dec

Newly Discovered Lilac Wolverine Associated with Gift Card Scams

Attacks, Malware

Gift card email scams still work as cyber criminals know how to exploit users’ emotions. Therefore, be cautious of such unsolicited emails that carry an emotionally charged plea to help someone who does not exist. Having good email security measures also helps block such emails from reaching inboxes. https://cyware.com/news/newly-discovered-lilac-wolverine-associated-with-gift-card-scams-8827ee76

Read More
02 Dec

Android Malware Used to Steal Facebook Accounts

Attacks, Malware

Vietnam has been the most affected country from these apps, but Android users in any country could have downloaded them. Android apps are constantly being used by threat actors because of the availability of third-party app stores and the lack of strict app guidelines for apps published within those stores. Android users should only download apps through the official Google Play Store and only from trusted developers. https://www.bleepingcomputer.com/news/security/android-malware-infected-300-000-devices-to-steal-facebook-accounts/

Read More
02 Dec

S3 Ep111: The business risk of a sleazy “nudity unfilter” [Audio + Text]

Information, Malware

by Paul Ducklin BUSINESS RISKS FROM AFTER-HOURS MALWARE Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS feed into your favourite podcatcher. READ THE TRANSCRIPT DOUG.  Crackdowns,…

Read More
02 Dec

The CHRISTMA EXEC network worm – 35 years and counting!

Information, Malware

by Paul Ducklin Forget Sergeant Pepper and his Lonely Hearts Club Band, who taught the band to play a mere 20 years ago today. December 2022 sees the 35th anniversary of the first major self-spreading computer virus – the infamous CHRISTMA EXEC worm that temporarily crushed the major mainframe networks of the day… … not by any deliberately coded side-effects such as file scrambling or data deletion, but simply by leeching too much network bandwidth…

Read More
01 Dec

Researchers Disclose Critical RCE Vulnerability Affecting Quarkus Java Framework

Attacks, Malware

It is highly recommended for all users of the Quarkus Java framework to update to versions 2.14.2.Final and 2.13.5.Final (LTS) to fix the exploit as soon as possible. This fix forces the Dev UI to check the origin header of the request and only accept requests where the value is localhost. Since this header is set by the browser and is not modifiable by JavaScript run within the browser, exploitation of this vulnerability cannot be…

Read More