Security

Hackers last Friday disrupted internet access in Russia and Iran with an attack that left a digital message: an image of the US flag accompanied by the words, "Don't mess with our elections."

The messages were written on Cisco network switches, which came under assault from a mysterious hacking group calling itself "JHT."

In an email, the group told Motherboard: "We were tired of attacks from government-backed hackers on the United States and other countries."

The safeguards that election officials say protect voting machines from being hacked are not as effective as advertised, a leading election security expert says.

U.S. elections, including national ones, are run by state and local offices. While that decentralization could serve an argument that elections are difficult to hack, University of Michigan Professor J. Alex Halderman says that it’s more like a double-edged sword.

The message “Don’t mess with our elections” followed by a U.S. flag appeared on Iranian and Russian screens after a hacker group exploited Cisco Smart Install Client on vulnerable machines. The hackers claim to have targeted only the computer infrastructure in Iran and Russia during the attack on Friday night.

Reuters reported that Iran’s Communication and Information Technology Ministry said, “The attack apparently affected 200,000 router switches across the world in a widespread attack, including 3,500 switches in our country.”

The death of network neutrality and the loosening of regulations on how Internet providers handle customers' network traffic have raised many concerns over privacy. Internet providers (and others watching traffic as it passes over the Internet) have long had a tool that allows them to monitor individuals' Internet habits with ease: their Domain Name System (DNS) servers. And if they haven't been cashing in on that data already (or using it to change how you see the Internet), they likely soon will.

China's VPN ban came into effect on March 31, 2018, but virtual private network providers are still claiming their users have access to their services in the country.

China cracked down on the use of "unauthorised" VPNs throughout the course of 2017 with a campaign to take down and control censorship-thwarting software that attempts to break the country's surveillance and blocking lists.

Over a period of two years, the government of Western Australia spent AU$73.5 million ($56.4 million) to build Yagan Square. Acting as the city centre of Perth, the Square was opened last month.

And on Thursday night, hackers took over Yagan Square's two electronic billboards to display porn site Pornhub onto them.

Pictures of the high-tech prank were shared on Twitter by evening commuters. The two electronic signs were quickly disabled.

This week, two separate security alerts have revealed major holes in devices from Moxa, an industrial automation networking company. In one case, attackers could potentially send commands to a device's operating system by using them as a username in a login attempt. In another, the private key for a Web server used to manage network devices could be retrieved through an HTTP GET request.

Security research often starts as a hobby project, and Alfonso Muñoz’s and Jorge Cuadrado’s probe into mobile privacy is no exception.

The duo, who’s scheduled to reveal the results of their research at the Hack in the Box Conference in Amsterdam next week, ended up finding a way to establishing covert communication channels over GSM by abusing GSM AT commands.

An Android app dubbed WhatsApp Plus has been unmasked as a variant of Android/PUP.Riskware.Wtaspin.GB, which steals information, photos, phone numbers and so on from a mobile phone.

Fake WhatsApp riskware, usually found in third-party app stores, dates back to mid-2017. However, the newest version is notable in that its pathology indicates a copycat phenomenon occurring among malware developers.

Researchers from Proofpoint last week revealed a new exploit builder kit that has been used by the sophisticated Cobalt Gang cybercriminal group, as well as other attackers who have used it to spread malware including banking trojans and remote access trojans.