For nearly a month, an unknown party has been leaking key tools used by the hacker group APT34, or OilRig, onto the internet, along with the personal information of some of the group’s top management. Is it a “disgruntled insider,” or is this another Shadow Brokers-type attack, like the US National Security Agency experienced in 2016?
More than 2 million passwords for Wi-Fi hotspots were leaked online by the Android app developer behind the mobile application called WiFi Finder. The passwords were part of an insecure database found by researchers at GDI Foundation.
A recent cyberattack campaign employed a weaponized version of TeamViewer and malware disguised as a top secret US government document to target officials in several embassies in Europe.
On April 17, the French government introduced an Android application meant to be used by government employees as an internal secure channel for communications. Called Tchap, it was touted as a replacement for WhatsApp and Telegram, providing (in theory) both group and private messaging channels to which only people with government email addresses could join.
Electronic Arts’ PC gaming platform, Origin has been found to have a security vulnerability that allows hackers to trick users of the service into opening and running malicious software on their system.
EA’s answer to the popular Steam and Epic storefronts is used to launch the publisher’s own gaming titles such as Apex Legends and Anthem, but researchers from Underdog Security found a loophole in the Windows version of the client – installed by tens of millions of gamers.
Stealthy and well-heeled hacking group went undetected for five years and wields a massive attack framework of some 80 different modules.
It's an expansive cyber espionage operation that canvasses a victim's network with backdoors, loaders, keyloggers, screen and webcam grabbers, and audio recorders, and it even siphons data from printer queues, burned CDs, and Apple iOS smartphone backups.
A new ransomware family called NamPoHyu Virus or MegaLocker Virus is targeting victims a bit differently than other ransomware. Instead of an executable running on a victim's computer, the attacker is running the ransomware locally and having it remotely encrypt accessible Samba servers.
Ransomware infections are typically installed on the computer that will be encrypted, whether that be through other malware, malicious email attachments, or by the attackers hacking a computer or network.
The outages hit in the summer of 1991. Over several days, phone lines in major metropolises went dead without warning, disrupting emergency services and even air traffic control, often for hours. Phones went down one day in Los Angeles, then on another day in Washington, DC and Baltimore, and then in Pittsburgh. Even after service was restored to an area, there was no guarantee the lines would not fail again—and sometimes they did. The outages left millions of Americans disconnected.
The vast majority of people out there don't know much about network security, if at all, but thankfully there are talented groups and individuals out there who are on constant lookout for flaws and vulnerabilities. Each security protocol we've seen has had some kind of issue (sometimes crippling), but the still-young Wi-Fi Protected Access protocol version 3, aka WPA3, remains vulnerable to attack, thanks to some pretty serious design flaws.
After discovering a collection of possible sandbox escape vulnerabilities in Chrome, it seemed worthwhile to exploit one of these issues as a full-chain exploit together with a renderer vulnerability to get a better understanding of the mechanics required for a modern Chrome exploit. Considering the available bugs, the most likely appeared to be issue 1755, a use-after-free with parallels to classic Javascript engine callback bugs.
