cybercrime/malcode – Page 21 – Lifeboat News: The Blog

Millions of Connected Cameras Open to Eavesdropping

Posted by Genevieve Klien in cybercrime/malcode, habitats, robotics/AI | Leave a Comment on Millions of Connected Cameras Open to Eavesdropping

06.16.
2021

A supply-chain component lays open camera feeds to remote attackers thanks to a critical security vulnerability.

Millions of connected security and home cameras contain a critical software vulnerability that can allow remote attackers to tap into video feeds, according to a warning from the Cybersecurity and Infrastructure Security Agency (CISA).

The bug (CVE-2021–32934, with a CVSS v3 base score of 9.1) has been introduced via a supply-chain component from ThroughTek that’s used by several original equipment manufacturers (OEMs) of security cameras – along with makers of IoT devices like baby-and pet-monitoring cameras, and robotic and battery devices.

Read more | >

Facebook awards $30,000 bounty for exploit exposing private Instagram content

Posted by Genevieve Klien in cybercrime/malcode | Leave a Comment on Facebook awards $30,000 bounty for exploit exposing private Instagram content

06.16.
2021

According to a Medium blog post penned by bug bounty hunter Mayur Fartade on Tuesday, a set of vulnerable endpoints in the Instagram app could have allowed attackers to view private media on the platform without following a target account.

This included private and archived posts, stories, and reels.

If an attacker obtains a target user’s Media ID, via brute-force or through other means, they could then send a POST request to Instagram’s GraphQL endpoint, which exposed display URLs and image URLs, alongside records including like and save counts.

Read more | >

Amazon Sidewalk could raise your Wifi bill cybersecurity, expert says

Posted by Genevieve Klien in cybercrime/malcode, habitats, internet | Leave a Comment on Amazon Sidewalk could raise your Wifi bill cybersecurity, expert says

06.14.
2021

LYNCHBURG, Va (WSET) — Strangers may soon be able to use your Wi-Fi — It’s all through Amazon Sidewalk.

It’s an internet-sharing network for Amazon Echo, Ring and Tile devices. Officials say it’s a way to use WiFi from neighboring homes that also have Amazon products.

Randy Marchany a cybersecurity expert with Virginia Tech feels this is another way to collect information. He says it’s specifically picking up on user habits and whereabouts.

Read more | >

Google Issues Warning For 2 Billion Chrome Users

Posted by Quinn Sena in cybercrime/malcode, futurism | Leave a Comment on Google Issues Warning For 2 Billion Chrome Users

06.13.
2021

This is the sixth zero day vulnerability to be found in Chrome since the turn of the year and the latest version of Chrome also contains a total of 10 security patches, seven of which are listed as ‘High’ threat with another described as ‘Critical’. To its credit, Google has been consistently quick to release fixes for these flaws with the current fix taking under a week.

If you have been holding off updating your browser, now is the time to put that right. Speaking to BleepingComputer, cyber security vendor Kaspersky warned that a new group of hackers calling themselves ‘PuzzleMaker’ have been successful in hacking both Chrome and Windows this month with Microsoft also issuing an urgent upgrade warning to Windows users.

Kaspersky advises that further undisclosed zero-day hacks in the near future could not be ruled out, so stay alert and make sure both your browser and operating system security are kept up to date.

Read more | >

Microsoft Confirms Serious Windows 10 Update Warning

Posted by Genevieve Klien in cybercrime/malcode | Leave a Comment on Microsoft Confirms Serious Windows 10 Update Warning

06.13.
2021

“This can be hugely damaging in the event of ransomware attacks, where high privileges can enable the attackers to stop or destroy backups and other security tools,” Breen explained. “The ‘exploit detected’ tag means attackers are actively using them, so for me, it’s the most important piece of information we need to prioritize the patches.”

If you need any further incentive to update, these seven zero day exploits are part of 50 security vulnerabilities (including another five labelled ‘Critical’) which June’s Patch Tuesday will address. Google has also issued a similar warning for Chrome users.

If you are blocking Windows 10 system updates (a popular pastime for many users), now would be a very good time to stop doing so. Go to Start Settings Update & Security and in the Windows Update Window look to see if the update has already been downloaded. If not, click Check for Updates.

Read more | >

Cyber, Emerging Tech, Risk: Recent Writings & Media

Posted by Chuck Brooks in cybercrime/malcode | Leave a Comment on Cyber, Emerging Tech, Risk: Recent Writings & Media

06.12.
2021

Dear friends and colleagues, it is my pleasure to share come of my recent writings and events with you on topics of cybersecurity, emerging tech, and other issues. Thanks and stay safe, Chuck Chuck Brooks LinkedIn Profile: https://www.

Read more | >

Emerging Ransomware Targets Dozens of Businesses Worldwide

Posted by Saúl Morales Rodriguéz in business, cybercrime/malcode, energy, finance, food, government, law | Leave a Comment on Emerging Ransomware Targets Dozens of Businesses Worldwide

06.10.
2021

An emerging ransomware strain in the threat landscape claims to have breached 30 organizations in just four months since it went operational, riding on the coattails of a notorious ransomware syndicate.

First observed in February 2021, “Prometheus” is an offshoot of another well-known ransomware variant called Thanos, which was previously deployed against state-run organizations in the Middle East and North Africa last year.

The affected entities are believed to be government, financial services, manufacturing, logistics, consulting, agriculture, healthcare services, insurance agencies, energy and law firms in the U.S., U.K., and a dozen more countries in Asia, Europe, the Middle East, and South America, according to new research published by Palo Alto Networks’ Unit 42 threat intelligence team.

Read more | >

EA source code stolen

Posted by Genevieve Klien in cybercrime/malcode | Leave a Comment on EA source code stolen

06.10.
2021

More organizations feel the pain as the ransomware scourge grows more pernicious.

Read more | >

Researchers create an un-hackable quantum network over hundreds of kilometers using optical fiber

Posted by Genevieve Klien in cybercrime/malcode, quantum physics | Leave a Comment on Researchers create an un-hackable quantum network over hundreds of kilometers using optical fiber

06.10.
2021

Toshiba’s research team has broken a new record for optical fiber-based quantum communications, thanks to a new technology called dual band stabilization.

Read more | >

Hacking bitcoin wallets with quantum computers could happen – but cryptographers are racing to build a workaround

Posted by Genevieve Klien in bitcoin, cybercrime/malcode, mobile phones, quantum physics | Leave a Comment on Hacking bitcoin wallets with quantum computers could happen – but cryptographers are racing to build a workaround

06.10.
2021

Stefan Thomas really could have used a quantum computer this year.

The German-born programmer and crypto trader forgot the password to unlock his digital wallet, which contains 7002 bitcoin, now worth $265 million. Quantum computers, which will be several million times faster than traditional computers, could have easily helped him crack the code.

Though quantum computing is still very much in its infancy, governments and private-sector companies such as Microsoft and Google are working to make it a reality. Within a decade, quantum computers could be powerful enough to break the cryptographic security that protects cell phones, bank accounts, email addresses and — yes — bitcoin wallets.

Read more | >