This is bad. Google actively receives location data from Android users even when location services have been switched off. Starting from early 2017, Android phones have been gathering addresses of nearby cellular towers and sending this data back to Google. The most troubling part is that this has been going on even when users have disabled location services.
According to the publication, Android handsets collected location data pretty much all the time and subsequently relayed all stored information back to Google once connected to the internet. Quarts claims that all modern Android phones are affected by this vulnerability.Read more
The security protocol used to protect the vast majority of wifi connections has been broken, potentially exposing wireless internet traffic to malicious eavesdroppers and attacks, according to the researcher who discovered the weakness.
Mathy Vanhoef, a security expert at Belgian university KU Leuven, discovered the weakness in the wireless security protocol WPA2, and published details of the flaw on Monday morning. “Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted, this can be abused to steal sensitive information.” Vanhoef’s report said.Read more
Transport for London plans to make £322m by collecting Tube users' location data and potentially selling it to third parties. At the end of 2016, TfL ran a pilot which tracked the Wi-Fi signals from 5.6 million phones as people moved around the London Underground, even if they weren't connected to a Wi-Fi network.
TfL publicly stated that the purpose of the scheme was to use the aggregated, anonymised data "to better understand how people navigate the London Underground network, allowing TfL to improve the experience for customers". It is now in consultation about tracking passengers on a permanent basis.Read more
Russian-speaking cyberespionage group APT28, also known as Sofacy, is believed to be behind a series of attacks last month against travelers staying in hotels in Europe and the Middle East. APT28 notably used the NSA hacking tool EternalBlue as part of its scheme to steal credentials from business travelers, according to a report released Friday by security firm FireEye.
One of the goals of the attack is to trick guests to download a malicious document masquerading as a hotel reservation form that, if opened and macros are enabled, installs a dropper file that ultimately downloads malware called Gamefish.Read more
Android often makes the news for being the mobile platform that’s most susceptible to malware. But that doesn’t mean that iOS is completely safe. In fact, it turns out that hackers can take over your iPhone, iPad, or iPod touch and control it without your knowledge.
So you’d better update your device to the latest iOS version, which was just released. Even your brand new iPhone 7 is a potential target, so don’t think that just because it’s fresh hardware, it can’t be attacked by malicious individuals. Apple says on its support pages that iPhone 5 or later, iPad 4th generation or later and iPod touch 6th generation are all affected by this serious bug.Read more
Google has released its latest monthly security update for Android devices, including a serious bug in some Broadcom Wi-Fi chipsets that affects millions of Android devices, as well as some iPhone models.
Dubbed BroadPwn, the remote code execution vulnerability resides in Broadcom's BCM43xx family of WiFi chipsets, which can be triggered remotely without user interaction, allows a remote attacker to execute malicious code on targeted Android devices. "The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process," Google describes.Read more
How many people specifically know where you are right now? Friends and family? Your coworkers? If you're using a Windows laptop or PC you could add another group to the list: the CIA.
New documents released as part of WikiLeaks' series of CIA hacking revelations detail a method the agency uses to geolocate computers. The agency infects target devices with malware that can then check which public Wi-Fi networks a given computer can connect to at a given moment, as well as the signal strengths of those networks. From there, the malware compares the list of available Wi-Fi options to databases of public Wi-Fi networks to figure out where the device is.Read more
Purported CIA documents published by WikiLeaks reveal the US Central Intelligence Agency has been hacking wireless routers for years as part of its surveillance efforts.
The trove of documents released by the anti-privacy publication on Thursday details the CIA’s CherryBlossom project, in which the intelligence agency has compromised Wi-Fi routers in private homes, public spaces, businesses and enterprise environments in order to gather information about specific targets. The project comes from the CIA's elite hacking unit, the Engineering Development Group. The leaked files include installation guides, manuals and other documents.Read more
Cybercriminals do stuff online, so punish them by taking away their internet access. It’s as simple as taking a crowbar from a burglar. Or is it? Some outside-the-box thinking by a top cop this week has triggered a debate among cybersecurity types about young offending and punishment.
Gavin Thomas, the president of the Police Superintendents’ Association of England and Wales, suggested that Wi-Fi jammers – devices worn on the ankle or wrist to block the internet – could serve as a smarter punishment for cybercrimes than prison. “We have got to stop using 19th-century punishments to deal with 21st-century crimes,” he said.Read more
One of the most important pieces of advice on cybersecurity is that you should never input logins, passwords, credit card information, and so forth, if you think the page URL looks weird. Weird links are sometimes a sign of danger. If you see, say, fasebook.com instead of facebook.com, that link is weird.
But what if the fake Web page is hosted on the legitimate page? It turns out this scenario is actually plausible — and the bad guys don’t even need to hack the server that hosts the target page. Let’s examine how it works. The trick here is in the way our normal-looking Web page addresses are an add-on to real the IP addresses the Internet works with.Read more