Russian-speaking cyberespionage group APT28, also known as Sofacy, is believed to be behind a series of attacks last month against travelers staying in hotels in Europe and the Middle East. APT28 notably used the NSA hacking tool EternalBlue as part of its scheme to steal credentials from business travelers, according to a report released Friday by security firm FireEye.
One of the goals of the attack is to trick guests to download a malicious document masquerading as a hotel reservation form that, if opened and macros are enabled, installs a dropper file that ultimately downloads malware called Gamefish.Read more
Scientists at MIT are using Wi-Fi and AI to determine your emotional state. They’ve created an algorithm that can detect and measure individual heartbeats by bouncing RF signals off of people.
An RF emitter coupled with the algorithm works in the same way as an electrocardiogram, without requiring any leads be attached to a person. This is accomplished using the same technology that we currently have in our home routers. The remarkable part is the machine-learning that goes into what the scientists are calling EQ Radio. The information the AI receives has to be processed differently than a standard EKG.Read more
Android often makes the news for being the mobile platform that’s most susceptible to malware. But that doesn’t mean that iOS is completely safe. In fact, it turns out that hackers can take over your iPhone, iPad, or iPod touch and control it without your knowledge.
So you’d better update your device to the latest iOS version, which was just released. Even your brand new iPhone 7 is a potential target, so don’t think that just because it’s fresh hardware, it can’t be attacked by malicious individuals. Apple says on its support pages that iPhone 5 or later, iPad 4th generation or later and iPod touch 6th generation are all affected by this serious bug.Read more
Google has released its latest monthly security update for Android devices, including a serious bug in some Broadcom Wi-Fi chipsets that affects millions of Android devices, as well as some iPhone models.
Dubbed BroadPwn, the remote code execution vulnerability resides in Broadcom's BCM43xx family of WiFi chipsets, which can be triggered remotely without user interaction, allows a remote attacker to execute malicious code on targeted Android devices. "The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process," Google describes.Read more
How many people specifically know where you are right now? Friends and family? Your coworkers? If you're using a Windows laptop or PC you could add another group to the list: the CIA.
New documents released as part of WikiLeaks' series of CIA hacking revelations detail a method the agency uses to geolocate computers. The agency infects target devices with malware that can then check which public Wi-Fi networks a given computer can connect to at a given moment, as well as the signal strengths of those networks. From there, the malware compares the list of available Wi-Fi options to databases of public Wi-Fi networks to figure out where the device is.Read more
Purported CIA documents published by WikiLeaks reveal the US Central Intelligence Agency has been hacking wireless routers for years as part of its surveillance efforts.
The trove of documents released by the anti-privacy publication on Thursday details the CIA’s CherryBlossom project, in which the intelligence agency has compromised Wi-Fi routers in private homes, public spaces, businesses and enterprise environments in order to gather information about specific targets. The project comes from the CIA's elite hacking unit, the Engineering Development Group. The leaked files include installation guides, manuals and other documents.Read more
Twenty-five Linksys router models are vulnerable to serious attacks that could have a huge security impact on owners. According to IOActive, these models are vulnerable to attacks that allow third parties to reboot, lock out and extract sensitive router data from affected devices.
The issue affects the latest Linksys Smart Wi-Fi Router brands, they say, identifying models using the latest 802.11N and 802.11AC standards as being at risk. IOActive researcher Tao Sauvage says they found ten vulnerabilities that impact the Linksys routers. During the investigation, 7,000 vulnerable routers were discovered to be in use.Read more
A pretty dumb WhatsApp scam is making rounds in chain mail form, promising "free internet" without Wi-Fi on an invite-only basis. First of all, the scam is quite dumb to begin with because the only way to use WhatsApp without Wi-Fi is to have a cellular data connection and WhatsApp cannot offer data - it's just an app, not a provider.
Secondly, the scam is spreading because it prompts victims to forward the message to 13 friends or five groups on WhatsApp to activate the "free internet." As usual, the message spreads via WhatsApp groups or comes from a friend who 'recommends' the service - often unaware of it. In this case, you receive a special invitation with a link.Read more
Cybercriminals do stuff online, so punish them by taking away their internet access. It’s as simple as taking a crowbar from a burglar. Or is it? Some outside-the-box thinking by a top cop this week has triggered a debate among cybersecurity types about young offending and punishment.
Gavin Thomas, the president of the Police Superintendents’ Association of England and Wales, suggested that Wi-Fi jammers – devices worn on the ankle or wrist to block the internet – could serve as a smarter punishment for cybercrimes than prison. “We have got to stop using 19th-century punishments to deal with 21st-century crimes,” he said.Read more
One of the most important pieces of advice on cybersecurity is that you should never input logins, passwords, credit card information, and so forth, if you think the page URL looks weird. Weird links are sometimes a sign of danger. If you see, say, fasebook.com instead of facebook.com, that link is weird.
But what if the fake Web page is hosted on the legitimate page? It turns out this scenario is actually plausible — and the bad guys don’t even need to hack the server that hosts the target page. Let’s examine how it works. The trick here is in the way our normal-looking Web page addresses are an add-on to real the IP addresses the Internet works with.Read more