One of the most important pieces of advice on cybersecurity is that you should never input logins, passwords, credit card information, and so forth, if you think the page URL looks weird. Weird links are sometimes a sign of danger. If you see, say, fasebook.com instead of facebook.com, that link is weird.
But what if the fake Web page is hosted on the legitimate page? It turns out this scenario is actually plausible — and the bad guys don’t even need to hack the server that hosts the target page. Let’s examine how it works. The trick here is in the way our normal-looking Web page addresses are an add-on to real the IP addresses the Internet works with.Read more
A flaw in an in-flight entertainment system used by major airlines including Emirates, Virgin and Qatar could let hackers access a planes' controls. The security hole in the Panasonic Avionics in-flight system is used in planes run by 13 major airlines and could put passengers' information and safety at risk, as well as disrupting their flight experience, according to researchers at IOActive.
Exploiting the problem, researcher Ruben Santamarta managed to "hijack" in-flight displays to change information such as altitude and location, control the cabin lighting and hack into the announcements system. Chained together this could be an unsettling experience for passengers.Read more
Hackers can steal your sensitive information, such as your Passwords, PINs and Keystrokes, from your phone by observing changes in the wireless signal as you enter them into your smartphones.
A group of researchers from the Shanghai Jaio Tong University have demonstrated a new technique that can reveal private information by analyzing the radio signal Interference, using just one rogue Wi-Fi hotspot. Dubbed WindTalker, the attack sniffs a user's fingers movement on the phone's touchscreen or a computer's keyboard by reading the radio signal patterns called Channel State Information.Read more
Sending data over wireless formats like Wi-Fi and Bluetooth is very convenient, but not necessarily secure. A Princeton report revealed that some smart home devices unwittingly broadcast location information while others didn't encrypt their data streams at all.
To get around the uncertainty of pushing information over the air, some scientists have posited using the body as a conduit. Instead of using its magnetic field, as previous researchers have, engineers from the University of Washington have pioneered a way to send wireless signals from a touchpad or screen held in one hand to a smart device in physical contact with the other.Read more
If you own a D-Link wireless router, especially DWR-932 B LTE router, you should get rid of it, rather than wait for a firmware upgrade that never lands soon.
D-Link DWR-932B LTE router is allegedly vulnerable to over 20 issues, including backdoor accounts, default credentials, leaky credentials, firmware upgrade vulnerabilities and insecure UPnP configuration. If successfully exploited, these vulnerabilities could allow attackers to remotely hijack and control your router, as well as network, leaving all connected devices vulnerable to man-in-the-middle and DNS poisoning attacks. Moreover, your hacked router can be easily abused by cybercriminals.Read more
A team of security researchers from China have remotely hacked into a brand new Tesla Model S, controlling its sunroof, lights, boot and even the brakes from a laptop several miles away.
Thankfully, Keen Security Lab, a division of the Chinese internet company Tencent, are 'white hat' hackers, who have only made the exploit public now that Tesla has fixed the problem worldwide with an over-the-air software update. The hack requires the car to connect to a malicious Wi-Fi hotspot. The team then demonstrates how a driver searching for nearby charger stations online opens the back door for hackers to break into the Tesla's software.Read more
Experts have discovered critical security flaws in connected smart plugs which can give attackers access to a full home network. Researchers said that one particular device uses no encryption and weak default passwords, with no alerts issued to users to change them in the interests of security.
Internet of Things devices are products with network capabilities. While these now range from smartphones to fridges, the use of smart plugs is also on the rise. Smart outlets can be used to monitor energy usage, schedule devices to turn on and off at the user's convenience, and can be used to control gadgets including cameras, smart TVs and coffee makers.Read more
At work or back home — and even on vacation — we are always at risk. Cybercriminals have various ways to reach us wherever we are. For example, they can use public Wi-Fi to steal users’ banking data.
Travelers often take the bait because open Wi-Fi is the only option many of them have to stay connected. Public Wi-Fi serves hundreds of thousands of users every day, and many of those users think that it is secure. Of more than 10,000 international travelers Kaspersky Lab interviewed recently, 82% used open networks on their vacations or business trips. As it turns out, even cautious people forget about security while traveling.Read more
During a two-month hackathon, security researchers from Bitdefender found vulnerabilities in four new IoT devices, of which only one has been partially fixed after the developer was notified.
Researchers found the first issue in the WeMo Switch, an Internet-accessible switch that lets users turn electronic devices in their home on and off. This device was using an insecure communications channel between the switch and the smartphone app that features no authentication. Everything is transmitted in cleartext, except for the device's password, which is encrypted with an easily breakable algorithm, using an encryption key derived from the device's ID and its MAC address.Read more
Britain's Information Commissioner’s Office is sounding the alarm on some of the most recent but privacy-intrusive techniques used by retailers to track their customers.
After participating in a meeting of the International Working Group on Data Protection and Telecommunications, ICO's staff decided it was time to inform users of modern-day tracking habits and also urge retailers to take the proper measures needed to safeguard user privacy. For quite some time now, it has been known that Wi-Fi signals from modern smart devices allow a third-party to track the gadgets' movements. Tracking shoppers via their smartphones is not a theory anymore.Read more