Wow another automobile attack! This time the hacker can abuse anybody using the OnStar RemoteLink mobile app. In summary, don’t use the OnStar RemoteLink app until a patch is available or you may find one day that somebody has been joy riding in your car.
Samy Kamkar posted about this vulnerability on Computerworld including a video demonstrating his tool built to abuse this vulnerability in the app. The original post and video can be found HERE. He will be talking more about this next week at the Blackhat/DEFCON conferences. Continue reading →
Cisco Systems just released the 2015 Midyear Security Report found HERE. This report provides an overview of major threats observed in the first half of 2015. There are also parts that look at future trends and offers for small, midsize and enterprise organizations. Topics on the latest threats include exploit kits, Microsoft office exploits, malware research, java exploits and so on. Its free to download. Check it out.
Npr.org posted about the mother of all Android vulnerabilities. The original post can be found HERE.
Android is the most popular mobile operating system on Earth: About 80 percent of smartphones run on it. And, according to mobile security experts at the firm Zimperium, there’s a gaping hole in the software — one that would let hackers break into someone’s phone and take over, just by knowing the phone’s number. Continue reading →
The good people at Wired released a eye opening video about how hackers have figured out how to abuse a vulnerability in many modern automobiles that lets them take complete control remotely (kill the gas, turn on the radio, shut off the breaks, etc.). I posted about this concept last year HERE however back then, the hackers had to access the car. This time they are abusing a vulnerability in the UConnect system meaning they don’t need any device plugged in or physical modification to make this work.
They will be talking about this next month at the Blackhat Defcon events so for those that are going, make sure to check it out. Below is the post and video. The original wired post can be found HERE. I’m not buying a new car after watching this. I’m thinking maybe getting a classic instead …. with no wireless technology. Continue reading →
Krebsonsecurity.com posted about how AshleyMadison, a site dedicated to affairs, is being threatened by hackers to shut down or they will leak a bunch of nude photos and sexual fantasies of the site’s clients. The original post can be found HERE. This could get ugly … no pun intended.
Large caches of data stolen from online cheating site AshleyMadison.com have been posted online by an individual or group that claims to have completely compromised the company’s user databases, financial records and other proprietary information. The still-unfolding leak could be quite damaging to some 37 million users of the hookup service, whose slogan is “Life is short. Have an affair.” Continue reading →
VPRO International created a interesting documentary on Zero Day exploits. There is a lot of Blackhat / Defcon footage for those waiting for this years conference T minus two weeks from now. The video can be found below. It is work the watch. Enjoy Continue reading →
Cisco Talos wrote a awesome post following a attack campaign that leveraged malware using RAT capabilities. They cover research on how the malware is delivered using phishing via SPAM, what happens when the malware is executed and what they found as they monitored the malware installed in their lab / sandbox systems. I have wrote about another remote access tool (RAT) in the past here here and love how Talos included details on the tool DarkKomet used for this particular campaign. The original post can be found HERE. Its a little longer than the usual posts on here but worth the read.
Talos is constantly observing malicious spam campaigns delivering various different types of payloads. Common payloads include things like Dridex, Upatre, and various versions of Ransomware. One less common payload that Talos analyzes periodically are Remote Access Trojans or RATs. A recently observed spam campaign was using freeware remote access trojan DarkKomet (a.k.a DarkComet). This isn’t a novel approach since threat actors have been leveraging tools like DarkKomet or Hawkeye keylogger for quite sometime. Continue reading →