Facebook Messenger Bug Lets Hackers Listen to You Before You Pick Up the Call

Facebook has patched a bug in its widely installed Messenger app for Android that could have allowed a remote attacker to call unsuspecting targets and listen to them before even they picked up the audio call. The flaw was discovered and reported to Facebook by Natalie Silvanovich of Google’s Project Zero bug-hunting team last month on October 6 with a 90-day deadline, and impacts version 284.0.0.16.119 (and before) of Facebook Messenger for Android. In a nutshell, the vulnerability could have granted an attacker who is logged into the app to…

Read More

Hackers target Premier League giants Manchester United

Cybercriminals targeted Manchester United’s IT systems in a “sophisticated” hacking operation but the English Premier League team said it fended off the strike. According to a statement released late on Friday, “cyber defences” identified the “sophisticated operation by organised cyber criminals” and the club has shut down affected systems to “contain the damage and protect data”. Keep ReadingPremier League clubs reject ‘Project Big Picture’Marcus Rashford ‘blown away’ by grassroots pledges to feed kidsHarry Gregg, the hero of 1958 Manchester United tragedy “The club has taken swift action to contain the…

Read More

Vulnerability Scanning

Vulnerability Scanning – Vulnerability discovery is an integral part of any security assessment. While we prefer manual, specialized tasks that leverage our knowledge and experience during a security audit, automated vulnerability scanners are nonetheless invaluable when used in proper context. In this module, we will provide an overview of automated vulnerability scanning, discuss its various considerations, and focus on both Nessus and Nmap as indispensable tools. Vulnerability Scanning How Vulnerability Scanners Work Vulnerability scanner implementations vary, but generally follow a standard workflow. Most automated scanners will: Detect if a target…

Read More

Researchers Warn of Critical Flaw Affecting Industrial Automation Systems

A critical vulnerability uncovered in Real-Time Automation’s (RTA) 499ES EtherNet/IP (ENIP) stack could open up the industrial control systems to remote attacks by adversaries. RTA’s ENIP stack is one of the widely used industrial automation devices and is billed as the “standard for factory floor I/O applications in North America.” “Successful exploitation of this vulnerability could cause a denial-of-service condition, and a buffer overflow may allow remote code execution,” the US cybersecurity and infrastructure agency (CISA) said in an advisory. As of yet, no known public exploits have been found…

Read More

Apple Lets Some of its Big Sur macOS Apps Bypass Firewall and VPNs

Apple is facing the heat for a new feature in macOS Big Sur that allows many of its own apps to bypass firewalls and VPNs, thereby potentially allowing malware to exploit the same shortcoming to access sensitive data stored on users’ systems and transmit them to remote servers. The issue was first spotted last month by a Twitter user named Maxwell in a beta version of the operating system. “Some Apple apps bypass some network extensions and VPN Apps,” Maxwell tweeted. “Maps for example can directly access the internet bypassing…

Read More

Prevention DoS/DDoS Attacks

Prevention DoS/DDoS Attacks – Distributed attack tools leverage bandwidth from multiple systems on diverse networks to produce potent denial-of-service attacks. To a victim, an attack may appear from different source addresses, whether or not the attacker employs IP source address spoofing. Responding to a distributed attack requires a high degree of communication among Internet sites. Prevention is not straightforward because of the interdependency of site security on the Internet; the tools are typically installed on compromised systems that are outside of the administrative control of future denial-of-service attack targets. Prevention…

Read More

Microsoft Detects COVID-19 Vaccine Work Hacking Attempts by Russia, North Korea

Microsoft said it has detected attempts by state-backed Russian and North Korean hackers to steal valuable data from leading pharmaceutical companies and vaccine researchers. It said in a blog post Friday that most of the attacks in recent months were unsuccessful, but provided no information on how many succeeded or how serious those breaches were. Chinese state-backed hackers have also been targeting vaccine-makers, the US government said in July while announcing criminal charges. Microsoft said most of the targets — located in Canada, France, India, South Korea and the United States…

Read More

Live Webinar: Reducing Complexity by Increasing Consolidation for SMEs

Complexity is the bane of effective cybersecurity. The need to maintain an increasing array of cybersecurity tools to protect organizations from an expanding set of cyber threats is leading to runaway costs, staff inefficiencies, and suboptimal threat response. Small to medium-sized enterprises (SMEs) with limited budgets and staff are significantly impacted. On average, SMEs manage more than a dozen different security tools, making it very difficult for security teams to manage and orchestrate. SMEs are, understandably, looking to consolidate their security tools to make cybersecurity more manageable and cost-effective. The…

Read More

How WPA Works

How WPA Works – WPA, or Wi-Fi Protected Access, was developed as “WEP’s replacement.” There are two versions of Wi-Fi Protected Access: WPA and WPA2. The original WPA standard was intended as a temporary replacement for WEP while the 802.11i (WPA2) standard was being developed. Because of the way WPA works, it was able to run on most existing wireless cards and access points through a simple firmware update. The technology that allows WPA to work on existing hardware is TKIP, the Temporal Key Integrity Protocol. We won’t go too…

Read More

Uncovered: APT ‘Hackers For Hire’ Target Financial, Entertainment Firms

A hackers-for-hire operation has been discovered using a strain of previously undocumented malware to target South Asian financial institutions and global entertainment companies. Dubbed “CostaRicto” by Blackberry researchers, the campaign appears to be the handiwork of APT mercenaries who possess bespoke malware tooling and complex VPN proxy and SSH tunneling capabilities. “CostaRicto targets are scattered across different countries in Europe, Americas, Asia, Australia and Africa, but the biggest concentration appears to be in South Asia (especially India, Bangladesh and Singapore and China), suggesting that the threat actor could be based…

Read More