Security News

Molerats cyberespionage group has been using in recent spear-phishing campaigns fresh malware that relies on Dropbox, Google Drive, and Facebook for command and control communication and to store stolen data. Designed for cyberespionage, the malware attempts to avoid detection and takedown efforts by using Dropbox and Facebook services to steal data and receive instructions from the operators.

The Facebook security team has revealed today the real identity of APT32, a Vietnam-backed hacking group active in cyberespionage campaigns targeting foreign government, multi-national corporations, and journalists since at least 2014. The APT32 nation-state hackers were linked to Vietnamese IT firm CyberOne Group in a report published earlier today by Nathaniel Gleicher, Facebook's Head of Security Policy, and Mike Dvilyanski, Cyber Threat Intelligence Manager.

In this episode, we dig into research that figured out a way to steal data from iPhones wirelessly; we tell the fascinating story of how environmentalist divers in Germany came across an old Enigma cipher machine at the bottom of the Baltic sea; and we give you advice on how to talk to phone scammers. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.

U.S. cybersecurity company FireEye has suffered a breach, and the attackers made off with the company's RedTeam tools, FireEye CEO Kevin Mandia has disclosed on Tuesday. "The attackers tailored their world-class capabilities specifically to target and attack FireEye. They are highly trained in operational security and executed with discipline and focus. They operated clandestinely, using methods that counter security tools and forensic examination. They used a novel combination of techniques not witnessed by us or our partners in the past."

Cybersecurity corp FireEye has confessed its most secure servers have been compromised, almost certainly by state-backed hackers who then made away with its proprietary hacking tools. "Recently, we were attacked by a highly sophisticated threat actor, one whose discipline, operational security, and techniques lead us to believe it was a state-sponsored attack," a memo by its CEO Kevin Mandia on Tuesday read. The tools stolen are used by FireEye to test their customers' networks to find potential security holes, making it doubly embarrassing for the tech giant because, presumably, it uses its own tools to make sure its networks are secure.

Some widely sold D-Link VPN router models have been found vulnerable to three new high-risk security vulnerabilities, leaving millions of home and business networks open to cyberattacks-even if they are secured with a strong password. Discovered by researchers at Digital Defense, the three security shortcomings were responsibly disclosed to D-Link on August 11, which, if exploited, could allow remote attackers to execute arbitrary commands on vulnerable networking devices via specially-crafted requests and even launch denial-of-service attacks.

A number of high-profile Android apps are still using an unpatched version of Google's widely-used app update library, potentially putting the personal data of hundreds of millions of smartphone users at risk of hacking. Although Google addressed the vulnerability in March, new findings from Check Point Research show that many third-party app developers are yet to integrate the new Play Core library into their apps to mitigate the threat fully.

Russian-backed hacking group Turla has used a previously undocumented malware toolset to deploy backdoors and steal sensitive documents in targeted cyber-espionage campaigns directed at high-profile targets such as the Ministry of Foreign Affairs of a European Union country. Turla's Crutch malware was designed to help harvest and exfiltrate sensitive documents and various other files of interest to Dropbox accounts controlled by the Russian hacking group.

Imagine someone hacking into an Amazon Alexa device using a laser beam and then doing some online shopping using that person account. The same team that last year mounted a signal-injection attack against a range of smart speakers merely by using a laser pointer are still unraveling the mystery of why the microelectro-mechanical systems microphones in the products turn the light signals into sound.

VMware on Thursday announced releasing patches for a couple of serious ESXi vulnerabilities that were demonstrated at a recent hacking contest in China. The 360 ESG Vulnerability Research Institute from Chinese cybersecurity company Qihoo 360 earned more than $740,000 of the total, including $180,000 for a VMware ESXi guest to host escape exploit.