Security News

A security flaw in an internet-connected male chastity device could allow hackers to remotely lock it - leaving users trapped, researchers have warned. The locking mechanism is controlled with a smartphone app via Bluetooth - marketed as both an anti-cheating and a submission sex play device - but security researchers have found multiple flaws that leave it vulnerable to hacking.

A voice-activated TV remote can be turned into a covert home surveillance device, according to researchers from infosec firm Guardicore who probed the device to show that a man-in-the-middle attack could compromise it. Guardicore discovered an attack vector on US telco giant Comcast's Xfinity XR11 voice remote - of which around 18 million units have been sold - that allowed malicious people to turn it into an eavesdropping device.

A researcher at privileged access management solutions provider CyberArk has discovered vulnerabilities in the products of 10 cybersecurity vendors. The research focused on vulnerabilities that can allow an attacker or a piece of malware to escalate privileges using symlink attacks or DLL hijacking.

Ransomware negotiators may have to pay up in new ways if they intercede with cybercriminals on companies' behalf. The U.S. Department of the Treasury said Thursday that companies that facilitate ransomware payments to cyber-actors on behalf of victims may face sanctions for encouraging crime and future ransomware payment demands.

To this effect, cybersecurity researchers on Friday detailed a new methodology to identify exploit authors that use their unique characteristics as a fingerprint to track down other exploits developed by them. "Instead of focusing on an entire malware and hunting for new samples of the malware family or actor, we wanted to offer another perspective and decided to concentrate on these few functions that were written by an exploit developer," Check Point Research's Itay Cohen and Eyal Itkin noted.

Two researchers at the Cisco Talos Intelligence Group examined misleading and incorrect posts on social media to understand why so many people share misinformation and help spread propaganda online. Disinformation is what criminals and foreign actors do: The intentional spreading of false information with the intent to deceive.

The campaign's starting point is an email with an embedded malicious attachment - either in the form of a ZIP file containing an LNK file or a Microsoft Word document - that triggers an infection chain via a series of steps to download the final-stage payload. Aside from identifying three different infection chains, what's notable is the fact that one of them exploited template injection and Microsoft Equation Editor flaw, a 20-year old memory corruption issue in Microsoft Office, which, when exploited successfully, let attackers execute remote code on a vulnerable machine even without user interaction. What's more, the LNK files have a double extension and come with document icons, thereby tricking an unsuspecting victim into opening the file.

Capping off a busy week of charges and sanctions against Iranian hackers, a new research offers insight into what's a six-year-long ongoing surveillance campaign targeting Iranian expats and dissidents with an intention to pilfer sensitive information. The threat actor, suspected to be of Iranian origin, is said to have orchestrated the campaign with at least two different moving parts - one for Windows and the other for Android - using a wide arsenal of intrusion tools in the form of info stealers and backdoors designed to steal personal documents, passwords, Telegram messages, and two-factor authentication codes from SMS messages.

Two researchers have earned $20,000 from Google for reporting a sandbox escape vulnerability affecting the Chrome web browser. The researchers who discovered the issue, Leecraso and Guang Gong of the 360 Alpha Lab at Chinese cybersecurity company Qihoo 360, told SecurityWeek that while the vulnerability affects Chrome on all platforms, they have only managed to trigger it on Android.

According to Kaspersky, these attackers are increasingly diversifying their arsenals to contain Linux tools, giving them a broader reach over the systems they can target. Many organisations choose Linux for strategically important servers and systems, and with a "Significant trend" towards using Linux as a desktop environment by big business as well as government bodies, attackers are in turn developing more malware for the platform.