Security News

The findings form the basis of a new "5G Standalone core security research" published by London-based cybersecurity firm Positive Technologies today, exactly six months after the company released its "Vulnerabilities in LTE and 5G Networks 2020" report in June detailing high impact flaws in LTE and 5G protocols. Deployed either in standalone or non-standalone modes depending on their reliance on 4G Evolved Packet Core technology, the 5G mobile network is a framework consisting of as many as nine network functions that are responsible for registering subscribers, managing sessions and subscriber profiles, storing subscriber data, and connecting the users to the internet via a base station.

The National Security Agency warns that Russian state-sponsored threat actors are exploiting a recently patched VMware vulnerability to steal sensitive information after deploying web shells on vulnerable servers. VMware released security updates to address the security bug on December 3rd after publicly disclosing the vulnerability two weeks ago and providing a temporary workaround that fully removes the attack vector and prevents exploitation.

At least a dozen bogus "Contact tracing" apps designed to look like official software to track coronavirus infections have been deployed globally to spread malware and steal user data, security researchers said Wednesday. Anomali said the fake COVID-19 apps do not appear to be distributed through official channels like the Google Play Store but rather are being spread through other apps, third-party stores, and websites that encourage downloads.

A vulnerability in Universal Plug and Play, which is implemented in billions of networked and IoT devices - personal computers, printers, mobile devices, routers, gaming consoles, Wi-Fi access points, and so on - may allow unauthenticated, remote attackers to exfiltrate data, scan internal networks or make the devices participate in DDoS attacks. About UPnP. UPnP is a set of networking protocols that allows networked devices to automatically discover and interact with each other when on the same network.

It's possible to extract data from a computer via its Thunderbolt port - once you've got the case off, plugged in a flash programmer, and reprogrammed the controller's firmware to grant access. A miscreant would need to have physical access to the machine long enough to unscrew the case, attach an SPI flash programmer with an SOP8 clip to rewrite the Thunderbolt port controller's firmware to unlock access, and then attach a device to the interface to copy data via PCIe and DMA through the port, and then, if necessary, flash back the original firmware and fit the computer back together.

A recently discovered piece of Android stalkerware can install itself persistently on the system partition and steals the file containing the hash sum for the screen unlock pattern or password to allow its operators to unlock devices. Referred to as MonitorMinor, the stalkerware targets communication applications to intercept victims' conversations, including LINE, Gmail, Zalo, Instagram, Facebook, Kik, Hangouts, Viber, Hike News & Content, Skype, Snapchat, JusTalk, and BOTIM. Given that Android sandboxes applications to prevent direct communications between them - this feature is called DAC, or Discretionary Access Control - MonitorMinor requires root access to bypass the security system and perform nefarious activities.

A company that provides custom parts to aerospace giants Lockheed Martin, SpaceX and Boeing, has been the target of an attack by an emerging type of ransomware that can both encrypt files and exfiltrate data. Attackers also tweeted in an account using the name "DoppelPaymer" that more files were on the way, alerting researchers that attackers likely used the DoppelPaymer ransomware in the attack, according to reports.

Researchers have shown how hackers could silently exfiltrate sensitive information from air-gapped computers by manipulating the brightness of their screen. Researchers from Ben-Gurion University previously demonstrated how hackers could exfiltrate data from air-gapped systems via power lines, magnetic fields, infrared cameras, router LEDs, scanners, HDD activity LEDs, USB devices, the noise emitted by hard drives and fans, and heat emissions.

A newly disclosed attack targeting Intel processors utilizes CPU voltage modifications to expose data stored using Intel's Secure Guard Extensions (SGX).  read more

A new information stealer is gaining rapid popularity with the cybercriminal community - leading to it infecting hundreds of millions of victims.