Security News

Monday review – catch up on our latest articles and videos
2020-08-24 10:22

Our recent articles and videos, all in one place.

Monday review – catch up on our latest articles and videos
2020-08-17 09:50

Our recent articles and videos, all in one place.

Hey there, want to break into computers like an Iranian hacker crew? IBM finds 40GB of videos that include how-tos
2020-07-20 10:15

The crew at IBM X-Force has uncovered a massive cache of files, including about five hours of training videos intended for a select crew of hackers in Iran known as ITG18. Big Blue said the videos range from two minutes to two hours and mainly cover techniques for compromising popular webmail services.

Iranian Hackers Accidentally Exposed Their Training Videos (40 GB) Online
2020-07-17 03:23

Some of the victims in the videos included personal accounts of U.S. and Greek Navy personnel, in addition to unsuccessful phishing attempts directed against U.S. state department officials and an unnamed Iranian-American philanthropist. "Some of the videos showed the operator managing adversary-created accounts while others showed the operator testing access and exfiltrating data from previously compromised accounts," the researchers said.

Iranian Hackers Accidentally Exposed Their Training Videos (40 GB) Online
2020-07-17 03:23

Some of the victims in the videos included personal accounts of U.S. and Greek Navy personnel, in addition to unsuccessful phishing attempts directed against U.S. state department officials and an unnamed Iranian-American philanthropist. "Some of the videos showed the operator managing adversary-created accounts while others showed the operator testing access and exfiltrating data from previously compromised accounts," the researchers said.

Emerging Ransomware Targets Photos, Videos on Android Devices
2020-06-24 21:21

A new strain of ransomware has arisen in Canada, targeting Android users and locking up personal photos and videos. Like other ransomware families, it encrypts targeted files.

Babylon mobile health app mixes up patient consultation videos
2020-06-10 12:48

Mobile health app Babylon, which states its company mission as putting "An accessible and affordable health service in the hands of every person on earth", has admitted to a software bug that went one step further than that. The user, named by the BBC as Rory Glover from Leeds in England, apparently used the app to check up on a prescription of his own, only to find that the "Consultation Replays" feature of the app contained a list of 50 videos for him to review.

TikTok Flaw Allows Threat Actors to Plant Forged Videos in User Feeds
2020-04-14 12:07

A security weakness in the popular TikTok video-sharing service allows a local attacker to hijack any video content streamed to a user's TikTok feed and swap it out with hacker-generated content. In their proof-of-concept attack, Mysk and Bakry demonstrated how popular TikTok users, using verified accounts, could have their video streams hijacked to show misleading videos downplaying the severity of the COVID-19 pandemic.

TikTok users beware: Hackers could swap your videos with their own
2020-04-14 09:39

Mobile app developers Tommy Mysk and Talal Haj Bakry just published a blog article entitled "TikTok vulnerability enables hackers to show users fake videos". We used a similar approach to Mysk and Haj Bakry to look at the network traffic produced by TikTok - we installed the tPacketCapture app on Android and then ran the TikTok app for a while to flip through a few popular videos.

Google Shared Private Videos With Wrong Users
2020-02-05 20:18

The bug, which Google describes as a technical issue, was triggered when users requested a Google "Download your data" export. In the notification sent to the impacted users, Google reveals that those who used Takeout to download their data might have ended up with someone else's videos in their Google Photos backups.