Hacks

After enabling ' Site Isolation ' security feature in Chrome for desktops last year, Google has now finally introduced 'the extra line of defence' for Android smartphone users surfing the Internet over the Chrome web browser. In brief, Site Isolation is a security feature that adds an additional boundary between websites by ensuring that pages from different sites end up in different sandboxed processes in the browser. Since each site in the browser gets its own isolated process, in case of a browser flaw or Spectre like side-channel vulnerability, the feature makes it harder for attackers or malicious websites to access or steal cross-site data of your accounts on other websites. Site Isolation helps protect many types of sensitive data, including authentication cookies, stored passwords, network data, stored permissions, as well as cross-origin messaging that help sites securely pass messages across domains. The feature gained attention in January 2018, when...

Microsoft issued a serious warning about the recent cyber activities that target the Government and private sector to compromise the high profile email accounts. The attack believed to be initiated from Iran state-sponsored hacking group called Phosphorus and is linked with the Iran government to perform various cyber-attacks around the world. Microsoft has been tracking the Phosphorus ( APT 35 or Charming Kitten) threat group since 2013, and the group’s main motivation is to gain access to businesses and government agencies computer systems and steal sensitive information. During the end of March 2019, GBHackers on Security  reported  that Microsoft authorized to seize 99 illegal domains operated by the APT 35 aka Phosphorus for various illegal hacking operations.  Over the last 30 days, Microsoft Threat Intelligence Center learned that the cybercriminals make more than 2,700 attempts to identify consumer email accounts belonging to specific Microsoft custome...

Until now, I'm sure you all might have heard of the SimJacker vulnerability disclosed exactly a month ago that affects a wide range of SIM cards and can remotely be exploited to hack into any mobile phone just by sending a specially crafted binary SMS. If you are unaware, the name "SimJacker" has been given to a class of vulnerabilities that resides due to a lack of authentication and proprietary security mechanisms implemented by dynamic SIM toolkits that come embedded in modern SIM cards. Out of many, two such widely used SIM toolkits —  S@T Browser technology  and  Wireless Internet Browser (WIB)  — have yet been found vulnerable to SimJacker attacks, details of which we have provided in our previous articles published last month. At that time, a few experts in the telecom industry confirmed The Hacker News that the SimJacker related weaknesses were internally known to many for years, and even researchers also revealed that an unnamed surveillance company ha...

Cyber police seized a huge bot farm that used to send large scale  spam  through various services such as email and social media. The investigation was carried out by  Ukraine police in  six different regions. Attackers use homes, garages, apartments, and rented offices to carry out malicious activities. To hide their anonymity and to anonymize the bot farm they used  TOR  and the  VPN  services. Further investigation reveals that the bot farm is operated exclusively for client interest. The bot farm lets attackers register accounts on various online platforms that require user phone numbers to complete the verification process, such as social media, email, payment systems, etc.. They also sold some verified accounts at a higher price to the interested clients. By having the verified accounts threat actors use them for spamming purposes. Police seized several multi-SIM card modems, these modems would have at least 32 sim card slots...

A 7-year-old critical remote code execution vulnerability has been discovered in  iTerm2  macOS terminal emulator app—one of the most popular open source replacements for Mac's built-in terminal app. Tracked as  CVE-2019-9535 , the vulnerability in iTerm2 was discovered as part of an independent security audit funded by the Mozilla Open Source Support Program (MOSS) and conducted by cybersecurity firm Radically Open Security (ROS). "MOSS selected iTerm2 for a security audit because it processes untrusted data, and it is widely used, including by high-risk targets (like developers and system administrators)," Mozilla says. According to a  blog post  published today by Mozilla, the RCE flaw resides in the tmux integration feature of iTerm2, which, if exploited, could allow an attacker to execute arbitrary commands by providing malicious output to the terminal. As shown in the video demonstration, potential attack vectors for this vulnerability inclu...

Watch out Windows users! The cybercriminal group behind BitPaymer and iEncrypt ransomware attacks has been found exploiting a zero-day vulnerability affecting a little-known component that comes bundled with Apple's iTunes and iCloud software for Windows to evade antivirus detection. The vulnerable component in question is the  Bonjour  updater, a zero-configuration implementation of network communication protocol that works silently in the background and automates various low-level network tasks, including automatically download the future updates for Apple software. To be noted, since the Bonjour updater gets installed as a separate program on the system, uninstalling iTunes and iCloud doesn't remove Bonjour, which is why it eventually left installed on many Windows computers — un-updated and silently running in the background. Cybersecurity researchers from Morphisec Labs discovered the exploitation of the Bonjour zero-day vulnerability in August when the attackers ta...