The WPA3 protocol and certification that was introduced last year to make Wi-Fi networks more secure was found to contain a series of vulnerabilities, including time- and cache-based side-channel flaws that could ultimately allow adversaries to recover passwords. Developed by the Wireless Security Alliance, WPA3 replaced the old standard’s Pre-Shared Key exchange with a Simultaneous Authentication…
A study of more than 1,500 hotels in 54 countries found that 67 percent of their websites leak booking reference codes to third-party partners, allowing them to potentially access guests’ booking details and personal information. Such access could even enable the third parties to cancel individuals’ reservations if they so desired, according to Symantec Principal…
The U.S. Department of Homeland Security and FBI have jointly released an official Malware Analysis Report detailing several variants of HOPLIGHT, a trojan malware program used by hackers from Hidden Cobra, an APT group that’s been widely linked to the North Korean government. Upon execution, HOPLIGHT allows attackers to collect victim machine information, connect to…
Researchers at Kaspersky Lab today issued a pair of reports, one revealing a newly discovered sophisticated APT framework and the other detailing the recent operations of the threat actor known as Gaza Cybergang Group1. Dubbed TajMahal, the APT framework is a fully loaded malicious toolset, replete with backdoors, loaders, orchestrators, C2 communicators, audio recorders, keyloggers,…
Intel has released a series of security updates and mitigation recommendations to address recently discovered vulnerabilities in four of its products, including two high-severity flaws. The Santa Clara, Calif.-based chip maker patched its Intel Media SDK product to fix CVE-2018-18094, a high-risk vulnerability in versions 2018 R2.1 and earlier that could allow authenticated users with…
Recent research into old malware threats associated with the Stuxnet attacks against Iran’s nuclear program roughly one decade ago turned up several new discoveries, including a possible fourth collaborator in the clandestine operation, as well as previously unknown versions of Flame and Duqu malware. Today, Alphabet’s cybersecurity subsidiary Chronicle revealed the findings of its researchers…
Motor vehicle technology and equipment provider AutoMobility Distribution Inc. has updated its MyCar Controls telematics mobile application for iOS and Android in order to eliminate the use of insecure hard-coded credentials. The MyCar app offers geolocation services as well as remote start/stop and lock/unlock capabilities to vehicles that come with a compatible remote start unit.…
The development team behind Samba issued software updates yesterday in order to patch a pair of vulnerabilities in the free re-implementation of the SMB networking protocol. The first vulnerability, CVE-2019-3870, occurs in Samba versions 4.9.x upon the provisioning of a new Active Directory domain controller. During this process, some files in the private/ directory are…
Traditionally associated with payment card theft, the cybercriminal group FIN6 has expanded its operations to apparently include ransomware attacks using the malicious encryption programs Ryuk and LockerGoga, according to researchers. Investigations by the FireEye Intelligence research team and the company’s Mandiant division have revealed that FIN6’s ransomware activity dates back to July 2018, and has…
Israeli authorities are reportedly investigating a hacker’s claims on Twitter that he successfully breached the country’s voter registry in the days leading up to tomorrow’s 2019 legislative election. Nicknamed DarkCoder, the hacker contended in a Saturday tweet that he stole information on 6 million Israeli voters, even posting a picture displaying victims’ names identity numbers…
