Researchers at Bastille Networks today said that non-Bluetooth devices from seven manufacturers including Logitech, Dell and Lenovo are vulnerable to so-called Mousejack attacks that would allow a hacker within 100 meters to abuse this attack vector and install malware or use that machine as pivot point onto the network.
The U.S. Department of Justice is pursuing additional court orders that would force Apple to help federal investigators extract data from twelve other encrypted iPhones that may contain crime-related evidence, according to The Wall Street Journal.
The research arm of security company Cylance, SPEAR, has released a report entitled Operation Dust Storm that details cyber-attacks, starting in 2010 and spanning multiple years and vectors, against major industries spread across Japan, South Korea, the United States, Europe and several other Southeast Asian countries.
Symantec has seen several variants of a known ransomware family (Android.Lockdroid.E) that were developed on Android devices using the Android integrated development environment (AIDE). The surge in adoption of these new development techniques has been limited to a small subset of Android ransomware groups. However, the ability to create malware on mobile devices may open up new avenues in the future creation of malware.
The German Interior Ministry has approved for investigative use a spying Trojan developed by the German Federal Criminal Police (a so-called “federal Trojan”). In fact, it could end up being used as early as this week.
A 400 percent surge in tax-related phishing and malware incidents is making this tax season the most treacherous yet for taxpayers. According to an Internal Revenue Service bulletin, this year’s attacks include the tried-and-true email phishing, but also newer forms of attacks that include bogus text messages and attempts to trick people into handing over credentials to third-party tax preparation service accounts.
On Monday, it was disclosed that the child monitoring service had a misconfigured MongoDB installation, which left sensitive details about the children who were enrolled exposed for months. The database exposing the children's records was discovered by researcher Chris Vickery
A Chinese iOS application recently found on Apple's official store contained hidden features that allow users to install pirated apps on non-jailbroken devices. Its creators took advantage of a relatively new feature that lets iOS developers obtain free code-signing certificates for limited app deployment and testing.
In just four hours, researchers were surprised that more than 2,000 users connected to these hotspots based solely on their name (SSID), throwing all security practices to the side just for the sake of free Internet access.