Security Alerts & News
by Tymoteusz A. Góral

#265 Mousejack attacks abuse vulnerable wireless keyboard, Mouse dongles
Researchers at Bastille Networks today said that non-Bluetooth devices from seven manufacturers including Logitech, Dell and Lenovo are vulnerable to so-called Mousejack attacks that would allow a hacker within 100 meters to abuse this attack vector and install malware or use that machine as pivot point onto the network.
#264 Justice Department wants Apple to extract data from 12 other iPhones
The U.S. Department of Justice is pursuing additional court orders that would force Apple to help federal investigators extract data from twelve other encrypted iPhones that may contain crime-related evidence, according to The Wall Street Journal.
#263 Japan's critical infrastructure under 'escalating' cyber-attack
The research arm of security company Cylance, SPEAR, has released a report entitled Operation Dust Storm that details cyber-attacks, starting in 2010 and spanning multiple years and vectors, against major industries spread across Japan, South Korea, the United States, Europe and several other Southeast Asian countries.
#262 Lockdroid ransomware variants created directly on Android mobile devices
Symantec has seen several variants of a known ransomware family (Android.Lockdroid.E) that were developed on Android devices using the Android integrated development environment (AIDE). The surge in adoption of these new development techniques has been limited to a small subset of Android ransomware groups. However, the ability to create malware on mobile devices may open up new avenues in the future creation of malware.
#261 German police allowed to use its own “federal Trojan”
The German Interior Ministry has approved for investigative use a spying Trojan developed by the German Federal Criminal Police (a so-called “federal Trojan”). In fact, it could end up being used as early as this week.
#260 New Silverlight attacks appear in angler exploit kit
Exploits for a vulnerability in Microsoft Silverlight have found their way into the dangerous Angler Exploit Kit a little more than a month after it was patched.
#259 IRS Warns Tax-Related Phishing, Malware Surging
A 400 percent surge in tax-related phishing and malware incidents is making this tax season the most treacherous yet for taxpayers. According to an Internal Revenue Service bulletin, this year’s attacks include the tried-and-true email phishing, but also newer forms of attacks that include bogus text messages and attempts to trick people into handing over credentials to third-party tax preparation service accounts.
#258 Google takes on Facebook messaging: New Android push aims at richer SMS
Google and a group of the world's largest telecoms providers are teaming up on an Android initiative to accelerate Rich Communications Services (RCS) adoption.
#257 database error exposed sensitive information on 1,700 kids
On Monday, it was disclosed that the child monitoring service had a misconfigured MongoDB installation, which left sensitive details about the children who were enrolled exposed for months. The database exposing the children's records was discovered by researcher Chris Vickery
#256 Chinese devs abuse free Apple app-testing certs to install pirated apps
A Chinese iOS application recently found on Apple's official store contained hidden features that allow users to install pirated apps on non-jailbroken devices. Its creators took advantage of a relatively new feature that lets iOS developers obtain free code-signing certificates for limited app deployment and testing.
#255 Airport Experiment Shows That People Recklessly Connect to Any Open WiFi Hotspot
In just four hours, researchers were surprised that more than 2,000 users connected to these hotspots based solely on their name (SSID), throwing all security practices to the side just for the sake of free Internet access.
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12