This ‘Dystopian’ Cyber Firm Could Have Saved Mossad Assassins From Exposure
Meet Toka, the Israeli cyber firm founded by Ehud Barak, that lets clients hack cameras and change their feeds – just like in Hollywood heist movies
cyberveille.decio.ch
This ‘Dystopian’ Cyber Firm Could Have Saved Mossad Assassins From Exposure
Meet Toka, the Israeli cyber firm founded by Ehud Barak, that lets clients hack cameras and change their feeds – just like in Hollywood heist movies
Cyber attacks set to become ‘uninsurable’, says Zurich chief
The chief executive of one of Europe’s biggest insurance companies has warned that cyber attacks, rather than natural catastrophes, will become “uninsurable” as the disruption from hacks continues to grow.
Cyber attacks set to become ‘uninsurable’, says Zurich chief
The chief executive of one of Europe’s biggest insurance companies has warned that cyber attacks, rather than natural catastrophes, will become “uninsurable” as the disruption from hacks continues to grow.
Cyber attacks set to become ‘uninsurable’, says Zurich chief
The chief executive of one of Europe’s biggest insurance companies has warned that cyber attacks, rather than natural catastrophes, will become “uninsurable” as the disruption from hacks continues to grow.
Cyber attacks set to become ‘uninsurable’, says Zurich chief
The chief executive of one of Europe’s biggest insurance companies has warned that cyber attacks, rather than natural catastrophes, will become “uninsurable” as the disruption from hacks continues to grow.
Cyber attacks set to become ‘uninsurable’, says Zurich chief
The chief executive of one of Europe’s biggest insurance companies has warned that cyber attacks, rather than natural catastrophes, will become “uninsurable” as the disruption from hacks continues to grow.
Cyber attacks set to become ‘uninsurable’, says Zurich chief
The chief executive of one of Europe’s biggest insurance companies has warned that cyber attacks, rather than natural catastrophes, will become “uninsurable” as the disruption from hacks continues to grow.
Cyber attacks set to become ‘uninsurable’, says Zurich chief
The chief executive of one of Europe’s biggest insurance companies has warned that cyber attacks, rather than natural catastrophes, will become “uninsurable” as the disruption from hacks continues to grow.
Cyber attacks set to become ‘uninsurable’, says Zurich chief
The chief executive of one of Europe’s biggest insurance companies has warned that cyber attacks, rather than natural catastrophes, will become “uninsurable” as the disruption from hacks continues to grow.
Cyber attacks set to become ‘uninsurable’, says Zurich chief
The chief executive of one of Europe’s biggest insurance companies has warned that cyber attacks, rather than natural catastrophes, will become “uninsurable” as the disruption from hacks continues to grow.
Turning Google smart speakers into wiretaps for $100k
I was recently rewarded a total of $107,500 by Google for responsibly disclosing security issues in the Google Home smart speaker that allowed an attacker within wireless proximity to install a “backdoor” account on the device, enabling them to send commands to it remotely over the Internet, access its microphone feed, and make arbitrary HTTP requests within the victim’s LAN (which could potentially expose the Wi-Fi password or provide the attacker direct access to the victim’s other devices). These issues have since been fixed.
Turning Google smart speakers into wiretaps for $100k
I was recently rewarded a total of $107,500 by Google for responsibly disclosing security issues in the Google Home smart speaker that allowed an attacker within wireless proximity to install a “backdoor” account on the device, enabling them to send commands to it remotely over the Internet, access its microphone feed, and make arbitrary HTTP requests within the victim’s LAN (which could potentially expose the Wi-Fi password or provide the attacker direct access to the victim’s other devices). These issues have since been fixed.
zhuowei/WDBFontOverwrite: Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.
Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689. Works on iOS 16.1.2 and below (tested on iOS 16.1) on unjailbroken devices.
zhuowei/WDBFontOverwrite: Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.
Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689. Works on iOS 16.1.2 and below (tested on iOS 16.1) on unjailbroken devices.
Twitter in data-protection probe after '400 million' user details up for sale
A watchdog is to investigate Twitter after a hacker claimed to have private details linked to more than 400 million accounts.
Twitter in data-protection probe after '400 million' user details up for sale
A watchdog is to investigate Twitter after a hacker claimed to have private details linked to more than 400 million accounts.
Twitter in data-protection probe after '400 million' user details up for sale
A watchdog is to investigate Twitter after a hacker claimed to have private details linked to more than 400 million accounts.
Twitter in data-protection probe after '400 million' user details up for sale
A watchdog is to investigate Twitter after a hacker claimed to have private details linked to more than 400 million accounts.
Twitter in data-protection probe after '400 million' user details up for sale
A watchdog is to investigate Twitter after a hacker claimed to have private details linked to more than 400 million accounts.
Twitter in data-protection probe after '400 million' user details up for sale
A watchdog is to investigate Twitter after a hacker claimed to have private details linked to more than 400 million accounts.
Twitter in data-protection probe after '400 million' user details up for sale
A watchdog is to investigate Twitter after a hacker claimed to have private details linked to more than 400 million accounts.
Twitter in data-protection probe after '400 million' user details up for sale
A watchdog is to investigate Twitter after a hacker claimed to have private details linked to more than 400 million accounts.
Twitter in data-protection probe after '400 million' user details up for sale
A watchdog is to investigate Twitter after a hacker claimed to have private details linked to more than 400 million accounts.
ZINC weaponizing open-source software - Microsoft Security Blog
In recent months, Microsoft has detected a wide range of social engineering campaigns using weaponized legitimate open-source software by an actor we track as ZINC. Microsoft Threat Intelligence Center (MSTIC) observed activity targeting employees in organizations across multiple industries including media, defense and aerospace, and IT services in the US, UK, India, and Russia. Based on the observed tradecraft, infrastructure, tooling, and account affiliations, MSTIC attributes this campaign with high confidence to ZINC, a state-sponsored group based out of North Korea with objectives focused on espionage, data theft, financial gain, and network destruction.
ZINC weaponizing open-source software - Microsoft Security Blog
In recent months, Microsoft has detected a wide range of social engineering campaigns using weaponized legitimate open-source software by an actor we track as ZINC. Microsoft Threat Intelligence Center (MSTIC) observed activity targeting employees in organizations across multiple industries including media, defense and aerospace, and IT services in the US, UK, India, and Russia. Based on the observed tradecraft, infrastructure, tooling, and account affiliations, MSTIC attributes this campaign with high confidence to ZINC, a state-sponsored group based out of North Korea with objectives focused on espionage, data theft, financial gain, and network destruction.
ZetaNile: Open source software trojans from North Korea
ReversingLabs Malware Researcher Joseph Edwards takes a deep dive into ZetaNile, a set of open-source software trojans being used by Lazarus/ZINC.
ZetaNile: Open source software trojans from North Korea
ReversingLabs Malware Researcher Joseph Edwards takes a deep dive into ZetaNile, a set of open-source software trojans being used by Lazarus/ZINC.
New RisePro Stealer distributed by the prominent PrivateLoader
PrivateLoader is an active malware in the loader market, used by multiple threat actors to deliver various payloads, mainly information stealer. Since our previous investigation, we keep tracking the malware to map its ecosystem and delivered payloads. Starting from this tria.ge submission, we recognized a now familiar first payload, namely PrivateLoader. However, the dropped stealer was not part of our stealer growing collection, notably including RedLine or Raccoon. Eventually SEKOIA.IO realised it was a new undocumented stealer, known as RisePro. This article aims at presenting SEKOIA.IO RisePro information stealer analysis.
New RisePro Stealer distributed by the prominent PrivateLoader
PrivateLoader is an active malware in the loader market, used by multiple threat actors to deliver various payloads, mainly information stealer. Since our previous investigation, we keep tracking the malware to map its ecosystem and delivered payloads. Starting from this tria.ge submission, we recognized a now familiar first payload, namely PrivateLoader. However, the dropped stealer was not part of our stealer growing collection, notably including RedLine or Raccoon. Eventually SEKOIA.IO realised it was a new undocumented stealer, known as RisePro. This article aims at presenting SEKOIA.IO RisePro information stealer analysis.