Lifeboat Foundation

Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices.

According to security engineer Andy Nguyen, the three flaws — collectively called BleedingTooth — reside in the open-source BlueZ protocol stack that offers support for many of the core Bluetooth layers and protocols for Linux-based systems such as laptops and IoT devices.

Continue reading “Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices” »

Days after the first malware targeting Apple M1 chips was discovered in the wild, researchers have disclosed yet another previously undetected piece of malicious software that was found in about 30000 Macs running Intel x86_64 and the iPhone maker’s M1 processors.

However, the ultimate goal of the operation remains something of a conundrum, what with the lack of a next-stage or final payload leaving researchers unsure of its distribution timeline and whether the threat is just under active development.

Calling the malware “Silver Sparrow,” cybersecurity firm Red Canary said it identified two different versions of the malware — one compiled only for Intel x86_64 and uploaded to VirusTotal on August 31, 2020 (version 1), and a second variant submitted to the database on January 22 that’s compatible with both Intel x86_64 and M1 ARM64 architectures (version 2).

Developers for Apple’s platforms are being hacked through importing shared Xcode projects infected with malware.

Researchers from SentinelOne detailed the growing trend after discovering a macOS malware dubbed XcodeSpy.

“Threat actors are abusing the Run Script feature in Apple’s Xcode IDE to infect unsuspecting Apple Developers via shared Xcode Projects,” the researchers explained.

A new spear-phishing campaign is targeting professionals on LinkedIn with weaponized job offers in an attempt to infect targets with a sophisticated backdoor trojan called “more_eggs.”

To increase the odds of success, the phishing lures take advantage of malicious ZIP archive files that have the same name as that of the victims’ job titles taken from their LinkedIn profiles.

“For example, if the LinkedIn member’s job is listed as Senior Account Executive—International Freight the malicious zip file would be titled Senior Account Executive—International Freight position (note the ‘position’ added to the end),” cybersecurity firm eSentire’s Threat Response Unit (TRU) said in an analysis. “Upon opening the fake job offer, the victim unwittingly initiates the stealthy installation of the fileless backdoor, more_eggs.”

Data affecting more than 500 million Facebook users that was originally leaked in 2019, including email addresses and phone numbers, has been posted on an online hackers forum, according to media reports and a cybercrime expert.

“All 533000, 000 Facebook records were just leaked for free,” Alon Gal, chief technology officer at the Hudson Rock cybercrime intelligence firm, said Saturday on Twitter.

He denounced what he called the “absolute negligence” of Facebook.

A user in a low level hacking forum has published the phone numbers and personal data of hundreds of millions of Facebook users for free online.

The exposed data includes personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. It includes their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and — in some cases — email addresses.

Insider reviewed a sample of the leaked data and verified several records by matching known Facebook users’ phone numbers with the IDs listed in the data set. We also verified records by testing email addresses from the data set in Facebook’s password reset feature, which can be used to partially reveal a user’s phone number.

Cybersecurity specialists report that Intel is facing a class action lawsuit for violating an anti–wiretapping law in the state of Florida, US. The plaintiffs argue that the company hid software on its website that allowed it to record users’ keystrokes and mouse movements without their express consent.

This is a new case of practice known as session replay, used by multiple companies to take detailed records of how their users interact with their websites, involving the capture of mouse movements, clicks and information queries on the page visited.

Continue reading “Intel’s website records and tracks keystrokes, mouse clicks, and user cursor movement” »

Brown University is facing a cyberattack that has forced the school to shut some systems down — in an event that Brown is calling an “utmost priority.”

Jack Wrenn, a fifth-year doctoral candidate, said that official information was still “frustratingly scant” as of Wednesday night.

Wrenn provided a timeline as to what he understood transpired, and when the university community was notified.

Cyber-security companies are warning about the rise of so-called ‘extortionware’ where hackers embarrass victims into paying a ransom.

Hacked firm’s IT Manager named and shamed by hackers in extortion technique.