All about Security, News, Events and Incidents

Discussion in 'Security and Anti-Virus Software' started by AHMED KARAM, Apr 26, 2018.

  1. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    5,631
    Messages:
    18,939
    Likes Received:
    23,312
    Trophy Points:
    931
    How hackers could use smart home devices to spy on you (Marketplace)
    CBC News
    Published on Sep 28, 2018
    Smart home devices are supposed to increase convenience and security, but Marketplace reveals they could actually be making your home, your family and your data more vulnerable, and putting your privacy at risk.


    How hackers take over your accounts using social engineering (Marketplace)
    CBC News
    Premiered Feb 8, 2019
    We reveal how hackers manipulate people, including customer service agents, to give up your personal information to gain access, and take over your wireless services and other accounts. Are the companies doing enough to protect you?
    To read more: https://www.cbc.ca/news/technology/marketplace-social-engineering-sim-swap-hack-1.5009279
     
    Last edited: Mar 12, 2019
    AHMED KARAM and Vasudev like this.
  2. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    5,631
    Messages:
    18,939
    Likes Received:
    23,312
    Trophy Points:
    931
    Chinese hackers strike US universities in bid for military technology
    Prominent names feature on the hacking list.
    By Charlie Osborne for Zero Day | March 6, 2019 -- 12:40 GMT (04:40 PST)
    https://www.zdnet.com/article/chinese-hackers-strike-us-universities-in-bid-for-military-technology/

    "Hackers from China have been conducting a cyberattack campaign against prominent universities in the United States in the hopes of stealing valuable information for military purposes.

    The University of Hawaii, the Massachusetts Institute of Technology (MIT), and the University of Washington are among at least 27 universities which have been targeted worldwide, according to the Wall Street Journal.
    (Continuing the ZDNET article...)
    Accenture Security's iDefense is the source of this claim, made in a new research report due to be published this week.

    The cybersecurity defense unit said the "elaborate scheme" is focused on the theft of maritime technology being developed for military applications.

    Educational institutions in Canada and Asia are also on the target list.

    It is believed that the threat actors behind the campaign have utilized phishing tactics in an attempt to compromise university networks, often by posing as partner universities and institutions.

    The cyberattacks launched against these entities were tracked as their networks were pinging Chinese servers thought to belong to hackers known as Mudcarp, Leviathan, APT40, or Temp.Periscope.

    The group in question is believed to be Chinese, and given the hackers' focus on valuable technology and information of interest to the military, it is possible that Mudcarp is state-sponsored.

    Many of the institutes that Mudcarp has fixated on have ties to US oceanographic research institutes.

    Leviathan has been active since at least 2013. Proofpoint researchers saythat the cyberattackers tend to focus their efforts on maritime industries, naval defense contractors, and university research institutions. However, attacks launched by the group have also been traced back to US shipbuilders in recent years.

    In previous phishing schemes, Leviathan has distributed fake job applications and resumes, as well as an interesting malicious email attachment called "Torpedo recovery experiment." Microsoft Word and Excel documents used in these campaigns contained malware payloads made possible through macros.

    FireEye, which tracks the group as APT40, believes the hackers are state-sponsored and operate "in support of China's naval modernization effort."

    APT40 uses a variety of vulnerabilities in the exploit chain including CVE-2012-0158, CVE-2017-0199, CVE-2017-8759, and CVE-2017-11882...

    While Chinese officials did not comment on the research, in the past, China has staunchly denied any involvement in cyberattacks against the United States or other countries.

    The research comes at a time when diplomatic ties between the US and China are strained. The two global giants have been embroiled in a tit-for-tattrade tariff war, a situation heightened by security concerns relating to Chinese tech firms including Huawei.

    The Trump Administration is considering a ban on 5G equipment by way of an executive order. US federal agencies are already forbidden to purchase Huawei products on the grounds of security, but commercial companies -- at least, for now -- still have the freedom in which to do so.

    Reports suggest that Huawei is preparing to sue the US due to the federal ban, and at the same time, the US Department of Justice (DoJ) has filed criminal charges against Huawei's financial chief, Meng Wanzhou, in relation to the alleged theft of trade secrets."

    Chinese Hackers Target Universities in Pursuit of Maritime Military Secrets
    University of Hawaii, University of Washington and MIT are among schools hit by cyberattacks
    By Dustin Volz, Updated March 5, 2019 5:47 p.m. ET
    https://www.wsj.com/articles/chines...suit-of-maritime-military-secrets-11551781800

    Penn State, More Than 2 Dozen Other Universities Targeted By Hackers
    CBS Pittsburgh
    Published on Mar 9, 2019
    Penn State is one of more than two dozen universities that were reportedly targeted by Chinese hackers.
     
    Last edited: Mar 12, 2019
    AHMED KARAM likes this.
  3. AHMED KARAM

    AHMED KARAM The Strategist

    Reputations:
    2,370
    Messages:
    1,689
    Likes Received:
    3,544
    Trophy Points:
    281
    Windows 10 Now Automatically Uninstalls Updates That Cause Problems
    https://thehackernews.com/2019/03/windows-buggy-updates.html
    [​IMG]

    Do you always think twice before installing Windows updates worrying that it could crash your system or leave it non-working the day after Patch Tuesdays?

    Don't worry.

    Microsoft has addressed this issue by adding a safety measure that would from now onwards automatically uninstall buggy software updates installed on your system if Windows 10 detects a startup failure, which could be due to incompatibility or issues in new software.
     
    hmscott likes this.
  4. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    5,631
    Messages:
    18,939
    Likes Received:
    23,312
    Trophy Points:
    931
    Cool, now MS can introduce MS patented "mistakes" coming or going. :)

    Maybe we can get a nice patch install / uninstall flipping repeating cycle going?

    6 Minutes ago:

    MS Update: Patch time!
    MS De-Update: Nope, not that one!

    MS Update: Patch time!
    MS De-Update: Nope, not that one!

    MS Update: Patch time!
    MS De-Update: Nope, not that one!

    MS Update: Patch time!
    MS De-Update: Remove patches from last 4 minutes...

    1 minute later:

    MS Update: Patch time!

    PC Owner: Game time?

    MS De-Update: Nope, Patch Time!

    :D
     
    Last edited: Mar 13, 2019
    AHMED KARAM likes this.
  5. AHMED KARAM

    AHMED KARAM The Strategist

    Reputations:
    2,370
    Messages:
    1,689
    Likes Received:
    3,544
    Trophy Points:
    281
    On the eve of Patch Tuesday, Microsoft confirms Windows 10 can automatically remove borked updates
    Install. Uninstall. Boot. Repeat

    https://www.theregister.co.uk/2019/03/12/windows_10_auto_uninstall/
    Microsoft has quietly updated a support document to let us know that Windows 10 will have a crack at uninstalling borked updates – just in time for patch Tuesday.
    Windows 10 endures enjoys a near constant stream of updates and patches to, as Microsoft put it, "keep your device secure and running at peak efficiency". This is all well and good, but as a significant section of customers would agree, things sometimes go wrong and a hasty uninstall is required.
    Microsoft has therefore tweaked Windows 10 to spot a recovery from a failed startup (after all, a reboot after a patch seems de rigueur, even in 2019) and bring a hobnailed boot down on the offending update.
    A cheery message saying "We removed some recently installed updates to recover your device from a startup failure" will be shown to the affected users as Windows 10 attempts to fix things by uninstalling recently installed updates.
    The uninstallation only occurs when all other automated attempts at fixing things have failed.
    To stop Windows Update trying to install what Microsoft has delicately described as "problematic" updates again, the borked patches are blocked for 30 days while engineers work on the issue. Then Windows 10 will have another go.
    All editions of Windows 10 enjoy the automated de-borkage according to the support article.
    We contacted Microsoft to check if this functionality would be able to deal with patches that didn't affect startup but still left the OS a sad place to be, such as the recent 1809 update that caused much upset among Destiny 2 players, or whether it could back out the likes of the whiffy firmware inflicted on some Surface Pro 4 owners over the past year, but we have yet to receive a response. ®
     
  6. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    5,631
    Messages:
    18,939
    Likes Received:
    23,312
    Trophy Points:
    931
    Chinese hackers targeting US Navy: Report
    Fox Business
    Published on Mar 12, 2019
    Center for Security Policy President Fred Fleitz and FOX Business foreign policy analyst Walid Phares discuss a report which stated that the U.S. Navy and its industry partners are “under cyber siege” by Chinese hackers.


    China is becoming more dangerous: Rep. Gaetz
    Fox Business
    Published on Mar 13, 2019
    Rep. Matt Gaetz (R-Fla.) discusses the report that the U.S. Navy is “under cyber siege” by Chinese hackers.
     
    Last edited: Mar 14, 2019
    AHMED KARAM likes this.
  7. AHMED KARAM

    AHMED KARAM The Strategist

    Reputations:
    2,370
    Messages:
    1,689
    Likes Received:
    3,544
    Trophy Points:
    281
    FAA says evidence begins to connect Boeing 737 Max 8 crashes


    I saw a movie few years ago that some bad guys were having an advanced system can hack the Airport system. Those were some angry military crew as I remember.
     
  8. AHMED KARAM

    AHMED KARAM The Strategist

    Reputations:
    2,370
    Messages:
    1,689
    Likes Received:
    3,544
    Trophy Points:
    281
  9. AHMED KARAM

    AHMED KARAM The Strategist

    Reputations:
    2,370
    Messages:
    1,689
    Likes Received:
    3,544
    Trophy Points:
    281
    Last edited: Mar 15, 2019
  10. AHMED KARAM

    AHMED KARAM The Strategist

    Reputations:
    2,370
    Messages:
    1,689
    Likes Received:
    3,544
    Trophy Points:
    281
    The Most ANNOYING Windows Feature - UAC

     
Loading...

Share This Page