Silensec Newsletter

Top News

A Single-Character Message Can Crash Any Apple iPhone, iPad Or Mac

Only a single character can crash your iPhone and block access to the Messaging app in iOS as well as popular apps like WhatsApp, Facebook Messenger, Outlook for iOS, and Gmail.

A potentially new severe bug affects not only iPhones but also a wide range of Apple devices, including iPads, Macs and even WatchOS devices running the latest versions of their operating software.

Like previous 'text bomb' bug, the new flaw can easily be exploited by anyone, requiring users to send only a single character from Telugu—a native Indian language spoken by about 70M people in the country.

Apple was made aware of the text bomb bug at least three days ago, and the company plans to address the issue in an iOS update soon before the release of iOS 11.3 this spring. The public beta version of iOS 11.3 is unaffected.

Since so many apps are affected by the new text bomb, bad people can use the bug to target Apple users via email or messaging or to create mass chaos by spamming the character across an open social platform.

Read more...

New EU Privacy Law May Weaken Security

Many security experts are worried that the changes being ushered in by the rush to adhere to the General Data Protection Regulation (GDPR) law may make it more difficult to track down cybercriminals and less likely that organizations will be willing to share data about new online threats.


Security experts argue that the data in WHOIS records has been indispensable in tracking down and bringing to justice those who seek to perpetrate said scams, spams, phishes and stalkers hence redacting such data in compliance with GDRP will be detrimental!

Read more...

Read more...

Top News

Voter, Bee databases hit with ransomware attack

According to report by security expert Adam Ashton, two Sacramento Bee databases on a 3rd-party computer server were seized last month by an anonymous hacker who demanded The Bee pay a ransom in Bitcoin to get the data back.

The intrusion, which was discovered by a Bee employee last week, exposed one database containing California voter registration data from the California Secretary of State and another that had contact information for 53K current and former Bee subscribers who activated their digital accounts prior to 2017.

Read more...

Hackers can remotely access adult toys compromising at least 50.000 users!

Multiple vulns were FOUND in "Vibratissimo" sex toys cloud platform.

They compromised data protection, privacy and also the physical safety of their owners.

The database pertaining all customers data was accessible via internet in such a way that explicit images, chat logs, sexual orientation, email addresses and passwords in clear text were compromised.

Researchers recommend a complete update in software, mobile applications and that users to change their login information.

Read more...

Read more...

Top News

Is ICEMAN behind the malware-based attack on Crystal Finance Millennium?

Iceman gang member confirms that they are behind the introduction and spreading of malware that infected the systems at Crystal Finance Millennium.

In Septemeber security experts reported that the Ukraine based Account Firm, Crystal Finance Millennium (CFM), had been hacked and was found to be distributing malware.

The incident caused the firm to take down its website to stop spreading the threat.

Read more...

South Korea warns of flash Zero-Day flaw exploited by North Korea in surgical attacks

South Korea's Internet & Security Agency (KISA) has warned of a Flash zero-day vulnerability that has reportedly been exploited in attacks by North Korea's hackers.

According to the alert published by the KISA, the vulnerability affects the latest Flash Player version 28.0.0.137 and earlier. The zero-day vulnerability could be exploited by an attack by tricking victims into opening a document, web page or email containing a specially crafted Flash file.

According to researchers the Flash Player zero-day has been exploited by North Korea since mid-November 2017.

Read more...

Read more...

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed