Silensec Newsletter

Top News

Uber concealed hack of 57 million accounts for more than a year!

Hackers stole names, email addresses, and phone numbers of 57 million Uber riders around the world in a breach dating back to October 2016. Data on more than 7 million drivers was also stolen, including over 600,000 drivers' license records. Trip records, location data, and social security numbers were not stolen in the breach, the company said.

The company's former CSO kept the hack a secret & paid the hackers $100,000 to delete the data and to keep details of the breach quiet. The breach happened under the watch of former chief executive Travis Kalanick, who knew about the cyberattack. His former deputy, CSO Joe Sullivan, a former federal prosecutor and senior Facebook executive, covered up the breach, the publication reported.

The company confirmed the breach.

Read more...

Firefox to warn users who visit p0wned sites

Do you really want to go there? Mozilla developer Nihanth Subramanya has revealed the organisation's Firefox browser will soon warn users if they visit sites that have experienced data breaches that led to user credential leaks.

Subramanya explained that Mozilla has teamed with haveibeenpwned.com to source data that will warn users.

The feature's not complete, in code or conceptually.

Read more...

Read more...

Top News

Multi-stage malware sneaks into Google Play

Another set of malicious apps has made it into the official Android app store. ESET security systems as identified them as Android/TrojanDropper.Agent.BKY, these apps form a new family of multi-stage Android malware, legitimate-looking and with delayed onset of malicious activity. These malware samples all employ a multi-stage architecture and encryption to stay under the radar.After being downloaded and installed, these apps do not request any suspicious permissions and even mimic the activity the user expects them to exhibit.

Two of most recent samples of Android/TrojanDropper.Agent.BKY were caught downloading either MazarBot, a notorious banking trojan, or spyware.

Given its nature, this downloader can deliver any payload of the criminals’ choice as long as it doesn’t get flagged by the Google Protect mechanism.

Read more...

UK spymasters suspect Russia is using Kaspersky to spy on people

British Intelligence service is reportedly worried that Kaspersky Antivirus offered by Barclays to its customers may be being used by Russian Intelligence agency to spy, according to The Financial Times. Intelligence officials fear that this might allow Russia to gather intelligence from the computers of Government employees members of the military who are customers of the Bank and have downloaded the software. FT said that "No evidence suggests that any data of Barclays customers have been compromised by use of Kaspersky software on their computers."

Read more...

Read more...

Top News

US Federal Court Rejects Global Search Order

After years of litigation in two countries, a federal court in the US has weighed in on a thorny question: Does Google US have to obey a Canadian court order requiring Google to take down information around the world, ignoring contrary rules in other jurisdictions?

According to the Northern District of California, the answer is no. The case is Google v. Equustek, and it's part of a growing trend in which courts around the world order companies to take actions far beyond the borders those courts usually respect.

Read more...

It's 2017 and you can still pwn Android gear with Wi-Fi packets - so get patching now

A security researcher has turned up new ways to silently hijack and infect Android devices via malicious Wi-Fi packets over the air. Scotty Bauer, a Linux kernel developer, described in detail how he found a bunch of exploitable programming blunders in the qcacld Wi-Fi driver that supports Qualcomm Atheros chipsets.

These chips and their associated driver are used in a number of Android phones, tablets, routers, and other gizmos, including some Pixel and Nexus 5 handhelds, for wireless networking.

Read more...

Read more...

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed