Silensec Newsletter

Category: News

Top News

Here's how hackers could have spied on your DJI drone account

Cybersecurity researchers today revealed details of a potential dangerous vulnerability in DJI Drone web app that could have allowed attackers access user accounts and synced sensitive information within it, including flight records, location, live video camera feed, and photos taken during a flight.

Read more...

Apple T2 security chip in new MacBooks disconnects Microphone when lid is closed

Almost as soon as Apple released iOS 12.1 on Tuesday, a Spanish security researcher discovered a bug that exploits group Facetime calls to give anyone access to an iPhone users' contact information with no need for a passcode.

Read more...

Major Hacks of the Week

689,272 plaintext records of Amex India customers exposed online

Personal details of nearly 700,000 American Express (Amex India) India customers were exposed online via an unsecured MongoDB server.

The huge trove of data was discovered by Bob Diachenko from cybersecurity firm Hacken, most of the records were encrypted, but 689,272 records were stored in plaintext.

The expert located the database by using IoT search engines such as Shodan and BinaryEdge.io.

Read more...

Hacker launches new group for attacking and spreading propaganda

On November 6, 2018, an Islamic State (ISIS) supporter announced the launch of a new online group named “The Caliphate Corps.” The objective of the new group is to hack its rivals’ social media accounts and post ISIS propaganda on them, a practice known as “raiding” in ISIS parlance.

Supporters interested in joining the group were asked to contact a Telegram account.

Read more...

Major Vulnerabilities Disclosed

Unpatched VirtualBox Zero-Day Vulnerability and exploit released online

An independent exploit developer and vulnerability researcher has publicly disclosed a zero-day vulnerability in VirtualBox - a popular open source virtualization software developed by Oracle - that could allow a malicious program to escape virtual machine (guest OS) and execute code on the operating system of the host machine.

Read more...

Solid state of fear: Euro boffins bust open SSD, Bitlocker encryption

Fundamental flaws in the encryption system used by popular solid-state drives (SSDs) can be exploited by miscreants to easily decrypt data, once they've got their hands on the equipment.

The cryptographic keys used to encrypt and decrypt the data are not derived from the owner's password, meaning, you can seize a drive and, via a debug port, reprogram it to accept any password.

At that point, the SSD will use its stored keys to cipher and decipher its contents.

Read more...

Legal, Regulatory and Corporate
Security and Beyond

Facebook, Twitter combat voter suppression on Election Day

Social networks such as Facebook and Twitter were on rumor patrol on Election Day, pulling down misinformation that aimed to discourage US voters from heading to the polls.

Facebook, which recently showcased an election war room, said it deleted posts that falsely claimed that Immigration and Customs Enforcement agents were patrolling polling places for undocumented immigrants.

Read more...

EFF Unveils Virtual Reality Tool To Help People Spot Surveillance Devices in Their Communities

San Francisco - The Electronic Frontier Foundation (EFF) launched a virtual reality (VR) experience on its website today that teaches people how to spot and understand the surveillance technologies police are increasingly using to spy on communities.

Spot the Surveillance, which works best with a VR headset but will also work on standard browsers, places users in a 360-degree street scene in San Francisco. In the scene, a young resident is in an encounter with police.

Read more...

Security Awareness Tip

How to Secure identity against cyber criminals

With major cybersecurity incidents dominating headlines for the past several years, consumers are well aware of the threats they are facing and the basic tips to stay safe online:

  • Give tips for consumers in the data breach era
  • Store passwords in a digital vault
  • Double dip on security checkpoints
  • Get down with biometrics

Learning to outsmart the bad guys in this reality is no different than knowing the perils on the street, and can go a long way in shifting the dial on safeguarding our identities.

Read more...

Silensec Editorial Team

Editor: Dr. Almerindo Graziano
Dr. Graziano is the Silensec CEO. He holds an MSc in Electronic Engineering and a PhD in Mobile Computer Security, both from the University of Naples, Italy. Dr. Graziano has consulted in information security for private and government organisations across Europe, Africa and Middle East over the last 15 years. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor

Vice Editor: George Nicolaou (BSc, MSc)
George Nicolaou (BSc, MSc) leads the Silensec Malware Analysis Lab (MAL). He received his BSc in Computer Science and MSc in Advanced Computing Security from the University of Bath in UK, where he pursued research in malware and vulnerability analysis. For many years George has also been the Head of Research and Development department of the Astalavista Security Community. George is also a frequent speaker at security conferences around the world on advanced malware analysis, reverse engineering and exploit development techniques.

Digital Editor: Salome Omondi (B.Com)
Salome Omondi leads the Silensec Marketing Department. She holds a Bachelors of Commerce and Management from Strathmore University. Miss Omondi publishes the weekly Silensec Newsletter, keeping you up to date with the latest infosec news as well as improving information security awareness.


Please feel free to share this with interested parties via email, and social media. For a free subscription, please subscribe to our Mailing list and feed-image Feed .

For any questions please click on the following contact us link

Silensec Cyprus HQ

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed