Silensec Newsletter

Top News

Hackers can steal your BRAIN WAVES

Behold the future: attackers can already get between brain-waves and hospital kit, and it's just going to get worse according to IOActive senior consultant Alejandro Hernández. Hernández says the ability to steal, manipulate, and replay brain waves used in electroencephalography (EEG) is already emerging, with consumer-grade kit already able to be hacked and the health care industry taking few precautions to properly protect recorded brain waves.

The hacker demonstrated at the BruCon conference last week a live man-in-the-middle attack on his own brain signals using the unsupported but still very widely used open-source EEG NeuroServer package. Read more...


“USB Killer” flash drive can fry your computer’s innards in seconds

USB sticks have long been a mechanism for delivering malware to unsuspecting computer users.

A booby-trapped flash drive, for instance, was the means by which the US and Israel reportedly infected Iran's Natanz uranium enrichment facility with the Stuxnet worm. And, in case anyone thought USB stick attacks had lost their novelty, last year's Bad USB proof-of-concept exploit delivered a highly programmable attack platform that can't be detected by today's defenses. Read more...



Top News

Cops must get a warrant before raiding phones, email, etc

California has passed a law requiring police to obtain a warrant before searching phones, tablets, and other electronic devices, and accounts in cloud services, too.

Governor Jerry Brown on Thursday signed off the Electronic Communications Privacy Act (ECPA) to require a search warrant for electronic searches. The law means cops will now need to obtain a warrant from a judge in order to retrieve electronic information, including emails, texts, and locational data, on a device or from a hosted service provider. Read more...


iPhone Malware Is Hitting China. Let’s Not Be Next!

Over just the last month, Chinese iPhone and iPad owners have been hit with two distinct iOS mass malware infections. Unlike previous spates of iOS-targeted malware, many of those victims hadn’t jailbroken their phones to install unauthorized apps.

The two back-to-back attacks—one far more sophisticated than the other but both unprecedented in iOS’s history—suggest that complacent iPhone users around the world could be in for the same nasty shock. And if they are, how can they avoid the mistakes that led to China’s outbreaks? Read more...



Top News

Patreon attackers drop data, expose users

 The attackers that compromised Patreon have dumped the data on various bin sites.

It's perhaps a small irony that one of the dumps has landed on Mega, the Kim Dotcom-founded file-store that calls itself “The Privacy Company”. With 15 GB of data in the drop, there could be a lot of personal details in the leak (Vulture South is happy to leave it to others to pore over the data). Since site source code is apparently included among the compromised data – as Patreon explained, the data leak happened because a debug version of the site ended up outside the firewall – there's a risk that the site's code might help attackers recover the bcrypt-hashed data. Read more...



VBA malware is back!

 VBA malware is far from dead. In fact, as Sophos researchers recently noted, approximately 50 to 100 new VBA malware samples are spotted each day.

For those who don't know, VBA (Visual Basic for Applications) is Microsoft's implementation of Visual Basic that's built in many of its software, including its Office suite, and is used for automating tasks. Unfortunately, if the VBA code is malicious and is inserted in, for example, a Word file, it will execute automatically once the file is opened.




Silensec Cyprus HQ

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed