Google’s Sensorvault Is a Boon for Law Enforcement. This Is How It Works. Law enforcement officials across the country have been seeking information from a Google database called Sensorvault — a trove of detailed location records involving at least hundreds of millions of devices worldwide, The New York Times found. Though the new technique can identify suspects near crimes, it runs the risk of sweeping up innocent bystanders,… Read More
Post-mortem and remediations for Apr 11 security incident On April 11th we dealt with a major security incident impacting the infrastructure which runs the Matrix.org homeserver – specifically: removing an attacker who had gained superuser access to much of our production network. We provided updates at the time as events unfolded on April 11 and 12 via Twitter and our blog, but in… Read More
A serious hack hit WhatsApp A security flaw in WhatsApp’s audio calling feature let hackers install spyware on iPhones and Androids. The attack is expected to have a limited reach but you should update WhatsApp straight away WhatsApp’s default end-to-end encryption is one of Facebook’s biggest security assets – but even this doesn’t help when the app itself is attacked.… Read More
Google Titan Security Key Recalled After Bluetooth Pairing Bug Google’s Titan Security Key, launched in the U.S. market last August, is a USB dongle that offers an added layer of security features for Google accounts, such as two-factor authentication and protections from phishing attacks. Specifically impacted is the version of the Titan Security Key with Bluetooth Low Energy (BLE) – not the NFC version… Read More
Cisco Service Provider, WebEx Bugs Offer Up Remote Code Execution Cisco is warning of critical remote code-execution (RCE) vulnerabilities in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network (EPN) Manager, which is used by telcos, mobile carriers, cable companies and ISPs to manage their hardware infrastructure. The vendor also issued estimated bug-fix dates for an unpatched, high-severity Secure Boot flaw that was disclosed on… Read More
Forbes Becomes Latest Victim of Magecart Payment Card Skimmer The web skimming script was recently found stealing payment data on the websites of Forbes Magazine as well as seven others. The payment card-siphoning Magecart group has struck again; this time injecting web-skimming scripts into the subscription website for the Forbes print magazine (as well as a slew of others over the past week). The… Read More
Stack Overflow hacker went undetected for a week The hacker who breached Stack Overflow last week managed to access data on user accounts, the company said today in an update on its investigation into a security breach it disclosed last night. The update comes to shed some light into what happened on the company’s servers last week, after Stack Overflow left many users… Read More
Chinese state-sponsored hackers breached TeamViewer in 2016 The German newspaper Der Spiegel revealed that the software company behind TeamViewer was compromised in 2016 by Chinese hackers. According to the media outlet, Chinese state-sponsored hackers used the Winnti trojan malware to infect the systems of the Company. The Winnti group was first spotted by Kaspersky in 2013, according to the researchersthe gang has… Read More
Alpine Linux Docker Images Shipped for 3 Years with Root Accounts Unlocked For three years, some Alpine Linux Docker images have shipped with a root account and no password, opening the door for attackers to easily access vulnerable servers and workstations provisioned for the images. Affected versions of Alpine Linux Docker distros include 3.3, 3.4, 3.5, 3.6, 3.7, 3.8 and 3.9 Alpine Docker Edge, according to Cisco… Read More
Cisco Talos warns of hardcoded credentials in Alpine Linux Docker Images Since December 2015, Alpine Linux Docker images have been shipped with hardcoded credentials, a NULL password for the root user. The NULL password for the root account was included in the Official Alpine Linux Docker images since v3.3. The bug received a CVSS score of 9.8, it affects Alpine Docker versions 3.3 to 3.9, including… Read More