The Big Twitter Hack, Critical Windows DNS Server Update, Email Impersonation Attacks

In episode 130 for July 20th 2020: Details on the big Twitter hack which took over high-profile accounts, a major wormable critical vulnerability in Microsoft Windows DNS Server, and how email impersonation attacks take advantage of everyone working fr… Continue reading The Big Twitter Hack, Critical Windows DNS Server Update, Email Impersonation Attacks

Nation-State Espionage Campaigns against Middle East Defense Contractors

Report on espionage attacks using LinkedIn as a vector for malware, with details and screenshots. They talk about "several hints suggesting a possible link" to the Lazarus group (aka North Korea), but that’s by no means definite. As part of the initial compromise phase, the Operation In(ter)ception attackers had created fake LinkedIn accounts posing as HR representatives of well-known companies… Continue reading Nation-State Espionage Campaigns against Middle East Defense Contractors

Bluetooth Vulnerability: BIAS

This is new research on a Bluetooth vulnerability (called BIAS) that allows someone to impersonate a trusted device: Abstract: Bluetooth (BR/EDR) is a pervasive technology for wireless communication used by billions of devices. The Bluetooth standard i… Continue reading Bluetooth Vulnerability: BIAS

Bluetooth Vulnerability: BIAS

This is new research on a Bluetooth vulnerability (called BIAS) that allows someone to impersonate a trusted device: Abstract: Bluetooth (BR/EDR) is a pervasive technology for wireless communication used by billions of devices. The Bluetooth standard includes a legacy authentication procedure and a secure authentication procedure, allowing devices to authenticate to each other using a long term key. Those procedures… Continue reading Bluetooth Vulnerability: BIAS

Google sent ~40K warnings to targets of state-backed attackers in 2019

Google has seen a rising number of attackers impersonating news outlets and journalists to spread fake news among other reporters. Continue reading Google sent ~40K warnings to targets of state-backed attackers in 2019

Google sent ~40K warnings to targets of state-backed attackers in 2019

Google has seen a rising number of attackers impersonating news outlets and journalists to spread fake news among other reporters. Continue reading Google sent ~40K warnings to targets of state-backed attackers in 2019

Revamped HawkEye Keylogger Swoops in on Coronavirus Fears

Emails claiming to be directly from WHO’s Dr. Tedros Adhanom Ghebreyesus offer “drug advice” — and malware infections. Continue reading Revamped HawkEye Keylogger Swoops in on Coronavirus Fears