#XynikResearch

VoltSchemer attacks use wireless chargers to inject voice commands, fry phones

by

February 20, 2024 at 04:05PM Researchers at the University of Florida and CertiK discovered the VoltSchemer attacks, which exploit electromagnetic interference to manipulate wireless charging systems. These attacks can cause smartphones to overheat, damage nearby electronic items, and inject voice commands into device assistants. Security gaps were identified and discussions with charging station vendors took … Read more

Google’s Cloud Run Service Spreads Several Bank Trojans

by

February 20, 2024 at 03:54PM Researchers have identified a concerning increase in the spread of banking malware through abusive use of Google Cloud Run Service. Campaigns have expanded beyond Latin America, with Cisco Talos noting an uptick in such attacks since September 2023. Malicious emails with links to threat-controlled Cloud Run Web services are used … Read more

NSO Group Adds ‘MMS Fingerprinting’ Zero-Click Attack to Spyware Arsenal

by

February 19, 2024 at 09:02AM Enea researcher discovered a new tactic used by NSO Group to deploy Pegasus spyware on mobile devices without user interaction. The tactic, called “MMS Fingerprint,” allows obtaining device details by sending an MMS message, exploiting MMS flow to retrieve device information. The researcher concluded that this could be leveraged for … Read more

Free Rhysida ransomware decryptor for Windows exploits RNG flaw

by

February 12, 2024 at 10:48AM South Korean researchers discovered and publicly disclosed a flaw in Rhysida ransomware, enabling the creation of a free Windows decryptor. This ransomware is known for targeting healthcare organizations and was the subject of a warning by the FBI and CISA for attacks against various industries. The flaw allowed for the … Read more

MacOS Targeted by New Backdoor Linked to ALPHV Ransomware

by

February 9, 2024 at 04:55PM Researchers at Bitdefender have uncovered a new macOS backdoor, Trojan.MAC.RustDoor, linked to the BlackCat/ALPHV ransomware family known for targeting Windows. Written in Rust coding language, the malware masquerades as a Visual Studio code editor update. It has been active for at least three months, gathering and sending data to a … Read more

Decryptor for Babuk ransomware variant released after hacker arrested

by

January 9, 2024 at 11:47AM Researchers from Cisco Talos and the Dutch police obtained a decryption tool for the Tortilla variant of Babuk ransomware, leading to the arrest of the operator. This variant emerged after the original malware leaked. The threat actor targeted Microsoft Exchange servers using ProxyShell exploits. Avast released a decrypter for Babuk … Read more

Kaspersky reveals previously unknown hardware ‘feature’ used in iPhone attacks

by

December 28, 2023 at 10:54AM Kaspersky’s GReAT team uncovered a hidden iPhone feature, exploited through CVE-2023-38606, allowing attackers to evade memory protection. The issue affected iPhones on iOS up to 16.6 and may have been for testing or debugging. The team’s thorough analysis revealed a sophisticated attack vector, demonstrating how even advanced hardware protection can … Read more

Physical Access Systems Open Cyber Door to IT Networks

by

December 20, 2023 at 02:50PM Otorio researchers demonstrated at Black Hack Europe 2023 how attackers can exploit access control systems installed on secure facility doors to gain unauthorized building access and breach internal IP networks. They highlighted vulnerabilities in modern physical access control systems (PACSs), particularly those using the Open Supervised Device Protocol (OSDP), urging … Read more

Volt Typhoon-Linked SOHO Botnet Infects Multiple US Gov’t Entities

by

December 14, 2023 at 05:20PM Lumen’s Black Lotus Labs recently identified the KV-Botnet, a sophisticated Internet of Things (IoT) botnet targeting US government and communications organizations. The botnet infects network devices from various vendors and is connected to the Chinese state-aligned Volt Typhoon threat actor. It features advanced stealth mechanisms and the ability to deploy … Read more

How to give Windows Hello the finger and login as a user on their stolen laptop

by

November 22, 2023 at 05:39PM Researchers have discovered vulnerabilities in Windows Hello’s fingerprint authentication system that allow hackers to bypass the security and login as someone else. The team found flaws in the communication between the software and hardware components of laptops using fingerprint sensors from Goodix, Synaptics, and ELAN. The vulnerabilities vary across different … Read more